Ransomeware Attacks and My Best Practices

I’ve been thinking a lot lately about ransomware attacks.  That is, when a virus infects your computer and encrypts all your files.  Then, you get a notice that says if you pay a certain amount of money you will get access to your files.  I gather it’s the most common malware out there right now.  You can read more about what ransomware is here:

https://en.wikipedia.org/wiki/Ransomware

I’ve recently read multiple consumer articles on how to best protect yourself and I believe most of what I read is just wrong.  Those articles say things like you can recover files that have not been encrypted yet if you catch it early, cloud is a good solution because the ransom ware can not infect the cloud.  I call BS on that.

I assume ransomware is going to install itself on your computer and lie dormant for months so that all your backups to the cloud will ultimately have unusable data on them.  I also believe ransom ware will go after all your drive shares and if you are backing up to a local hard disk through an unprotected share, that will get targeted also.

Here is what I am doing.

  • I use Acronis and have two backup schemes that both go to NAS (network attached storage).  One uses ftp and the other uses a username password unknown to my normal windows explorer.
  • I use Dropbox and have bought packrat which stores my backup history forever.  I believe that way I always have a backup though it may be very old
  • I run WebRoot virus protection to minimize exposure though I know this does not stop zero day attacks.  I’m hoping it stops most attacks though and since I’m not a huge target to the bad guys this is likely enough.
  • I feel like this is as much as I can do.  HTH’s.

Best Regards in Paranoia, -Peter

Using Type T for making C# Method Calls More Flexible

I often find myself getting lazy and making multiple entry points for a method when I really should spend an extra 30 seconds and use the Type T pattern in C#.  Below are the two calls I had and when I started writing the one that returns int, I decided enough was enough.

private static bool GetWorkshopTopLevelPropertyBool(JToken jToken, string attr2)
{
    return jToken["workshopResults"][attr2].Value();
}

private static string GetAttendeeInfoString(JToken jToken, string attr)
{
    return jToken["attendeeResults"][attr].Value();
}

Here is the generalized verison of the same code but only has to be written once.

private static T GetAttendeeInfo(JToken jToken, string attr)
{
    return jToken["attendeeResults"][attr].Value();
}

HTH’s

Parsing NewtonSoft JToken Inside WebAPI Call

One of the simplest ways to POST data from a JavaScript app (such as Angular or JQuery) to a Microsoft ASP.NET WebAPI endpoint is simply to post JSON data.  There is a lot of magic that happens to try and match up the POST data you are calling with to the WebAPI call and it often feels like there is no reason why some calls work and some don’t.

My experience is that it’s easier to just process generic JSON on the WebAPI side and not worry about the shape of the data until after it arrives on your WebAPI endpoint.  Darrell Miller has a very helpful article that demystifies that data and give a very clear way to get that JSON to your WebAPI endpoint as a NewtonSoft JToken.  Darrel leaves out what to do with the JToken so I thought I’d fill in some of those details.

Here is the WebAPI code from Darrell’s article that you can use to get JSON into your WebAPI endpoint:

Let me give an example of processing the jsonbody which is JToken.  It’s actually pretty simple if you use c# indexers.  My example is pretty ugly with goofy variable names but it is what I used just to understand how to parse it. Obviously you’d never use code like this in production but it’s pretty clear what really needs to be done from this.

Here is some basic JSON to parse:

And here is the code to parse the JToken

HTH’s!

My Pluralsight ASP.NET Multi-tenant Course in Top 10

Two weeks ago my 4th course on Pluralsight released and for the past few days it has been in the top 10.  If you have not had a chance to look at it, check it out.  I’m particularly proud of the introduction which has flying super hero’s!

bigcloudheros

Check it out the intro here

And the full course here.

top8a1

Plugin by Social Author Bio

Follow

Get every new post delivered to your Inbox

Join other followers: