Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Wants To Use Victims To Hunt Computer Criminals

Posted by ScuttleMonkey on from the cyber-vigilante-network dept.

Hugh Pickens writes "Business Week reports that security experts plan to recruit victims and other computer users to help them go on the offensive and hunt down hackers. '"It's time to stop building burglar alarms to keep people out and go after the bad guys," says Rowan Trollope, senior vice-president for consumer products at Symantec, the largest maker of antivirus software. Symantec will ask customers to opt in to a program that will collect data about attempted computer intrusions and then forward the information to authorities. Symantec will also begin posting the FBI's top 10 hackers and their schemes on its Web site, where customers go for software updates and next year the company will begin offering cash bounties for information leading to an arrest. The strategy has its risks as hackers who find novices on their trail may trash their computers or steal their identities as punishment. Citizen hunters could also become cybervigilantes and harm bystanders as they pursue criminals but Symantec is betting customers won't mind being disrupted if they can help snare the bad guys. "I'm convinced we can clean up the Internet in 10 years if we can peel away the dirt and show people the threats they're facing," says Trollope.'"

23 of 139 comments (clear)

  1. The World is America? by flymolo · · Score: 3, Insightful

    How many of these scams and hack originate in the US anyway? Will their customers really have information to share?

    --
    "Sometimes it's hard to tell the dancer from the dance." --Corwin Of Amber in CoC
    1. Re:The World is America? by Romancer · · Score: 4, Insightful

      And the countdown to a DOS via spoofing a report to symantec of malware propogation..... Begins.

      --


      ) Human Kind Vs Human Creation
      ) It'd be interesting to see how many humans would survive to serve us.
    2. Re:The World is America? by canuck57 · · Score: 2, Insightful

      How many of these scams and hack originate in the US anyway? Will their customers really have information to share?

      Lots actually. If I wanted to hack you my first step is to hack someone in a country where their police can't be bothered to look nor cooperate. Next, I launch the attack on the local USA target using the foreign system as a proxy. Some who do this even work for the same company. I have no way of qualifying this, but I am sure it is a major constituent of "foreign" hack jobs.

      More sophisticated hackers might use 2 or more proxies making it a real PITA to chase them. But sloppy ones with savvy security types often get caught. But the savvy hackers, they often never get caught.

      The best advice I can say is that never assume the origin of the hack, it could be anywhere. Often command misspellings, names used and packet latency is a better guide but even they are suspect.

  2. Cleaning the uncleanable? by LitelySalted · · Score: 3, Interesting

    I think, ultimately, that the internet will never be cleaned up. It is very idealistic to think there are a finite number of hackers and that their methods will not become more and more sophisticated as time goes by.

    The kind of "cleaned up" internet that these companies talk about requires STRICT regulation and STRICT monitoring. It is very apparent, from just the audience that posts on Slashdot, that regulation is the exact opposite of what people want.

    As far as the approach, the idea of a proactive anti-virus is novel, but I think the idea of recruiting novices to help hunt expert hackers is ludicrous. All it would take is a couple of reprisals from the hackers to permanently deter the said novice from going after a hacker.

    1. Re:Cleaning the uncleanable? by phantomfive · · Score: 3, Insightful

      Don't know what country you live in, but around here, the only reason people tolerate hackers is because they don't really do anything. If crackers start doing reprisals (what are they going to do, reformat the hard drive? Send a hitman?), it's only going to make people angry. Despite what idiocracy fans might think, people aren't like sheep, and if you try abusing them, it only makes them mad and want to punish you back. A couple reprisals aren't going to deter novices any more than a couple arrests are going to deter crackers, or a couple executions are going to deter murderers. If punishment were a real deterrent, then the fight between Israel and Palestine would be over, because Israel has punished Palestine a lot. Instead, you get things like this, where Palestine knows they can never beat Israel, but they are willing to hurt them however they can, even if it means they will be stepped on.

      Sorry to bring politics into it, but it's a good example.

      --
      Qxe4
    2. Re:Cleaning the uncleanable? by LitelySalted · · Score: 2, Insightful

      While you are arguing semantics (symantecs, lol) between hackers and crackers, I think you strongly, strongly overestimate the ability of the general populace to rise to this specific occasion.

      Technology has developed at such an accelerated rate that there are few, at the least, who really know how things work. I think I've stated this before in another article, but to most people, computers are virtually magic. The level of understanding and specific knowledge required to do so is so in-depth that really, the only people who do so are those in the computer field. While that is a generalization, it also happens to be a fairly accurate one.

      On to your politics argument: this is not a life or death scenario where the driving force is necessitated by a resolution. I'm not sure that the internet has reached a specific state of critical mass that requires the general populace to solve this issue. And as such, the majority of people will remain ignorant so long as they can check their email and post their tweets.

      As I said, it is a novel idea to be proactive, but the suggested method is akin to trying to catch the wind with your bare hands.

  3. They've hired a marine? by Runaway1956 · · Score: 2, Informative

    Marines aren't like cops at all. A marine knows that the best defense is a good offense. Go get 'em, before they come to get you!

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  4. False leads? by dintlu · · Score: 2, Interesting

    How difficult would it be for an enterprising "computer criminal" to leave a trail of breadcrumbs leading to someone else?

    IF this is easy to do, Symantec knows it, and this effort amounts to nothing more than a publicity stunt to sell more licenses.

  5. Re:such a john wayne by Runaway1956 · · Score: 4, Insightful

    1. Users are mostly idiots. An educated idiot is still an idiot.
    2. Despite lame excuses about "market share" that MS uses for their frequently exploited vulnerabilities, there isn't a system that CANNOT be hacked.
    3. The best standards and coding practices can probably only hope to reduce exploits by about 80 to 90 percent.
    4. Damn good idea. Next time you meet a marketer, shoot him. We don't need his genes in the pool.

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  6. I need a job ... by neonprimetime · · Score: 4, Funny

    ... will somebody victimize me so that I can put it on my resume?

  7. Re:Hmm, tip line? Vigilante? or just more info? by davidphogan74 · · Score: 4, Insightful

    The example in the article is even misleading, since it was a Facebook account that was hacked, who knows if the hackers ever touched the system of the user. He may have just used the same password too many places. I'd assume Facebook isn't using Norton Internet Security, so I'm kind of wondering what cases this will really make a difference in. Most worms/viruses even don't come from the creator's PC, but infected zombies.

  8. I'd like to see it applied for anti-spam as well by damn_registrars · · Score: 2, Interesting

    While it is pretty meaningless to go after spammers themselves in many cases, we could use a similar approach to cut off spammers where it really matters - at the revenue stream. If we made some strategic purchases from spamvertised sites, we could potentially figure out who is making money in the deal. And when we find them, we will find who is funding the spammers. After all, spam isn't sent out just for fun; it is sent out because someone is paying the spammers to send it out. You can use the merchant information to go after the people who are paying for spamvertising - they are often involved in illegal sales of (pirated software / counterfeit drugs / counterfeit property) anyways. If the funding dries up, the spammers will need to find other work.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  9. Re:such a john wayne by cdrguru · · Score: 3, Interesting

    1. Impossible. There is no way to both have "computing for everyone" and have educated users. Users are going to be, well, users always.

    2. Sorry, not really possible either. If I can convince the user to run a program, grant security authorization to this program and do whatever it takes to take over their computer, the operating system is irrelevent. And yes, we are there today. Windows is plenty secure but it, as Linux does, requires an Administrator. When that is the "user" you no longer have security.

    3. The criminals aren't interested in having their code reviewed.

    4. I'm glad we have some unrealistic utopian folks here. It is always refreshing to see people that simply do not understand that all human activity since the beginning of time has revolved around "commerce" and "commerce" is, by its nature, marketing.

    Dogs are not involved in commerce. Dogs do not experience "marketing". If everyone was more dog-like we wouldn't have problems like this. We would, however, have masters.

  10. Re:such a john wayne by CannonballHead · · Score: 2, Funny

    There's oil in my car?

  11. nice pipe dream.... Re:such a john wayne by damn_registrars · · Score: 2, Insightful

    1. educate users

    Who is going to "educate" users? What will be taught? Where will it be taught, and to how many people? How do you deal with the differing systems that people would need to be "educated" on (remember there are still people using OSes that are 10+ years old)?

    More importantly, who will pay for it?

    It is easy to talk about "educating users", almost as easy as it is to blame the current problems on "uneducated users". But there are too many unanswered questions related to the statement.

    create hardened operating systems that may never need antivirus

    That is a great dream until someone goes to wal-mart and buys some nifty USB gadget from the $10 bin that only works in windows.

    promote open web standards and good coding practices open to scrutiny for flaws exploits and bugs

    That is a very good idea. Unfortunately getting it to go anywhere is another challenge altogether. If you know a good way to eliminate Flash from the web, I'm all ears...

    stop letting marketing drive the internet bus

    Good luck with that. Remember that a serious portion of all web sites are looking to make money. Which means they need exposure to bring in customers. While marketing droids seldom know much about web standards, they still have to be invited to the table.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  12. Huh? Clean up the Internet? by cdrguru · · Score: 2, Insightful

    As long as an ISP values their customer's privacy and rights to step on other people more than they value the integrity of the Internet, we are going to have problems.

    Right now, it is not illegal, wrong, immoral or forbidden to have a computer owned by a botnet. This means that if my computer at home is infected nothing will stop it from doing whatever its little botnet commander wants it to do. And my ISP will not do anything to prevent or deter this computer from stepping on the rights of others in any way possible.

    Similarly, if your computer is intruded upon and you find an IP address that has been used to vandalize your computer, good luck. The ISP owning that ISP address will certainly not release any information about their customer without your suing the ISP or involving law enforcement. Law enforcement isn't interested until you have lots and lots of financial damages.

    All in all, this absolutely assures that "script kiddies" will get away with anything until they do something really big. Similarly, fraudsters and credit card thieves will get away with it until they do something really, really big. So what if you track them down to an IP address? It doesn't help. Nobody cares because it is just the "Internet" and law enforcement is still caught up with the idea that the only people that lose anything are nerds and geeks or people that have been foolish trying to get rich quick - so they deserve whatever they lost.

  13. Re:such a john wayne by cmiller173 · · Score: 5, Funny

    there isn't a system that CANNOT be hacked.

    Hack mah abacus, n00b!

    I kick the table your abacus is on causing the beads to shuffle about randomly.

    next.

  14. Re:Hmm, tip line? Vigilante? or just more info? by JJJK · · Score: 2, Funny

    -- The data sent to Symantec will contain following information:
    -- Name: Grandma
    -- Data stolen: pictures of cats
    -- Underwear size: enormous
    -- Thank you for your support.

  15. Re:such a john wayne by Phurd+Phlegm · · Score: 3, Interesting

    Define hacked. My ROM based computer is pretty damned immune to being hacked, in the traditional definition of the word.

    A recent paper reports on hacking a voting machine that could only execute out of ROM. Interesting paper. I hadn't read about the technique they used before--it's quite ingenious. Turns out, being ROM-based didn't make it unhackable at all.

  16. I am Vengeance! I am the Night! by Culture20 · · Score: 3, Funny

    I am Byteman!

  17. Re:such a john wayne by hairyfeet · · Score: 4, Informative

    Wow, you should have at least put "educate users" lower on the list, so you wouldn't fail right off the bat like that. I have been building, repairing, and selling boxes since the Win3.x days, and educating users=UBERFAIL. Why? Because of what i call "the Velma problem". You see all you have to do with Velma is send her something that says..ohh I don't know...."Happy_Puppy_Pics.scr.exe" and guess what Velma will do? If you said turn off her AV because the email tells her she has to before running her new screensaver/malware, you are right.

    I had one customer that brought in a Toshiba laptop that had over 3400! viruses. The final count IIRC was something like 3467. It took nearly two hours under power to get to the desktop, but the boss wanted to see if it "broke the record" of 2700+ he found on one machine. Turned out you could put the word "lesbians" on just about anything and he would click. Lesbian_xxx_passwords.txt.exe, Hot_lesbians.avi.exe, etc. You get the picture.

    So you see, education=UBERFAIL. It will always equal fail because the malware writers know about this thing called "social engineering" which will make otherwise normal and sane people do incredibly dumbass things, just by waving the right prize in front of them. For some it is sex, for others greed, for Velma it is cuteness. pretty much the ONLY way to remove the "Velma problem" would be to give them locked down thin clients with no rights to do much of anything, and Joe Average ain't gonna put up with that. Oh, and FLOSS guys PLEASE don't say "Linux Security" would fix it, as I tried that once with one of the porn guys, with either PCLOS or Mepis, can't recall which. He managed to complete bork the machine in less than 3 days. The poor thing wouldn't even boot anymore. How? He decided he didn't like that package manager thingie, so instead googled "Linux software" and ended up in dependency hell from a bucnh of crap he downloaded and installed from Freshmeat. Like the movie said "Stupid is as stupid does". All you can do is try to minimize the damage they can cause and clean up the mess afterwords. Sad but true.

    --
    ACs don't waste your time replying, your posts are never seen by me.
  18. Re:Huh? Clean up the Internet? by wagnerrp · · Score: 4, Interesting

    Right now, it is not illegal, wrong, immoral or forbidden to have a computer owned by a botnet. This means that if my computer at home is infected nothing will stop it from doing whatever its little botnet commander wants it to do. And my ISP will not do anything to prevent or deter this computer from stepping on the rights of others in any way possible.

    Maybe 7 years ago, my sister's computer got caught into a botnet. Someone had loaded mIRC and a bot, and her computer was off trying sequentially to find more machines to infect. We got dropped offline, and our modem was blocked from reconnecting.

    That evening, I called the ISP tech support, explained what was going on, and explained why we were disconnected. He turned our connection back on, and a couple seconds later, the scans started up again. He then proceeded to walk me though telneting into the modem, watching the NAT states to see which internal IP was causing the behavior, and then tracing that back to the machine that was infected so I could clean it.

  19. Re:such a john wayne by david_thornley · · Score: 2, Funny

    Don't worry. If you haven't changed it in long enough, there might not be.

    --
    "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes