Slashdot Mirror
Storm Worm Botnet "Cracked Wide Open"
Heise Security reports that a 'team of researchers from Bonn University and RWTH Aachen University have analysed the notorious Storm Worm botnet, and concluded it certainly isn't as invulnerable as it once seemed. Quite the reverse, for in theory it can be rapidly eliminated using software developed and at least partially disclosed by Georg Wicherski, Tillmann Werner, Felix Leder and Mark Schlösser. However it seems in practice the elimination process would fall foul of the law.'
Who cares about laws? I mean, the criminals don't, the government doesn't care, is anyone still clinging to this outdated model of a coexistance standard?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Yeah and let the botnet owners see it and then write a patch for the botnets...
This falls into that whole super-hero vigilante category. Just ask yourself, what would batman do?
The guys found the "cure" of Storm Worm are university students. They did the research using the university's facilities. They have to follow the university's regulations and everything they do is pretty open to the public. Should they just triggered the switch and take over, the university may find itself in legal trouble.
Unless one of them happens to be Batman.
Colorless green Cthulhu waits dreaming furiously.
After you decode it with base 64 how do you open it? do you just rename it to .c and open it with VS?
if not then how?
Just require a warrant from some level of federal judge.
Things might not work great at first, but the whole warrant system works pretty well, and it would provide a framework for preventing abuse and overuse.
Nerd rage is the funniest rage.
Don't be silly. If they read SLashdot, they certainly aren't going to have RTFA, so how are they going to know what the vulnerabilities actually *are*?
That is the worst idea I have heard all week.
Just curious. What was the one of the previous week??
If you want to stop the botnet, you need to remove its incentive. The botnet operates not for someones jollies, but because it is profitable to have a botnet. If you remove the profit motive the botnet will self-disassemble over time.
By Jove, I think you've got it! All we need to do is remove the incentive and crime just fades away! I wonder why nobody's thought of that before.
"I think he's right because otherwise international net crime will continue unabated,..."
We need to call Netman, he will save us from those Jokers.
Oh, it's obvious!
Perl!
English is not my first language. Corrections and suggestions are welcome.
It's a botnet, not a batnet.
If you can read this, I forgot to post anonymously.
Did you honestly just put Windows and Linux people in one boat? Somehow sounded like it. Must be my imagination.
Looks like perfectly valid Perl to me.
.
I'd rather propose that they brick the machines in the first place instead of cleaning it. Cleaning a worm will eliminate the effect only and that for a very short time. Bricking a PC might eliminate the cause -- the clueless user.
We now have home PCs that are faster than supercomputers from 15 years ago. Operated by users who have no idea of basic computer security, these PCs pose a real threat to individuals and businesses on the net.
Computing power and bandwidth are so great these days that most users won't even notice a worm or two. So learning how to protect their computers is a bigger inconvenience to them than using machines that send spam and participate in DDoS attacks.
Should that change, should white- or greyhats who gain control to a botnet simply brick the affected machines or wipe a hard drive, users might care more next time.
Hell, the researchers can always blame botnet creators and get away with that!
I love the smell of bitter coffee in the morning. It smells like... starbucks.
"The hands that help are better far than lips that pray." - Robert Ingersoll (1833-1899)