Exposing Bots In Big Companies

CalicoPenny let us know about yet another "30 days" effort, this one to name the names of major companies infected with spam-spewing bots. Support Intelligence began the effort on March 28, out of frustration at not being able to attract the attention of anyone who could fix the problems at these companies. While they haven't named 30 companies over the ensuing month, they did name some prominent ones, such as Thompson Financial, Bank of America, and AIG. The scary part is that if a bot can spam it can capture keystrokes or troll for interesting documents.

No difference between the bot and Windows

[SpaceLifeForm]

Seriously, there is no difference.

Instead of suing those who disclose the fact
that machines on their lan are infected,
they should sue Microsoft for allowing it.

You don't know that Windows is not doing the
same nasty spyware tricks that people accuse
the bots of doing.

Oh, that's right, there is a difference.

The Microsoft EULA covers their ass, whereas
the bot does not ask you for permission to spy.

What, like the broadband ISP's do?

[twitter]

Surely, these large companies could block outgoing port 25 traffic, except for their own email servers. Then the traffic can easily be monitored and spam zombies detected.

Surely, the bot net operators have already gotten around that on cable networks and those companies that do this. All they have to do is make the bot mail through the company smtp.

Your idea is a variation on the "blame the user" theme. The problem is M$ on the desktop. Big dumb companies fork over all sorts of money, do what they are told and get slammed anyway. What will be funny is when M$ themselves end up on this list. Who will they blame then?