20,000 Zombie PCs -- $3000
Saint Aardvark writes "From F-Secure blog comes these links to two USA Today articles on spamming. The first gives an example of how a grandmother ended up becoming a security expert after Comcast cut her connection for spamming. The second quotes spammers advertising networks of Zombie PCs for sale. The price? $3000 for 20,000 machines."
I have to say, I don't understand how people get into so much trouble.
Maybe I've been lucky, but I've ran a Windows XP system for about a year now (and a Windows 98SE system for about 2 years prior under the same conditions), doing the occasional patches from Windows Update, without a virus scanner or firewall. If I do something stupid that makes me suspect that I've contracted something, I'll drop over to http://housecall.antivirus.com/ and do a quick scan. This generally only happens when I'm trying to find a crack for something on a P2P network and the bastards have embedded a keystroke logger or some other little nasty in a trojan crack package.
Otherwise, I do an occasional glance-over at the list of processes running, and if my modem is lighting up like a Christmas tree I might fire up Sygate Personal Firewall or something just to see what's happening with the traffic, but I've never seen it give me real cause for concern. I still get some port traffic for the old Code Red worms and what not, but nothing that seems to have been really problematic.
As I said, maybe I'm just lucky. Then again, maybe I don't use Internet Explorer or Outlook Express, and maybe that helps a lot. Who knows.:-)
picpix image polls. create - share - vote. fun!
Since I haven't sensed that a widespread educational movement is in place to tell users otherwise (besides the occasional article in the newspaper, and I personally believe that doesn't count), can someone else step up to the plate? It sucks to have to repeat the "who's responsibility is it"? thing ad infinitum.
So here's a story... I have two Macs hooked up at home. Comcast gives you the cable modem and basically just tells you to plug it in. Not surprisingly, if I were to have an old WinXP system that was stuck on dial-up (I can't download 400 MB service packs or security updates), I would be virus infected. Fortunately, I had OS X with a firewall... except they told me to disable the firewall and virus software since I was having problems. If that works, ordinary user thinks, "Wow, well if I can't use a high-speed internet connection with a firewall/virus software, what's the point"? That seems like a setup for disaster.
Remember, most users come up with questions like this. I don't think they're at all aware of what can happen, or what the effects of identity theft are, or how much it sucks. All they know is that geeks like us tend to berate them, companies like Comcast give them a mile of rope to hang themselves, and companies like Microsoft push insecure solutions that have enough security holes to cause companies like Comcast to shut off their internet access.
Come on, we can do better, all around.
-Rob
Marriage doesn't have to suck!
If spammers are scammers, can you really expect good value for your money?
I fully expect follow-up news stories on how someone who wanted to open a business online fell for a mass marketing scam, paying spammers thousands of dollars only to see the spammers vanish in thin air with their money.
Similar scams have been played in real life with fake ATMs...
Don't blame me, I didn't vote for either of them!
Does anyone else wonder where MessageLabs gets their statistics? I can't help but wonder at their methodology (though I suspect rectal extraction). I get daily reports on SpamAssassin and my configured DNS block lists for the servers I manage. Their spam traffic doesn't start to approach 95% of inbound messages. After eliminating all internal email from the statistics, SpamAssassin flags about 20% of incoming email as suspicious and SpamHaus blocks another 10% or so. These are not confidential, hard-to-find addresses. These are university servers where staff and faculty are required to have valid email addresses posted on the department web pages. Any spider worth a damn should have harvested them long ago. I find it very hard to believe that this environment is getting 60% less spam than systems that don't provide a directory of valid addresses.
Spam is a problem, but it's time journalists (online and otherwise) start taking stats with a grain of salt. Too many organizations are willing to publish questionable numbers in an attempt to sound like they have thoroughly researched the issue.
Or in the MessageLabs case, to sell a product that will 'solve' the problem.
*laughs*
Um, no, we really wouldn't appreciate you doing that with our software. And it is against our terms of use. http://vsp27.stanford.edu/license.txt
But back in my d.net days, we estimated that about 1/3 to 1/2 of all installs were zombies or forgotten. The original 5 proxies (hardcoded IP's, including my old dorm IP) probably still get pounded on after all these years.
- Adam L. Beberg - The Cosm Project - http://www.mithral.com/