A data cloud backup loss should be fine, because it’s a backup. Just re-up your local backup to a new cloud/second physical location, that’s the whole point of two.
I don’t see a need to run two conccurent cloud backups.
In this case, it is not you -as a customer- that gets hacked, but it was the cloud-company itself. The randomware-gang encrypted the disks on server level, which impacted all the customers on every server of the cloud-provider.
Yeah absolutely, but tonyou as an individual , it’s the same net effect of your cloud backup is lost. Just re-up your local backup to a different cloud provider.
The issue is not cloud vs self-hosted. The question is “who has technical control over all the servers involved”. If you would home-host a server and have a backup of that a network of your friend, if your username / password pops up on a infostealer-website, you will be equaly in problem!
Still the exploit is easier to avoid compared to windows viruses and stuff. Even with the linux popularity increasing there is already out there good solutions to prevent this kinda stuff like have SELinux installed, use firejail to run suspicious files, use proxies to visit weird sites (you can use proxychains + tor, a bit overkill but works if you don’t have a local proxy), etc.
Not to mention that one of the attack vectors of this exploit requires using a systemd feature which is the sysnetd which isnt going to work on other init systems. Reason why a lot of times minimalism can be superior to just having all the features + unnecessary ones out of the box.
When it comes to location tracking and many other things, data retention and use policies are just a useful distraction from the real problem which is that they're able to collect the data at all.
bleepingcomputer.com
Active