25 Percent of All Computers in a Botnet?

Beckham's_Ponytail writes to mention an Ars Technica article, with some disturbing news out of the World Economic Forum in Davos, Switzerland. Vint Cerf, one of the 'fathers of the internet', has stated that the number of botnets online is larger than believed. So large, in fact, that he estimates that at this point one in four computers is infected with botnet software. We've discussed the rise of botnets numerous times here on Slashot, but the image of 150 million infected computers is more than a little bit sobering. With the extremely lucrative activities that can be done with botnets (such as password ripping, spamming, DDoSing), as well as reports of organized crime adopting 'cyber-terrorism' as a new line of income, is it likely that law enforcement will ever be able to curb this particular bane?

Re:How to stop the bots

[x_MeRLiN_x]

25% does seem a little high, but then again it's not hard to imagine that people who this affects don't talk with too many people online who they haven't met in person. Just today I was playing Counter-Strike (1.6 of course) and a fellow player revealed the reason for them not moving or shooting; a pop-up. This is hardly a rare occurrence. I can't empathise in any way with those who are perfectly content to accept their computer is infected with some sort of adware and believe there is nothing they can do to prevent the infection of such malware.

EVEN MORE SCARY it's 1 in 2 windows computers.

[goombah99]

it says 1 in 4 are infected. But lets drill down. First take out all the mac and linux and Unix computers since the botnet rate, while not zero, is probably not signiciant. We can also exlcude most but not all embedded system. Since mac and linux and Unix , and embedded systems acocunt for more than a quarter of the market this means that most Windows computers are infected at a rate closer to 1 in 3.

Next remove all the server clusters and the majority of computers in highly active IT bussiness envirmonments. We can probably exclude most military computers. That takes out another quarter of the machines.

So basically your personal computer at home or poorly maintained bussiness machines are carrying the bulk of the infection and it's not entirely way off to say the botnet rate is 1 in 2 for windows.

The ISPs could help stop this

[vinn01]

I blame the ISPs for allowing traffic to leave their networks with spoofed IP addresses. That is - passing IP packets that are sourced within thier network with IP addresses that are not within their network.

Botnets spoof IP addresses to make if harder to track down the bots. But the IPS know where the bots are and could kill them, or filter them, if they had the testicles to do it. By pass the spoofed IP addressed traffic they make it harder for the rest of the world to filter the bots.

Botnets would be a heck of a lot easier to filter, and choke, if valid IP addresses were forced on all traffic.

What about a broadband users license?

[bdwoolman]

There are ham licenses, Why not license high-speed access in some way? It is also powerful. The process does not have to be hard, but at least one person, say, at home or in the SOHO should demonstrate he or she knows how to secure the computer (to some minimal standard) and keep it that way before a broadband install is allowed to the address. You can create all the fine security software and solid OSs you want, but unless the users are clued in then it is hopeless. The bar does not have to be set that high. But there is nothing like a license to motivate a little learning.

Or at least require ISPs to provide minimal security training to their broadband customers. As has been said: Most infection is self inflicted through ignorance. Some people might welcome the chance to learn. I know I did not want to scuba dive without some training. A lot of parents would be motivated to learn about filtering software etc. A license should be grandfathered in of course. This problem will worsen in direct proportion to bandwidth. And certainly there should be citizens' band speeds. (TBD)

People might grumble, but if it is sold as a community responsibility a license track might fly. Most (well, many) people are motivated by a sense of community responsibility. I had a young friend whose computer was a viral soup. Infected beyond redemption. Ruined. I reinstalled Windows for her, which cleaned up the mess, but she was resistant to the idea of anti-virus software because she claimed she did not do anything serious with the computer and did not want to hassle. Her current mess had taken years to build. And, she asked, couldn't she just redo the box again when it tanked? But I pointed out to her that it wasn't just her that suffered, it was the whole community that suffered when she left her computer vulnerable. (I explained a little about bots) The idea that she could be hurting others through inaction really upset her (she had never thought it through) and so we were downloading Zonealarm, AVG and AdAware in no time. In the end she bought a subscription to a suite. McAfee I think.

Before anyone starts screaming about rights and freedoms being taken away, please think about this: A license is a way that a civil society makes its members accountable, from food vendors to electricians. I am less free because of all the bots out there. If people can't get on the highway without demonstrating some knowledge, Why should they get on the information highway in a state of ignorance, especially now that we are banking and shopping there?