Infected PCs for Rent
prostoalex writes "UK authorities are raising concerns about entire networks of infected and compromised PCs (BotNets) being available for sale or rent to the highest bidder. The Register quotes a detective from Hi-Tech Crime Unit saying 'The trade of BotNets of compromised machines is becoming an industry in itself. Organised crime is making use of this industry.'"
This is exactly the same sort of problem that happens in the world of prostitution: pay your "rent", get a disease.
Don't blame Durga. I voted for Centauri.
If you can sell it, you can get stung selling it. This may be the sort of thing that law enforcement agencies need in order to start busting people.
Now, if we just BLOCK connections from windows boxes to our machines except for (say) WWW or DNS, then our lives are better. pf (in openbsd and now freebsd 5) can do it.
Me? I'm pulling IPv4 stakes up. Only been spammed once by someone with an IPv6 address.
While it is deplorable that it takes criminal action (or porn) to move technologies to the forefront, it does happen. This, to me, seems like the famed "Grid Computing", and whilst stopping criminals, I hope law enforcement learns enough to pass the knowledge on so that others can use it for legitimate computing.
Find out about the Lexus Rx400h Hybrid!
How? Am I confused by think of organised crime like the New York or Russian Maffia.
The scope of this is huge - true - I'm no industry player or top level developer - but still - we can all see the scope of this.
distributed applications are the killer app of the internet - XAML, .net, Java - all buzzwords. Grid computing - thanks to Oracle - The Internet - so much scope it created the biggest financial bubble in the history of capitalism.
Now - the corporates (MS?) are getting so inept that criminal gangs are stealing our future off us. Please - let's start stopping them.
i'm trying to give up sigs.
There is a limit to that I think. Think of it in terms of cars. Imagine buying a car from a major car manufacturer only to find out that every month you'll need to bring it in to the shop and have a few problems with it fixed. While they don't charge you to fix the car, it sure gets annoying and makes you wonder about the overall quality of their products. What's worse is when one of these problems appears before there is a fix and causes you to have a wreck and die, hurt someone else, etc.
Anyway that analogy can go on forever, but you should be able to see the point. MS has a responsibility to put out reliable, secure software just as much as Ford, Mazda, whatever has to put out safe, reliable vehicles. The patch-as-you-go thing doesn't cut it, and it's made obvious by things like this botnet problem.
Isn't that like saying we should blame the dumb shit who doesn't install an anti-theft device in his/her car? Or the auto makers for not making it standard?
A thief is a thief. An extortionist is an extortionist. A duck is a duck.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
As much as I'd like to blame Microsoft for creating the security holes in the first place, no ammount of patches can make up for a user who won't keep his machine secure. I don't think he'd be so complacent if one day he found someone had deleted his files, erased his hard drive etc.
I want legislation to make it legal and justified. I see it as self defense
Yes and no. It wouldn't work. You are giving way too much power to a group that already has too much power. The good effects would be far out wieghed by the negative. Soon after something like this was passed it would be seen as an intrusion of electronic rights, which to some degree it would be. Good on paper, bad in practice. Oh hum, back to the drawing board.
If we don't make light of everything, we are just stumbling in the dark - Blank
Reaching out and clobbering computers is exactly the same thing that the RIAA wants the legal power to do.
The only real solution is an ISP-side one. The ISP says, 'If your computer is spewing out malware broadcasts, we have the obligation to kick you off the internet and then help you clean up your computer. If something happens, contact our customer care department or go to the other ISP down the street.' Yes, it inconveniences users but I'd rather see some users inconvenienced than Big Government give legal power to ANYONE to clobber a node without recourse.
"I am an Adept of Tantric VAX."
But that's the point. They won't do that. Instead of having the one time small pleasure of torturing ONE imbecile, they'd rather use him as part of their undead legions, who can smite anything on the Net that even looks funny at them. His pc is far more interesting as a launch platform for attacks against people who do try to secure their networks and who (usually) DO have something worthwhile to attack. Morons like this are quite a bit more rare than 'normal' people, who will try to protect their pc's even if they fail utterly at it in practice.
Me leaving my car door unlocked is not an invitation or implicit permission for you to help yourself to the stereo.
Dumb, maybe, but you are still on the wrong side of the law when you take it.
This is the royal you, of course.
Which is why there's a case to be made for producing malware that's really mal. Perhaps even grand mal.
In a weird sort of left-handed logic, certain people would be doing the computing community at large a MAJOR favor if only they'd take the time to write viruses, worms, and trojans that would be so kind as to format hard drives!
Is it fascism yet?
Well, that's the problem. People don't want to know about viruses, trojans, zombies, etc. They want their desktop. They want their applications. They want it to "just work."
Consider the phone. People just want to be able to pick up the receiver, dial the number, and talk to their friend/family/co-worker/etc... They don't want a phone switch in their house, sitting under their desk. They don't want all of the burdens involved in maintaining complex hardware.
I'm willing to bet that the first person/company who can provide people with a computing experience without a computer stands to make a lot of $$$. If they can provide the system maintenance, installation of applications, protection from viruses, protection from hardware failure - they will be able to open a huge market, and cash in.
This is where I think Linux will prove pivotal, because this is where we lead Microsoft. Our thin client paradigm is so different, that we lead in many areas. Consider how Microsoft does thin clients - 256 colors only, 800x600 max, 8 fps - all rendered on the terminal server where the "picture" of the desktop is sent down the wire to the thin client who displays the "picture" and sends feedback of mouse clicks and key presses to the terminal server. Linux, and X, render everything on the X terminal, and send back and forth on the pipe application information. What does this all mean? You can play quake 3 on a linux X terminal but you couldn't on a Microsoft solution. And it would take YEARS to fix that gap. We lead here, and we could exploit it if we jumpped on this opportunity.
Did I say World Domination? Oops...now you all know my plans...
I haven't lost my mind!
It is backed up on disk...somewhere...
While I would have agreed with you a few years ago, the problems are so frequent and the mass userbase so non-technical, that blaming the user just doesn't cut it. Many users DO update their software / AV yet still get hit. At some point the manufacturers of software need to take more responsability. Someone can take home a brand new Dell, plug it in, connect to the internet, and before the first patch gets downloaded end up with a worm. It's fast, damn fast. If you're going to make grandma or little Johnny your target market, then you damn well better make sure that the product is shipped secure to begin with, and maintains itself.
Which is exactly why MS machines should update themselves automatically by default. Power users can turn that off. Considering that the average user of XP Home is totally clueless, MS needs to take the higher ground. They know better.
He'll care when there is kiddy pr0n on his computer that was put there by a hijacker and he takes the heat.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
Blocking incoming connections won't help terribly much when the backdoor is a bot that connects to an irc channel and receives its commands from there.
I would flash the BIOS, myself. Then they're *REALLY* fucked. Wipe the FAT (or whatever the new windows FS is) for good measure as well. Maybe that "HEY EVERYONE, IM LOOKING AT GAY PORNO" every other reboot would be good as well (if you don't feel like flashing the BIOS).
These days I don't even understand why viruses are illegal. You have to type in a *password* in order to be infected (the file is encrypted to avoid scanners). That sounds like consent to run to me (bye BIOS).
My other car is first.
Or simply a pop-up window that says:
"This is a Virus. If You do not click Cancel in the next 30 seconds, You computer will be formated!"
And went the user click cancel, present them an explanation on WHY this happened. Or something like that... Something with REAL infection-properties, but with only purpose to SCARE the user...
I live in Soviet Canuckistan you insensitive clod!
Here's a solution. Enact a policy that allows you to block all traffic to *and from* any machine you detect to be infected until that machine has been fixed. Block it at the router nearest them, and only allow traffic to and from your local mirror that has all necessary fixes on it.
Believe me, people will get their machines fixed pretty quick smart when they can't get at their IM, porn, warez and mp3s until they do.
When I play BZflag, if you do certain activities too often (teamkilling, usually) the server will usually automatically kick you.
If your computer is infected with malware (spamware, adware, spyware, trojans, viruses, etc), it will constantly be generating large amounts of traffic on seemingly random ports. Your ISP will kick you for being a danger to the rest of the Internet. If you attempt to reconnect without cleaning your computer, you will be kicked again.
A virus has been detected. Please delete all files in the Documents directory.
Ignorant users will still get s****. Nothing replaces proper user training.I keep seeing posts about punishing the victom. Isn't that a little like slashing up a pretty girls face because she got raped?
To take it further, ya maybe it wasn't too bright for her to walk down that dark alley but she's still a victom of a crime. Ya maybe she was dressed sexy but that still doen't give someone the right to victomise her.
It's easy to blame victoms. But how can we justify causing even more harm to them when it is the criminal who comitited the act?
Our FBI and others can track these people down in a heart beat. Just read www.grc.com to see how easy it is for someone smart enough to do it.
So I think we're stuck. I believe we can and do track these people and know who they are. But to expose that fact would compromise their ability to do so.
But in the absence of putting these people away, to then turn around in frustration and cause even further harm to the victom isn't the answer either, the way I see it.