undefined | Better HN

0 pointslondons_explore4y ago0 comments

I wonder how many times ransomware has gotten into Google/Amazon's employees laptops?

Having 100k employees, most of whom have admin access to their own machines (cos developer) has got to make it almost impossible to stop it happening.

0 comments

babelfish4y ago

I have a friend who works at G that told me shortly after he started working there, he accidentally typed some portion of his password into another website, at which point his laptop immediately locked down and he was forced to change his password before doing anything else.

tremon4y ago

Are you implying Google had his password stored in reversible form?

londons_exploreOP4y ago

This is what OP is talking about:

https://chrome.google.com/webstore/detail/password-alert/noo...

And yes, it does store a hash of the password on the local machine, although I suspect it's only a 32 bit hash or something so you can't 'crack' it to recover the original password.

weird-eye-issue4y ago

Nothing about the comment that you replied to would require them to store their password in "reversible form"

1 more reply

awwaiid4y ago

Maybe they keylog and incrementally hash everything including password subset? Seems implausible.

paxys4y ago

If there's ransomware on an employees's laptop you simply throw it away and give them another one. And have them go through a lot of security training after.

beermonster4y ago

Assuming they were the weakness. It might be that patching velocity was the reason the laptop became infected. Where I work that is managed via patch management software not the end-user.

j / k navigate · click thread line to collapse