Slashdot Mirror
Is China Creating the World's Largest Botnet Army?
david_a_eaves writes "The Chinese government is mandating that all computers sold in China come with Internet blocking software. Rob Cottingham writes an excellent piece noting how the censorship application of this software should be the least of our concerns. This new software may create an opportunity for the Chinese Government to appropriate these computers and use them to create the worlds largest botnet army."
Update: 06/11 21:26 GMT by T : J. Alex Halderman writes "My students and I have been examining the Green Dam censorware software. We've found serious vulnerabilities that can be exploited by any web site a user visits with the software installed. We also found that some of the blacklists seems to have been taken from the American-made filtering program CyberSitter. We've posted a report and demo."
Would it be easier to just sever the undersea fibre cable to China if it's really such a grave threat?
ELOI, ELOI, LAMA SABACHTHANI!?
How hard is it to block all traffic based on the country of origin, China in this case?
There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
Should make it easier to block during an attack....
Never understimate the power of human stupidity -Lazarus Long
Well if they are it's certainly more threatening than a bunch of terracotta warriors.
-
- - VanCondo
-
...welcome our chin... oh wait!!
Obama: Hey Ballmer, you mind if we borrow 90% of the world's computers for a quick cyber war?
Ballmer: Finally, the moment I've been waiting for! *Throws ceremonial war chair at wall*
A few million Stormtroopers standing on the surface of the Death Star with ThinkGeek green lasers.
Archimedes would be proud!
(Think before you mod me offtopic.)
The goal, authorities say, is to protect children from pornography
Of course, that morsel isn't for the Chinese people. They could tell their own people "we're creating a botnet to terrorize you", and nothing would happen. In fact, it's for the benefit of people in other countries. Social conservatives everywhere will exclaim "what an excellent goal!" Those people have simply failed to realize that governments will use whatever power they have for whatever they want, and never exclusively for its "intended purpose". The US does this too, but they've been moving more slowly because more people fail to notice when the power shift is gradual.
For the sake of argument, let's assume this is the case. (And to correct me if I am wrong here.) To be able to block, at the very least the packet header has to be examined. If remote attacker can generate packets faster than you can examine and drop them, you've just been DoS'ed. Multiply the number of packets by the number of computers in China...
ELOI, ELOI, LAMA SABACHTHANI!?
Let me get this straight.
China further on intruding on its citizens who are already exploited and given no voice is a valid concern -- until it causes the rest of the world the slightest discomfort?
Whale
I advice any government to use in their networks only SW they can compile by themselfes!
And even more important: use routers ( and switches ) where they compiled the firmware/software themselves!
Look, in a "cyber war" you don't fight with DoS attacks, you fight by simply severing the undersea cables. If we were really "attacked" by China this way (which, we won't be, it would end their economy and their leaders seem to be halfway sane unlike that of North Korea) we could simply sever the lines.
Taxation is legalized theft, no more, no less.
Did I miss something or isn't this essentially the same story as this:http://it.slashdot.org/story/09/06/11/1347219/Chinese-Govt-Spyware-Puts-Computers-At-Risk?art_pos=9
I mean, if this is true, what if the Russians found a way to activate the botnet first?
From the FA:
Conceivably, everything from hospitals to electrical power grids could be targets.
Here's a thought! Make sure hospitals and electrical power grids AREN'T ON THE INTERNET! This is hard? VPNs and darknets are hard??
Choir, consider yourself preached to.
I hope everyone's spam filters are up to date, because I'm sure crimeware authors would exploit it first..
I think it is bad enough that the Chinese government is forcing people to have censorship software installed on their computers which obviously will have to know what sites they are visiting and probably what else they are doing on their computers without having to engage in idle speculation on what else it can be used for. In any case, the idea that it will be used as a botnet is kind of weird and imho unlikely. You'd think that the Chinese government would have enough computing resources to do what it needs including waging cyberwar without having to resort to something as messy as this. Or it could commandeer an existing botnet, or, being a totalitarian government it could simply make it mandatory to install botnet software, or it could build one in "traditional" way using viruses etc.
Negative moral value of force outweighs the positive value of good intentions.
What makes a botnet potentially devastating is that it can create traffic that's indistinguishable from legitimate traffic. When a large enough number of computers from random locations request a page from your webserver, how do you sort the bad requests from the good? It's the slashdot effect on steroids.
If all the traffic was originating from within a particular country, it would be straightfoward to drop that traffic and let other traffic through.
It's interesting to note that in the early days, it wasn't possible to determine geographic location based on IP address. Address blocks were originally assigned rather haphazardly. As the number of networks grew, routers had to store larger and larger routing tables. Eventually this led to a push to reorganize address block allocations in a more hierarchical fashion, which ultimately made geolocation possible.
All we have to do is filter them out at our end of the intercontinental cables and the army can't get in here. The same applies to everyone else so a Chinese botnet army only threatens China.
The only reason botnets are so effective is they are distributed. When they come from all over the place, you have to do a ton of individual blocks. If they are all from the same IP space, ok just black hole China's space and that's it. Wouldn't take a block from very many top level providers and they'd be doing nothing at all.
Massive botnets have already been infiltrated and subverted. So those computers meant to ban pornography, and maybe anti-government web sites could any day be used to send anti-government propaganda with maybe simple commands... not sure how comfortable are chinese with double-edge swords, but this could be a good example.
Anyway, i would be more worried about the US government botnet construction kit, a.k.a. microsoft windows, that seems to be putting that power to individuals, groups and foreign governments.
trusting the chinese government at their word is equally foolish. there are no deep nefarious plots and twisty hidden meanings in this piece of censorware most probably. but at the same time, the chinese government is certainly no paragon of virtue that we should trust is motivated by exactly what they say
not that western nations are any more trustworthy. its just that there is this idiotic notion i often encounter that says "western critics are complaining the chinese have hidden purposes, so since i don't trust western mouthpieces, i'll believe the chinese at their word that they are completely virtuous and innocent in their motivations"
you know, like iran is enriching uranium for peaceful purposes. "that's what they said, that's what i believe. because i won't be a naive idiot for the west. i choose to be a naive idiot for the west's enemies"
hey, here's a radical idea: how about you trust no one and be a naive idiot for no one? that is: distrust the west, distrust china, and distrust iran, all at the same time
thunderclap
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
...would seem to have some serious limitations.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
I was going to add the same comment. The point of a botnet is that the computers, being hijacked consumer/corporate pcs, are from all over the world and indistinguishable from random traffic IPs. If you're getting attacked by an all-China botnet, just cut off a well-defined set of addresses and the threat vanishes.
They still have to get their updates from Microsoft. [long, slow, evil grin]
Assuming that this is true - all the bots would be contained inside China
If they unleashed the botnet on something outside China
1) Would it not just crush the internal network(s) inside China?
2) Would it not just crush the connections to the rest of the world?
3) Would it not just crush the massive control and filter systems?
4) Would it not just super easy to identify and quarantine?
What am I missing here?
---- "Logoff! That cookie shit makes me nervous!" - A. Soprano
Can you say DDoS? Obviously the top priority of the military in all other nations of the world should be learning how to hijack that beast.
No, all your computer belong to someone who wants to harm China. This is more of a threat to China itself, than anyone else.
From a point of view outside China, this botnet is not distributed. It all shares a few links (possibly saturating them if the botnets gets too crazy), shares netblocks, etc. This botnet isn't capable of doing anything that the Great Firewall operators aren't already able to do.
From a point of view inside China, the botnet is distributed and its crap looks like it's coming from everywhere.
All your computer are belong to US.
"Believe me!" -- Donald Trump
Anyone remember that trigger built into windows 98 that showed a message informing you your computer was being commandeered for the government?
China is obviously in the dark ages, using additional software for potential commandeering when we just have it built into ours!
Already done. They call it Windows Update.
IINM you can if you're logged in.
Free Martian Whores!
No, they're just creating skynet.
Don't panic, we will be ok! I have Windows Firewall!!!
I'll believe this. I don't really believe the Chinese government gives a rat's ass about their youth beyond them being more slave labor in a country that doesn't value the lives of their citizens. I also wouldn't put it past them to make their net-nanny software appear to be uninstallable, but that does leave behind a 'bot for them to control. Cut the cables now and isolate them, it seems to be what they want anyways -- to be isolated.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
It would do the same amount of damage as the year 2000 bug.
Having to work for a living is the root of all evil.
that trust is a balance. you can be too distrustful, you can be too trusting, and its hard to get the right mix
and so i protest that you extrapolated too much from my words to make your point. however i agree with your point and its an important one, so i'm not going to protest too much
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
just imagine a Folding/SETI@home team they could create with this.
it would obliterate any other team.
So is China the new Russia now? I don't understand the fearmongering.
it's useless. China in general is poorly connected to the rest of the world (chokepoints are handy for censorship), and if the botnet is centered in China, then the rest of the world could easily blackhole China. I call bullshit, alarmist rhetoric.
The Chinese government obviously understands their people better than we do. No other government anywhere, at any time in human history, has directly controlled so many people as the current Chinese government. Success counts for something. Obviously in some basic ways they're brilliant at being a government.
So let's grant for argument that they're telling the truth: That pornography is among the most dire current threats to the continuity of their control of their population. We need to get funding from our own government to build a massive distributed porn collection, that in times of crisis can be forwarded by every available channel and modality to China. Thus can we destroy them!
"with their freedom lost all virtue lose" - Milton
This reminds me of the 60's when there were actually people who believed that all of those little Japanese cars were programmed to fall apart when a signal came from Tokyo. We'd be stuck with no transportation and Japan would finally win the war.
I'm not saying this couldn't be done with computer software today. But obviously paranoia isn't limited by technology.
-- Should there be smoke coming out of my CPU?
According to the update to the story the software they are using is extremely vulnerable and opens up the host system to attack. Uncle Sam just needs to throw up some sites that exploit the flaw(s) and attract Chinese visitors and they'll have their own botnet, internal to China, courtesy of the Chinese Government.
MG
*sigh* I thought it was the most well known classic blunder not to start a LAN war in Asia!
*DUCKS*
1, Get 'elected' as high government official at the Industrial and Information Department.
2, Start your own company (using someone else's name of course) selling filter software (with OpenCV (BSD licensed) binary lib without any proper credit).
3, Win the contract in the government <sarcasm>public bidding</sarcasm>.
4, Enjoy mandatory installation across the country.
5, The one-year free trial expires.
6, ???
7, PROFIT!
I'm sure the chinese would get a kick out of this paranoia....
If they weren't so busy overtaking the west on the economic front.
This remind me the daily "attack" from java to the W3C site. Theres like 160.000.000 request for the DTD, from dumb applications. In one case, a site was asking the DTD 100 times for second. Muahahaha...
Is soo bad, that the W3C has started to give 503 errors to people that ask that document.
-Woof woof woof!
...how are they going to put it on every computer on every backwater town home, and check if it works?
I mean, I bet there is already a tool out there, to put the government software in a sandbox/VM/honeypot, with minimal resources assigned, to circumvent this.
(It would be just like a Matrix for that thing. Muhahahaaa!)
Any sufficiently advanced intelligence is indistinguishable from stupidity.
If you couple this with , the 100$pc movement in India....where everyone gets a pc for a cheap price...
you would have an incredible botnet. 1 billion chinese....let's say half are without money to pay for a computer...
and half of that again is using a regular old computer without the malware...leaves you with 250million...
still pretty nice size botnet!
I wonder how much more we could play with the number to get an estimate..I just started the ball rolling, but I would be interested in a mathematical formula to calculate the approximate value for the botnet based on.....oh no...I am sounding like Charlie from NUMB3RS