NYT Reports Porn Spam Hijacking Network

twitter writes "This NYT story describes how thousands of PCs have been used as porn spambots and reverse proxy servers, and mentions that they could be used for kiddie porn. Finally, though Microsoft is not mentioned, people might start to understand what a monoculture of poor quality software enables."

Monoculture it is, but...

[Bendy+Chief]

Isn't there also a responsibility that computer users need to take, given their connectivity these days? If we need certification to operate potentially dangerous complex machinery, why not some minor courses on basic security so you don't have Cleatus and Grandma saturating the world in spam?

I guess that's pretty authoritarian, and there are better ways to beat spam. Still... the elimination of the luser is a shining grail for us all, no? ;)

Broadband providers are partially at fault

[reimero]

In my experience, end-users who are not tech-savvy have little real understanding of online security practices: they tend to ignore basic things such as updating antivirus dat files because they don't know or don't understand. And from my own experience, I know that broadband providers are more interested in pitching all their cool features than they are in educating users how to be safe. Seriously, how hard would it have been for my ISP to have included a Sygate or ZoneAlarm trial on the install CD they had to send out anyway?
What kills me is that it's in the ISP's best interests to encourage safe computer habits, and they don't really emphasize that.

These things really are problems

[amishgeek]

I deal with Starband (Satellite Internet for those unfamiliar), and Have seen problems with spambots/pornbots like this. People get infected with them, and they start spamming.

Here's the thing though, with StarBand, they have an auto-imposed limit of around 500mb/week upload, and if you go over it, you are automagically shut off for a few days. The problem with this, and I have seen it happen, is that the Spam/Pornbots can infect a Starband Customers computer, and easilly make them go over their weekly 500mb upload limit. Thus causing them to lose their internet connection.

This poses a real problem, not only for the end user (The people I deal with are all in the far reaches of Northern Minnesota where Satellite Internet is the ONLY broadband option) but also for the ISP's. Its viruses/bots like this that make it even more necessary for legislation to fight spam.

The writers of the Bots would be the spammers, not the owners of the infected systems. Just because I borrow your car to deliver the paper, does that mean that in reality, you delivered the paper because it was YOUR car?

-I may not me amish, but I am a geek!-

Re:FUD

[Zocalo]

Unfortunately, it's not FUD. Recently I've been receiving *huge* amounts of spam, vastly more than normal, and decided to take a closer look at what was being filtered out. There are some very obvious patterns in the extra spam:

• It's pretty much all pornographic or for "enhancement" products.
• The content is very similar - it's clearly the same small set of spams run through a hack to "randomise" the sender and basic subject/content details.
• The originating IPs are *all* assigned to Windows boxes where I could sufficiently NMAP them.
• WHOIS records almost always point to home/SOHO networks; I only found one corporate IP block in around 100 IP lookups.
• There are no SMTP smarthosts being used - it's going direct from a Windows box to my SMTP gateways. Outlook *cannot* do this, so it's coming from malware with a dedicated SMTP engine.
• I've also been seeing a huge increase in the amount of macro viruses inbound - just a guess, but it's probably the bot trying to propogate itself.

Couple this with the 500Mb/s DDoS attack on SpamCop over the last few days and the picture is fairly clear. Someone is thumbing their nose at the US/EU attempts to legislate against spam and sending a message loud and clear. If the antispam community cannot find and nail the person or persons responsible for this, then the eventual legislation is going to have no effect what-so-ever.

So. We have 500Mb/s+ of bandwidth being used in a DDoS, anyone's guess going on the actual spam, kids undoubtably seeing hardcore porn and computers being deliberately compromised and abused. Tell me again that spammers have a right to free speech and it's a victimless crime that doesn't cost anyone anything? They have a right to be force fed Hormel products until they explode like the Glutton in Seven if you ask me.

There are significant differences...

[expro]

I cannot speak for later versions of Windows since I stopped using them, but I never saw a version of windows that does not force you to completely log off and back on to access privileged functions, encouraging people to run with privileges on all the time, because they cannot just enter the password for privileged activities. Su does not exist, nor does sudo.

Most other modern versions of OS's are significantly better (Lindows early versions were an exception). Just having su and sudo is much better.

OSX has no root enabled by default, and relies on sudo to limit elevated privileges to single operations.

GNU/Linux/XFree86 systems typically give warnings when the user logs in to the window manager as root, give a limited environment with a red background, etc., and on the other hand make it easy for the user to run without elevated privileges most of the time.

And the monoculture is also inherently less even if everyone were to use Linux, because the licensing allows significant derivitive / deviant branches.

Claiming that Linux would be no better if it were as successful as Windows ignores facts.

This is just the tip of the iceberg. I have been on an email team faced with the question, do we allow contents to auto-execute, which actually thought about the problem before blindly implementing it, unlike Microsoft.

Re:Heh

[bmj]

It isn't elitist to say that computers are fairly unique and complex devices. Just because everyone uses one now, improperly for the most part, doesn't mean they should or even can magically becomes television sets with six buttons on the front.

Good point...but...then they shouldn't be sold as such. If you're going to market your computer/operating system as "easy enough for grandma to use" then it better be easy enough for grandma to use.

Products will have a development cycle that gradually make them more and more user friendly. Remember programming with punchcards? Remember the days before UIs? Computers are very much like cars and toasters and VCRs. All you're showing is an elitist attitude. You are obviously a smart person (and I don't say that sarcastically), and you enjoy having a complex machine to work with. Great. But you make up about 5% of the demographic that most software and hardware companies are designing their products for.

There is a place for complex software...there's also a place for simple software that works as advertised. There _will_ be a computer with six buttons on the front sooner rather than later, because that's what the general population wants. Not everyone is a hacker, and like I said, most companies in the industry aren't getting their profits from hackers like you (or me).

By your logic, a VCR should be just as simple to use a shampoo bottle, and thus, so should computers.

Perhaps a bit of overstatement there, eh? I don't expect my shampoo bottle to safely connect to the internet and send email. But if I purchase an operating system that claims it does that, it should do it. I don't need to understand the engineering behind the top of shampoo bottle to open it. Nor do I need a degree in electrical engineering to play a VHS tape. So why should I have to be hacker to safely send and receive emails?