Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dan Geer On Trusting PCs In Botnets

Posted by kdawson on from the as-far-as-i-can-throw-you dept.

walk*bound writes "In an essay published by ZDNet, security scientist Dan Geer has an interesting proposal for e-commerce sites to evaluate the trustworthiness of clients that try to connect. Assume that end users either always say 'Yes' or always say 'No' to security dialog boxes. Then make the decision one of two ways: 'When the user connects, ask whether they would like to use your extra special secure connection. If they say "Yes," then you presume that they always say "Yes" and thus they are so likely to be infected that you must not shake hands with them without some latex between you and them. In other words, you should immediately 0wn their machine for the duration of the transaction — by, say, stealing their keyboard away from their OS and attaching it to a special encrypting network stack all of which you make possible by sending a small, use-once rootkit down the wire at login time, just after they say "Yes."'"

11 of 301 comments (clear)

  1. Awesome!!1! by Orthuberra · · Score: 2, Funny
    I can't wait, and if they say "No" just don't allow them into the site, because how can you trust them if they say no to an extra special secure connection, can you? I can't wait for the future where our choices are root-kitted slave or web pariah!

    --In Soviet Russia, internet connection owns you!

  2. The Slashdot Experience by Blackheim · · Score: 5, Funny

    Posts like this keep me coming back

  3. Woke up this morning, don't believe what I saw by greenguy · · Score: 4, Funny

    ...hundred million botnets, washed up on the shore
    Seems I'm not alone in being alone
    Hundred million castaways, looking for a home

    Ill send an SOS to the world
    Ill send an SOS to the world
    I hope someone don't get my
    I hope someone don't get my
    I hope someone don't get my
    PC in a botnet, yeah
    PC in a botnet, yeah
    PC in a botnet, yeah
    PC in a botnet, yeah

    --
    What if I do the same thing, and I do get different results?
  4. BRILLIANT by Almahtar · · Score: 3, Funny

    You see, all the other rootkits will trust this one, thinking it's one of THEM!!! Then all you have to do is have your rootkit tell them that it can't stay long and would they please let it have this password/account number and they can steal the next.

    They'll never even know this was a good guy root kit the whole time!

  5. I for one by enoz · · Score: 2, Funny

    I for one, welcome our cross-platform-r00tkit-touting benevolent E-commerce overlords.

  6. Re:Flawed premise. by Anonymous Coward · · Score: 5, Funny

    What if I download a Windows firewall update that Microsoft claims is more secure than the old version? Am I an idiot? Yes, at that point you are an idiot.


    (Posted from a Windows system, by an idiot.)

  7. Re:It's a joke. by c_sd_m · · Score: 3, Funny

    This parallels the real world where people who get venereal diseases tend to get more than one. The reason is simple, the infections computer or cellular are side effects of behavior and consistent behavior tends toward consistent results.
    So if a slashdot reader has a chance to get laid he shouldn't do it since obviously the other party will do anyone?
  8. Re:Fool! by Antity-H · · Score: 2, Funny

    To answer your last question : process explorer is available here : http://www.microsoft.com/technet/sysinternals/utilities/processexplorer.mspx which seems to be part of the microsoft website (if you trust URLs and DNS I mean).

  9. Re:That worked so well by joto · · Score: 5, Funny

    That question is almost as bad as the infamous: Yes means No and No means Yes. Format computer now, Yes/No?
    Can I choose ^C ?
    Yes

    (assuming that "Yes means No and No means Yes" is still in effect).

  10. Re:That worked so well by 1u3hr · · Score: 3, Funny
    Mixed up Robinson Crusoe and Lemuel Gulliver.

    At least I didn't get Gilligan and the Professor in the mix.

  11. Re:That worked so well by Anonymous Coward · · Score: 1, Funny

    Can I choose ^C ?

    Actually, thats a No-No. Which in fact is Yes-Yes.

    You have 10 seconds left to decide.