Slashdot Mirror

← Back to Stories (view on slashdot.org)

AU Government To Pilot Target Zombies

Posted by Hemos on from the yeah-i-prefer-to-think-that-means-flesh-eaters-too dept.

msblack writes " Australian news sources are reporting that the communication regulators will begin notifying ISPs of infected customer computers. In a three-month pilot program, the Australian Communications & Media Authority will identify zombie computers and ask their owners to clean them or risk being disconnected. When will U.S. regulators and ISPs get on board?"

9 of 159 comments (clear)

  1. No regulation for me. by jellomizer · · Score: 4, Insightful

    "When will U.S. regulators"..."get on board?"

    Well I hope never. ISP should have rights to protect their network so they should be allowed to stop Zombie systems when they feel like it. But for U.S. regulation. I say No way. All regulation does is make loopholes for the bad guys and road blocks to the good guys. ISP should be willing to work with their customers to insure this doesn't happen, that is why a lot of ISP are offing free protection software to their windows users, partially because other big names are doing it so they can stay competitive, and partially because with less spam and viruses on their network they can more easily manage it. With US Government control it will be like your system is a Zombie and Fix it. To most people who only have a passing idea what a virus or spyware/addware is, most really won't know much how to fix it if it doesn't require clicking one button and then selecting the default for all questions. So if it is anything of a difficult fix, or requires hireing expensive techs to fix it they will toss their computer saying it is broken, or sue ISPs and the Government for disconnecting their ISP without giving them a means to remove it. Also systems like P2P, BitTorrent, and some distributive computing systems, all with legal uses, could be considered a zombie system to some some people like the Entertainment industry and can use that to force all people using the technology even for non entertainment uses (such as downloading Linux distros)
    Government control adds rigidly defined rules to a flexible universe and often will cause more harm then good.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    1. Re:No regulation for me. by misleb · · Score: 4, Insightful

      This isn't true. I worked for an ISP which was dilligent about working with customers to clean up PCs. They are surprisingly coorporative. They don't like the idea of their computer be infected any more than you do. You just have to be diplomatic about it. Don't blame them. Just give them the tools to clean and keep clean their computers.

      -matthew

      --
      "THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
  2. They won't by keraneuology · · Score: 4, Insightful
    When we still have (at least one) state attorney general who believes that spam is protected by the first amendment, government regulators won't get involved. Except possibly during an election year when they might pass a toothless law that does nothing but confuse the confused.

    Pure, raw, unadulterated situation: congress doesn't care. The big ISPs don't care. They have had 10 years to address the situation and have refused all along. They are, however, willing to pass laws preventing unsecured wireless access points. Given a choice between lending support to MPAA/RIAA or actually addressing a serious problem, be it hacking, phishing, worms, viral attacks, DDOS attacks or any other legitimate issue.... look at it like this: how quickly have they acted to prevent the zombie issue? How quickly did they act to try and sneak the broadcast flag into law. Again? Or again?

    Start writing campaign checks and picking up the tab for "fact finding missions" to Hawaii for a senator or ten... then you might find some interest on the hill.

    --
    If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"
  3. Carte Blanche for ISPs? by badzilla · · Score: 4, Insightful
    From TFA: Anthony Wing, manager of the anti-spam team at the ACMA [said] that the application, which took "some months" to build, can identify computers [...] that are being used for "illicit reasons".

    I agree botnets are a problem and that my ISP has a right to stop me from being a nuisance to the rest of the internet. But outside of that do I really want my ISP taking broad arbitrary decisions on what I can do with my connection?

    --
    "Don't belong. Never join. Think for yourself. Peace." V.Stone, Microsoft Corporation
  4. This is foolproof by Dekortage · · Score: 4, Insightful

    From the article: "Anthony Wing, manager of the anti-spam team at the ACMA, told ZDNet UK sister site ZDNet Australia that the application, which took "some months" to build, can identify computers physically located in Australia that are being used for "illicit reasons".

    "[The application] identifies IP addresses that have been used for illicit reasons -- for example spamming," Wing said. "There are a range of sensors around that world that identify them. Those infected IP addresses are then fed to the relevant ISP. They know who their customers are so that can contact them... if the computer remains a threat to other Internet users, the ISPs may take steps under their acceptable use policy to disconnect the computer until the problem is resolved".

    ...The ISPs will then be responsible for contacting their customers and helping them disinfect their computers.

    This is great, assuming that:

    1. Hackers won't get a copy of this software and find ways of circumventing it.
    2. "Illicit" computer operators aren't spoofing their IP addresses.
    3. ISPs don't abuse the interpretation of the words "threat" or "acceptable use".
    4. The process of "helping" users disinfect computers does not compromise user's privacy.

    --
    $nice = $webHosting + $domainNames + $sslCerts
  5. Re:When will people learn? by jdredd · · Score: 4, Insightful

    Seriously? It's hard... People don't understand the implications of clicking on the button. They just like the weather bug and other programs. Seriously too... most of that crap isn't going to be installed via a nice popup box that lets you decide. Go look at all the browser security holes, viruses, and worms in the last 3 years that allow for installation of backdoors, SMTP engines, and more. As long as people make money via phishing, selling herbal viagra, and telling you how to lengthen your penis, you will be fighting this crap. It's moved from people doing it for kicks to people doing it for money and identity theft - well, that's for even more money. It doesn't take much money to create a virus or worm. There are plenty of people out there that will do it for a little cash. The window of time between when patches come out and exploits for the hole has shortened drastically over the last couple of years... from months to days. You want a shock? Go run AdAware or Spybot Search & Destroy on your parents' computer. Then make sure to educate them about phishing before your inheritance disappears.

  6. Censorship? by Zontar+The+Mindless · · Score: 4, Insightful

    I think not. Free speech does not include the right to shout "Fire!" in a crowded theatre, and free use of the Internet does not include the right to allow your machines to stuff it up for the rest of us.

    As a Telstra customer who saw his cable connection slow to about 1/100th of its normal speed thanks to the DNS attacks of a few months ago, I'm glad to see someone doing something about the problem.

    --
    Il n'y a pas de Planet B.
  7. When will U.S. regulators and ISPs get on board? by Yonder+Way · · Score: 4, Insightful

    Hopefully never. Well, U.S. regulators anyway.

    ISP's should be protecting their own networks. Saved bandwidth costs alone should be enough reason for them to want to detect and block zombies. The last thing we need is more government intervention.

  8. Re:Why don't they target IRCops? by spinfire · · Score: 4, Insightful

    The IRCop is right. It is very difficult to track this stuff down, and it is a pain. Believe me, if I was in his position I'd be pretty ticked at you, as your compromised machine was reponsible for abusing his network and it even looks like your box got banned from the network. You're even guilty of ban evasion!

    I am an IRCop on a very small network which had a botnet problem last year. Hundreds and hundreds of bots would connect, all joining channels. We wrote scripts to ban all the bots, upgraded services, the whole lot. They keep coming. Some of them came to new channels. The "owners" hadn't showed up at this point, not even once. After around 5 days some people showed up in those channels from ISPs in the middle east. I did track them down, and sent abuse emails to their ISPs. Got a response in a few days, offending account shut down. But that account was probably another 0wned box anyways.

    Unfortunately sending ISP abuse emails to all of the bot IPs was much too daunting a task for a small time IRC network.

    Keeping unwanted things off an IRC network is hard work. Kiddies often have hundreds of open proxy and otherwise usable IPs to use for ban evasion.

    I hate to be brutally honest, but you share a lot of responsibility. *Your* IP was abusing his system.

    --
    isomerica.net | Foonetic IRC