Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Wants To Use Victims To Hunt Computer Criminals

Posted by ScuttleMonkey on from the cyber-vigilante-network dept.

Hugh Pickens writes "Business Week reports that security experts plan to recruit victims and other computer users to help them go on the offensive and hunt down hackers. '"It's time to stop building burglar alarms to keep people out and go after the bad guys," says Rowan Trollope, senior vice-president for consumer products at Symantec, the largest maker of antivirus software. Symantec will ask customers to opt in to a program that will collect data about attempted computer intrusions and then forward the information to authorities. Symantec will also begin posting the FBI's top 10 hackers and their schemes on its Web site, where customers go for software updates and next year the company will begin offering cash bounties for information leading to an arrest. The strategy has its risks as hackers who find novices on their trail may trash their computers or steal their identities as punishment. Citizen hunters could also become cybervigilantes and harm bystanders as they pursue criminals but Symantec is betting customers won't mind being disrupted if they can help snare the bad guys. "I'm convinced we can clean up the Internet in 10 years if we can peel away the dirt and show people the threats they're facing," says Trollope.'"

1 of 139 comments (clear)

  1. Re:Huh? Clean up the Internet? by wagnerrp · · Score: 4, Interesting

    Right now, it is not illegal, wrong, immoral or forbidden to have a computer owned by a botnet. This means that if my computer at home is infected nothing will stop it from doing whatever its little botnet commander wants it to do. And my ISP will not do anything to prevent or deter this computer from stepping on the rights of others in any way possible.

    Maybe 7 years ago, my sister's computer got caught into a botnet. Someone had loaded mIRC and a bot, and her computer was off trying sequentially to find more machines to infect. We got dropped offline, and our modem was blocked from reconnecting.

    That evening, I called the ISP tech support, explained what was going on, and explained why we were disconnected. He turned our connection back on, and a couple seconds later, the scans started up again. He then proceeded to walk me though telneting into the modem, watching the NAT states to see which internal IP was causing the behavior, and then tracing that back to the machine that was infected so I could clean it.