Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is China Creating the World's Largest Botnet Army?

Posted by timothy on from the economies-of-scale dept.

david_a_eaves writes "The Chinese government is mandating that all computers sold in China come with Internet blocking software. Rob Cottingham writes an excellent piece noting how the censorship application of this software should be the least of our concerns. This new software may create an opportunity for the Chinese Government to appropriate these computers and use them to create the worlds largest botnet army." Update: 06/11 21:26 GMT by T : J. Alex Halderman writes "My students and I have been examining the Green Dam censorware software. We've found serious vulnerabilities that can be exploited by any web site a user visits with the software installed. We also found that some of the blacklists seems to have been taken from the American-made filtering program CyberSitter. We've posted a report and demo."

18 of 195 comments (clear)

  1. Correct me if I am wrong... by Lead+Butthead · · Score: 4, Insightful

    Would it be easier to just sever the undersea fibre cable to China if it's really such a grave threat?

    --
    ELOI, ELOI, LAMA SABACHTHANI!?
    1. Re:Correct me if I am wrong... by phantomcircuit · · Score: 4, Insightful

      This is economic warfare. The question is which is worth more economically to the US, a connection to China which opens Chinese citizens to the world's press or severing the connection and avoiding any potential complications.

      So the question is which one is worth more? Personally im willing to bet that being connected to them is worth more to the US than it is to China.

    2. Re:Correct me if I am wrong... by Tinctorius · · Score: 4, Funny

      I knew it! I knew erbif was a word!

  2. oOooo Scary! by vancondo · · Score: 5, Funny

    Well if they are it's certainly more threatening than a bunch of terracotta warriors.
    -
    - - VanCondo

    --
    -
  3. Does America already have the World's Largest? by CmdrSammo · · Score: 5, Funny

    Obama: Hey Ballmer, you mind if we borrow 90% of the world's computers for a quick cyber war?

    Ballmer: Finally, the moment I've been waiting for! *Throws ceremonial war chair at wall*

  4. That would be like... by starglider29a · · Score: 5, Funny

    A few million Stormtroopers standing on the surface of the Death Star with ThinkGeek green lasers.

    Archimedes would be proud!


    (Think before you mod me offtopic.)

  5. People are such suckers by qortra · · Score: 5, Interesting

    The goal, authorities say, is to protect children from pornography

    Of course, that morsel isn't for the Chinese people. They could tell their own people "we're creating a botnet to terrorize you", and nothing would happen. In fact, it's for the benefit of people in other countries. Social conservatives everywhere will exclaim "what an excellent goal!" Those people have simply failed to realize that governments will use whatever power they have for whatever they want, and never exclusively for its "intended purpose". The US does this too, but they've been moving more slowly because more people fail to notice when the power shift is gradual.

  6. The "least of our worries" ? by qoncept · · Score: 4, Funny

    Let me get this straight.

    China further on intruding on its citizens who are already exploited and given no voice is a valid concern -- until it causes the rest of the world the slightest discomfort?

    --
    Whale
    1. Re:The "least of our worries" ? by Stargoat · · Score: 4, Funny

      Let me get this straight.

      China further on intruding on its citizens who are already exploited and given no voice is a valid concern -- until it causes the rest of the world the slightest discomfort?

      And what exactly would you have the rest of the world do about it? Chinese are already subject to an oppressive dictatorial government, as are North Koreans, Vietnamese, Cubans, Laotians, Burmese, Iranians, Zimbabweans, and in general around half the total world population.

      --
      Hoist Number One and Number Six.
  7. M$ made largest botnet, Cisco the next Echelon by kubitus · · Score: 5, Interesting
    The US is in the dominant position regarding hidden backdoors and establishing Trojan Boot loaders into routers.

    I advice any government to use in their networks only SW they can compile by themselfes!

    And even more important: use routers ( and switches ) where they compiled the firmware/software themselves!

    1. Re:M$ made largest botnet, Cisco the next Echelon by Darkness404 · · Score: 4, Interesting

      The problem with this paranoia is where does it end. Compilers have known to have backdoors, you can code in assembly but you still need to compile it, what about a backdoor in the BIOS? Hidden microcode in the CPU?

      --
      Taxation is legalized theft, no more, no less.
  8. Easily identifiable source = easy blocked traffic by nuckfuts · · Score: 5, Informative

    What makes a botnet potentially devastating is that it can create traffic that's indistinguishable from legitimate traffic. When a large enough number of computers from random locations request a page from your webserver, how do you sort the bad requests from the good? It's the slashdot effect on steroids.

    If all the traffic was originating from within a particular country, it would be straightfoward to drop that traffic and let other traffic through.

    It's interesting to note that in the early days, it wasn't possible to determine geographic location based on IP address. Address blocks were originally assigned rather haphazardly. As the number of networks grew, routers had to store larger and larger routing tables. Eventually this led to a push to reorganize address block allocations in a more hierarchical fashion, which ultimately made geolocation possible.

  9. Or just block their IP space by Sycraft-fu · · Score: 5, Insightful

    The only reason botnets are so effective is they are distributed. When they come from all over the place, you have to do a ton of individual blocks. If they are all from the same IP space, ok just black hole China's space and that's it. Wouldn't take a block from very many top level providers and they'd be doing nothing at all.

    1. Re:Or just block their IP space by timeOday · · Score: 4, Interesting

      I agree, personally I would worry more about the private key for Windows Update finding its way into the wild. Now that is centralized administrative authority.

  10. Re:Look.... by 99BottlesOfBeerInMyF · · Score: 4, Interesting

    Look, in a "cyber war" you don't fight with DoS attacks, you fight by simply severing the undersea cables.

    Well, severing the cables would be expensive. More likely we'd just filter incoming traffic from that address space. If every computer in China today started sending a DoS attack at something in the US or Europe, an IT guy would get beeped and would authorize their automated system to blackhole that traffic at the core routers. Basically, it would just cut off traffic originating in China and the rest of us would go on as usual except there would be some interesting network security articles. Heck, with some of the systems in place, companies with regular traffic to china might not even have their normal traffic disrupted since it had been previously mapped out as normal and white-listed.

  11. Re:It is a problem by Shakrai · · Score: 5, Insightful

    To be able to block, at the very least the packet header has to be examined. If remote attacker can generate packets faster than you can examine and drop them, you've just been DoS'ed.

    You also have to look at the packet header in the course of regular routing decisions. Would it really take more CPU to look at the packet header and drop it into /dev/null than it does to look at the packet header and send it out a different network interface?

    --
    I want peace on earth and goodwill toward man.
    We are the United States Government! We don't do that sort of thing.
  12. Re:It is a problem by tattood · · Score: 4, Informative

    The interconnect routers are all using hardware ASICs for their routing. It is absolutely NO problem for a core Internet router to block an entire subnet/country without a single hiccup.

    --
    WTB [sig], PST!!!
  13. Oblig by Voyager529 · · Score: 4, Funny

    *sigh* I thought it was the most well known classic blunder not to start a LAN war in Asia!

    *DUCKS*