In principle it's super easy to detect, encrypted files look like random data an... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Houshalter on Oct 31, 2016 \| parent \| context \| favorite \| on: The No More Ransom Project In principle it's super easy to detect, encrypted files look like random data and it's unlikely users would be replacing every file with random data on purpose. Its a never ending war though. If you got enough users to do this, the hackers would then switch to encryption that mimics what normal files look like to fool the detector.

noja on Oct 31, 2016 [–]

Most users never start writing to all the files on their disk, why can't a rate limiter and warning kick in if that happens?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact