Infected PCs for Rent
prostoalex writes "UK authorities are raising concerns about entire networks of infected and compromised PCs (BotNets) being available for sale or rent to the highest bidder. The Register quotes a detective from Hi-Tech Crime Unit saying 'The trade of BotNets of compromised machines is becoming an industry in itself. Organised crime is making use of this industry.'"
This is exactly the same sort of problem that happens in the world of prostitution: pay your "rent", get a disease.
Don't blame Durga. I voted for Centauri.
If you can sell it, you can get stung selling it. This may be the sort of thing that law enforcement agencies need in order to start busting people.
Now, if we just BLOCK connections from windows boxes to our machines except for (say) WWW or DNS, then our lives are better. pf (in openbsd and now freebsd 5) can do it.
Me? I'm pulling IPv4 stakes up. Only been spammed once by someone with an IPv6 address.
While it is deplorable that it takes criminal action (or porn) to move technologies to the forefront, it does happen. This, to me, seems like the famed "Grid Computing", and whilst stopping criminals, I hope law enforcement learns enough to pass the knowledge on so that others can use it for legitimate computing.
Find out about the Lexus Rx400h Hybrid!
Think "protection racket":
"Nice e-business you've got there. Be a shame if it got DDoS'd into oblivion by some unscrupulous types, wouldn't it? We'll protect you against that, for only $50,000 a month! How about it?"
"They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
The scope of this is huge - true - I'm no industry player or top level developer - but still - we can all see the scope of this.
distributed applications are the killer app of the internet - XAML, .net, Java - all buzzwords. Grid computing - thanks to Oracle - The Internet - so much scope it created the biggest financial bubble in the history of capitalism.
Now - the corporates (MS?) are getting so inept that criminal gangs are stealing our future off us. Please - let's start stopping them.
i'm trying to give up sigs.
There is a limit to that I think. Think of it in terms of cars. Imagine buying a car from a major car manufacturer only to find out that every month you'll need to bring it in to the shop and have a few problems with it fixed. While they don't charge you to fix the car, it sure gets annoying and makes you wonder about the overall quality of their products. What's worse is when one of these problems appears before there is a fix and causes you to have a wreck and die, hurt someone else, etc.
Anyway that analogy can go on forever, but you should be able to see the point. MS has a responsibility to put out reliable, secure software just as much as Ford, Mazda, whatever has to put out safe, reliable vehicles. The patch-as-you-go thing doesn't cut it, and it's made obvious by things like this botnet problem.
Isn't that like saying we should blame the dumb shit who doesn't install an anti-theft device in his/her car? Or the auto makers for not making it standard?
A thief is a thief. An extortionist is an extortionist. A duck is a duck.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
As much as I'd like to blame Microsoft for creating the security holes in the first place, no ammount of patches can make up for a user who won't keep his machine secure. I don't think he'd be so complacent if one day he found someone had deleted his files, erased his hard drive etc.
Reaching out and clobbering computers is exactly the same thing that the RIAA wants the legal power to do.
The only real solution is an ISP-side one. The ISP says, 'If your computer is spewing out malware broadcasts, we have the obligation to kick you off the internet and then help you clean up your computer. If something happens, contact our customer care department or go to the other ISP down the street.' Yes, it inconveniences users but I'd rather see some users inconvenienced than Big Government give legal power to ANYONE to clobber a node without recourse.
"I am an Adept of Tantric VAX."
But that's the point. They won't do that. Instead of having the one time small pleasure of torturing ONE imbecile, they'd rather use him as part of their undead legions, who can smite anything on the Net that even looks funny at them. His pc is far more interesting as a launch platform for attacks against people who do try to secure their networks and who (usually) DO have something worthwhile to attack. Morons like this are quite a bit more rare than 'normal' people, who will try to protect their pc's even if they fail utterly at it in practice.
Which is why there's a case to be made for producing malware that's really mal. Perhaps even grand mal.
In a weird sort of left-handed logic, certain people would be doing the computing community at large a MAJOR favor if only they'd take the time to write viruses, worms, and trojans that would be so kind as to format hard drives!
Is it fascism yet?
Well, that's the problem. People don't want to know about viruses, trojans, zombies, etc. They want their desktop. They want their applications. They want it to "just work."
Consider the phone. People just want to be able to pick up the receiver, dial the number, and talk to their friend/family/co-worker/etc... They don't want a phone switch in their house, sitting under their desk. They don't want all of the burdens involved in maintaining complex hardware.
I'm willing to bet that the first person/company who can provide people with a computing experience without a computer stands to make a lot of $$$. If they can provide the system maintenance, installation of applications, protection from viruses, protection from hardware failure - they will be able to open a huge market, and cash in.
This is where I think Linux will prove pivotal, because this is where we lead Microsoft. Our thin client paradigm is so different, that we lead in many areas. Consider how Microsoft does thin clients - 256 colors only, 800x600 max, 8 fps - all rendered on the terminal server where the "picture" of the desktop is sent down the wire to the thin client who displays the "picture" and sends feedback of mouse clicks and key presses to the terminal server. Linux, and X, render everything on the X terminal, and send back and forth on the pipe application information. What does this all mean? You can play quake 3 on a linux X terminal but you couldn't on a Microsoft solution. And it would take YEARS to fix that gap. We lead here, and we could exploit it if we jumpped on this opportunity.
Did I say World Domination? Oops...now you all know my plans...
I haven't lost my mind!
It is backed up on disk...somewhere...
While I would have agreed with you a few years ago, the problems are so frequent and the mass userbase so non-technical, that blaming the user just doesn't cut it. Many users DO update their software / AV yet still get hit. At some point the manufacturers of software need to take more responsability. Someone can take home a brand new Dell, plug it in, connect to the internet, and before the first patch gets downloaded end up with a worm. It's fast, damn fast. If you're going to make grandma or little Johnny your target market, then you damn well better make sure that the product is shipped secure to begin with, and maintains itself.
He'll care when there is kiddy pr0n on his computer that was put there by a hijacker and he takes the heat.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
The problem with this racket is that it offers no more protection than not paying them. If this was a physical case, and you pay protection money to your local crime syndicate, should some other criminals try to get protection money from you the guys you are already paying off will protect you, so that he can protect his income (and territory). When online there is nothing stop you getting DDoS'd by a different group every month. The group you are already paying off have no means of stopping the others, otherwise the government (to whom we pay for protection in the form of taxes) would be cracking down with that method already.
Blocking incoming connections won't help terribly much when the backdoor is a bot that connects to an irc channel and receives its commands from there.
Or simply a pop-up window that says:
"This is a Virus. If You do not click Cancel in the next 30 seconds, You computer will be formated!"
And went the user click cancel, present them an explanation on WHY this happened. Or something like that... Something with REAL infection-properties, but with only purpose to SCARE the user...
I live in Soviet Canuckistan you insensitive clod!