Talk:Ransomware (malware)

From Wikipedia, the free encyclopedia

This article seems to place an undue emphasis on public key cryptography: there is no particular need for anything so advanced to be used to create ransomware that will be effective in current real-world environments: or indeed for ransomware to work as advertised at all, if the goal is only short-term extortion.

Having said which, since prepackaged asymmetric crypto is so easily available in current environments, it's an obvious way to do it. The main technical challenges for the ransomware criminal are not performing the technical task of encryption and decryption, but maintaining the credibility of their threat of permanent data loss and promise of timely and reliable data recovery, and getting away with the payment without being caught, both of which require communication. -- Karada 12:02, 23 July 2007 (UTC)

Actually, the public key is used to encrypt the data being held for ransom, not the communcations, or at least not only for the communications, and the purpose seems more to avoid sending decryption keys in the program since one could then disassemble the program and obtain the keys. 170.215.65.87 (talk) 04:40, 28 May 2008 (UTC)