Slashdot Mirror
Australian ISPs To Disconnect Botnet "Zombies"
jibjibjib writes "Some of Australia's largest ISPs are preparing an industry code of conduct to identify and respond to users with botnet-infected computers. The Internet Industry Association, made up of over 200 ISPs and technology companies, is preparing the code in response to an ultimatum from the federal government.
ISPs will try to contact the user, slow down their connection, and ultimately terminate the connection if the user refuses to fix the problem. It is hoped that this will reduce the growth of botnets in Australia, which had the world's third-highest rate of new 'zombies' (behind the US and China)."
Not quite an accurate solution, but statistically close enough...
Will be the next "botnet" they'll fix.
I'd rather not have my ISP decide what is a "virus" or "inappropriate communications" thank you. If the users are consuming too much bandwidth then disconnect them on those grounds, but please don't set this precedent.
Because then no one would live in Australia.
What would happen if those ISPs notice increased profit and customer satisfaction (overall) when they are paying less for resources used up by bots? (Assuming they don't have problems with false-positives or find far too many customers being cut off, etc.)
having a computer beneath the notice of hackers is a great idea. that's why I only post on slashdot using my web-tv console.
What's up with this box everyone has to think inside of or outside of? Why does there have to be a box?
Its not like everyone knows how to (and in some cases cannot afford to hire someone to) remove botnets from their machine. I hope the ISPs will provide this kind of support as part of standard service before they consider disconnecting users...
if the user refuses to fix the problem
The users who are likely to be infected by a bot are the least likely to be able to "fix the problem".
âoeAny society that would give up a little liberty to gain a little security will deserve neither and lose both.
As much as I'd love to have these machines disconnected, I don't think ISPs should be looking at the content of any connection. from my perspective it's about the same as the phone company disconnecting me for spreading untrue rumours.
Quit trying to speak for the whole rest of the world. You are not qualifyied.
Oddly enough that's close enough to a decent solution to work.
How about we START with that, and work our way back to allowing pre-vetted workstations back onto the interwebs. I like the idea of running a simple system checking script though a web browser based internet portal the same way you must login to a hotspot to gain access to the internet.
Make that kind of access a precondition for users who were deemed to be hosting malware/bots and go from there. Once confirmed as clean the portal requirement disappears. The portal software will have to be hosted by a non-profit with government oversight for obvious reasons.
Of course I'm OK if that software isn't particularly Mac compatible ;)
Comment removed based on user account deletion
This is a perfect opportunity to get that pesky free speech done away with. Just declare every kind of government-critical information a "misuse of computers", and you can institute a quarantine on any "zombie" computer being used to distribute malicious "anti-government spam". It's such an awesome plan that I feel the urge to cackle.
Microsoft's lobby wont allow this solution.
This SOUNDS like a good idea in theory, but what will end up happening is that Hackers will start to send fake notices to Australian users and will easily be able to trick people into giving personal information (ie account numbers, CC numbers, ect.) by claiming to be from the government and/or ISP. They need to create some sort of control around this, but I only see it causing problems....
They don't need to disconnect bad users. They should just give a discount to users who are running secure operating systems that are more resilient to malware infections than Windows is.
For example, give OpenBSD users a 50% discount, since it's quite unlikely that their system will ever get infected or compromised. The same can probably be done for users using Solaris, NetBSD, FreeBSD and commercial UNIXes.
Linux and Mac OS X are more widely used than the aforementioned systems, so the chance of them getting compromised is greater, although still virtually non-existent. Give such users a 25% discount.
Assume that the latest version of Windows is somewhat immune. Give Windows 7 and Windows Server 2008 users no discount. That is, they pay the base rate.
Assume that older versions of Windows have been compromised. Give them a negative discount. A Windows XP user pays an extra 25%. A Windows 9x user pays 50% more.
Nobody needs to get disconnected this way. Disconnecting people from the Internet over something they're not willingly doing is completely absurd, and in may ways should be considered criminal in the Western world.
Seriously? This needed to be done for all countries 10 years ago.
Assuming you trust them to stop at botnets and not include p2p, vpn, uunet, private mail servers out of the country, list servers, and other legitimate traffic.
Mark me as flamebait if you like, but this was started by the Internet Association, so chances are they probably have a pretty good idea on what they are doing. They would have buy in from their staff to be able to get this one through, their staff are probably sick of having to deal with all the SPAM complaints and everything else from these hosts. They probably have an even better idea on what they are doing to their network than what you do.
Curiosity was framed; ignorance killed the cat. -- Author unknown
Buy a computer and/or a supposedly secure operating system, and then, unless the customer proactively protects against security breaches, they won't be allowed on the internet. Pardon me, but isn't protection against security breaches the OPERATING SYSTEM'S JOB???
neither are you.
Does that mean they will cut off users who simply don't have an AV program, even if they're not infected?
What if I want to keep the botnet feature on my computer and use the Internet?
This is the deal - it is about responsibility, about being a part of a community. Behaving in a way that harms other users, whether it is the road, the internet or anything else for that matter, is frankly wrong. The internet wouldn't be here if it wasn't for other people participating in this network. We therefore have a right to expect, in return for our participation, acceptable behaviour. If you don't like it - go build your own internet.
> Of course I'm OK if that software isn't particularly Mac compatible ;)
So you wouldn't mind being required to switch to Microsoft Windows 7? Because that is what your proposal would lead to.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
everyone talks about their rights, but few speak up about their responsibilities
if people don't live up to their responsibilities, they lose their rights. not as a matter of some government mandate, but as a simple logical, natural consequence of ruining things- the internet, safe roads, a healthy economy, etc., for other people
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
agreed, as long as the definition of "zombies" will only include the actual zombies.
I've been calling for this for years, on Slashdot and other venues. ISPs do monitor suspicious behaviour. I can remember many many years ago when I was much younger and playing around with netbus and scanning the default port 1234 with it for about 20 minutes. The next day we got a call from the ISP asking if everything was okay.
There is no reason that a reasonable profile can't be built to detect standard bot activity and customers notified if this kind of behaviour has been noted coming from their connection. They can either explain it if its justified or end up disconnected if they can't explain it and won't do anything to stop it.
I don't think P2P would end up fitting any standard profile as it seems to be the most common things we hear about bots are spam and denial of service attacks. Neither of which should really look like P2P.
I would hope if it goes well in Australia other countries will pick it up and if some countries turn into havens for bot net operates and refuse to disconnect them perhaps other countries will just shut them off entirely until they agree to play nice with the rest of the internet.
There is no reason ISPs can't have a list of currently blocked users redirected to a page with free AV/recent definitions, and step by step instructions on how to run them all to clean off their machine. Once the user has done so, they can be removed from the list and free to go back out and click on every shiny icon they can find.
Before they are finally disconnected, most average (i.e not /.) surfers will quite possibly use their remaining Internet time trying to figure out why their connection is slowing down, first trying a few simple search queries - which, combined with a short attention span and an uncontrollable desire to click on anything that flashes, will then lead them willingly into a morass of dodgy, bot-laden sites, further infecting themselves, their connection finally grinding to a halt so that they are unable to check that email from their ISP that they neglected to look at a month ago..
--
If at first you don't succeed, cheat.
Because then no one would live in Australia.
If a few people move out, that would be a benefit. Don't they have a growing people vs resources problem over there, hence the relatively strict immigration rules?
(for the emotionally/intellectually deficient out there who need this pointing out: yes, I'm being facetious here)
Botnet - Collection of computers using large amount of bandwidth.
Largest Botnet - BitTorrent
ISP - "Job's a good 'un lads, let's go home."
-- Lattyware (www.lattyware.co.uk)
Nor am I.
ics
At college, the school did exactly this. They shut down every computer that was infected. If you get into a car accident on the highway, you might get your license suspended. So why shouldn't you be responsible for your actions online?
But at college, they also did all the things you mentioned. Also, the local police monitored the connections, because a week into the semester, the police came into my class to arrest a freshman for downloading things of an illegal nature.
I usually hate messing with a protocol, but this sounds like a good use of a DNS redirect. When a user is deemed infected by whatever measure they decide, have the first web-page that the user brings up a re-direct to an ISP warning page with info on how to cure the problem.
I suppose if the user refuses to do anything about it you could cut him off after a month or so.
At the height of the blaster outbreak a few UK ISPs cut off blaster infected PC's and redirected to a 'clean up your PC' page.
"Physics is to math as sex is to masturbation." -R. Feynman
What checks are in place to prevent this being used as an excuse to take down "toublesome" sites?
I mean, computers that are part of the Tor privacy network, or part of freenet, or bittorrent servers, or used by contributors to Wikileaks.
Please help publicise swpat.org - the software patents wiki
Sounds like another case of politicians regulating something they don't understand. Define botnet.
ISPs should be disconnecting zombied machines. The catch is they need a test which catches most zombie machines while not catching any non-zombies, and most ISPs are neither competent enough nor interested enough to do so. If their procedure has systemic problems which disconnects non-zombies, then the cure is worse than the disease.
The major problem is to identify legitimate traffic vs. Botnet Traffic. We know there are filters that also catch the un-intended such as censorship black lists, no-fly lists, banned book lists. And if you look at the spam or the arms races or business, when a restriction is found, the criminal finds a way around it. In the meantime the fellow who's computer was taken over is taxed with the penalty of no connection and the time to fix it. This is a little like making a victim of a crime have to come in day after day and look at mug shots. Where the victim suffers not the criminal. Best of intentions aside, you have to look at where the costs are being placed. True the Bot nets effect businesses, some benefit, the ones who advertise with span and some that don't , their competitors or the general public that gets spam or the loaded email server owners. As for the DOS and other attacks, well thats just wrong.
What we really need is more clever anti crime hackers to ferret out these criminals, that is where the money should be going. Seems like this play is just a confession that they don't have effective ways of traking these things down yet.
I didn't completely RTFA, but.. If this works anything like the same way it does in here, it basically redirects you to a generic page where you can download virus / etc checks and fix your system. You can't simply reach other places (or no connection with other protocols) in that state. The ISP has basically just IP blocked you at that point (other systems under the same connection function like normal). The ISP also re-checks your system every hour or two to see if the issue has been resolved. This is also explained in the page with more detail. If it follows the same formula then I am all for it due to it working flawlessly so far. No false alarms so far in my rather heavy use. Oh yes, and I first ran into this on 2004.
Don't disconnect them. First, only block the ports being abused. If that doesn't work, confine them to a "walled garden" that tells them who to call and fix the problem. Then when the do call, help them fix the problem.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Er, no. He's saying everyone should use linux. If you notice, he also says that disconnecting every Windows machine is a good idea. No Windows, no Macs, that leaves linux/BeOS/BSD/etc.
Canada: The US's more awesome sibling.
It just occured to me that if you can identify those computures that have Bot nets running, you have to be able to identify what that bot net traffic is. Why not just filter that out?
Simple! Fingerprint all users computer OS. block all Windows OS's.
Oh yeah, and my computer keeps playing a wav file that says.....
Brains............Need Brains.........
Damn windows updates!
Do not look at laser with remaining good eye.
I doubt that the police were monitoring your college network -- they lack the skills, access,and motivation to do so. The police have far more important things to occupy their time -- like running speed traps.
It is far more likely that the college admins discovered something nasty going on, which they then reported to police. If what they discovered was nasty enough, that could energize the police to make an arrest.
Against stupidity, the Gods themselves contend in vain. --Friederich Schiller
This bot net crap has to stop, I wish they would do that here. Disconne.....{#`%${%&`+'${`%&NO CARRIER")
Comment removed based on user account deletion
What school is that?
There is a responsibility by any user not to interfere with others. Being infected with a botnet is certainly one for this category. Not responding to warnings of infection is negating this and is abusive of others using the net. Why should users that interfere with others be tolerated?
To simply say that a significant number of the people that have botnets don't know how to remove them, even after warnings is far to simplistic an excuse. The same can be said about their ability to pay to have them removed. Format C:/ is the lowest cost. Having a friend help remove personal data is the next and last 1 hour labour by the local shop to retrieve the personal data is not unreasonable. However this same group most likely don't have any significant personal data they can retrieve even for normal use as they have no idea where it is once they it save. They have never bothered or are incapable to learn the concept of directories or the concept of organizing their work. So they really don't have in a practical sense any personal data to recover. Am I heartless? No actually, just pragmatic.
Why do those botnet infected people have any right to interfere with others wanting to share this net resource? Why is there a large group defending them seem to think there is no personal responsibility involved when going on the net? There is no right to interfere with me or is there? Be it simply by being a pest or anything else. I don't care what you do as long as it does not impact me within reason. We all share the net. We all generally have contracts with our ISP's with a code of conduct. I see no reason why those that don't head warnings to fix their systems shouldn't lose the privilege of access from that equipment.
We qualify people for many things in our society. Most of those things revolve around protecting the rights of others. Just as a license is a privilege and requires a test, there are rules for bicycles, being an obnoxious drunk in public, etc. There is no right to thieve, assault, stalk, or be a public nuisance. A person with a botnet infection is part of interfering with others and they have no right to do that. But there certainly is a responsibility not to do that.
But who is responsible to prevent it? Is it mine? Do I have to incur expense and time trying to keep these people from bothering and interfering with me? The practical aspects with today's technology says that at best it's only a partial solution anyway. So why limit only one approach? There is no rule that requires only one solution to deal with this menace that costs everyone time and money. Money reflected in everything from my time to the rates I pay for access to the net, on up the chain to the carriers.
If I had my way there would be a fixed IP for all home connections. It is practical technically and is not a security problem to have one. Dynamic IP's offer negligible protection if any at all. A fixed IP certainly offers a measure ability for me to solve part of the problem. I see no reason why a system based on complaint or by discovery should not be used to cut these repeat offenders from using their own hardware to connect. They mostly have other options to get on the net if they fail to maintain their own equipment when notified. Where do any of you get off saying they aren't responsible for their own stupidity. So ok, If they have no obligation to others, then using that logic. There is no obligation to give them access or at least to that access from their infected equipment. They may get access from the library computer or other methods. They may still get on, just not using their trainwreck of a computer from home. All is then fair enough.
So what of people that don't know how or can afford to remove the infection. Cry me a river. That's not an excuse to abuse others. They have no friends? Can't afford one hour of tech time? I maybe my brothers keeper but it doesn't mean you can't give then a slap upside the head when they act like a moron. The know it is wrong. So get off the net until they find a solut
This is a great idea and I wish they would soon implement it in America. At this time I'm forced to install anti virus for free so that it can delete critical files. When the user can't sign on I get paid. With this however I could just sit back and wait for users to bring their systems in. I wouldn't have to be proactive at "protecting" their systems. The less users know or understand about the software they are using the better. If they can be forced from going online and have to come with me that's a plus. Great idea! I love you Microsoft, big kiss.
"I guess I'm gonna fade into Bolivian."
Wait - you are supposed to LOG IN to a hotspot? Seriously? Maybe I've been doing it wrong. I usually just spoof a MAC address, and take over an existing connection. Sometimes, I just log into the router, and change the settings more to my liking. There are so MANY imaginative ways to use a hotspot - why log in? Spoofing a MAC address has the advantage of making my terrorist network activities appear to be dozens of different people. Why, just last week I sold a suitcase nuke to an Ethiopian who had fallen on hard times.
I only deduced that he has fallen on hard times, because his certified cashier's check bounced. I'm still waiting to hear back from him.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
I agree with this if:
1) the governments and ISP who request this manufacture anti-virus (free of charge) and update signatures daily. Otherwise is forcing users to give money to AV companies.
1.1) their criteria is based on *detected by all free antivirus* botnets...
1.2) Government provides AV's for all major O.S.
1.2.1) Government sponsored AVs (free for users) have minimal memory footprint [user's shouldn't be forced to have tradeoff of performance]
2) Bandwidth usage is *not* the only criteria
3) Costumers have the right to prove that their high bandwidth usage is not derived from malware and thus void the request and subsequent disconnection.
4) Action is being taken against C&C and not single machines
5) Oblige any vendor who has "scheduled patches" and delay them, ignoring "advisories" to pay for each day malware is spreading. (it has associated costs)
6) All machines from IP ranges belonging to goverment that are part of a botnet or anytime associated with them are blocked
( yup, they'd love to have their entire address block isolated from the world because someone connected a infected laptop to the network)
7) A grant is given to research , detection ... of C&C's ....
(and a lot more probably)
It definitely will make an impact if all countries follow suit with a similar program.
Contacting the owner is the first good step, as for limiting connection speeds, well, I don't get that, especially if I paid for full speed, whether I am using it for spam or not, it is paid for, but let me know that I am spamming millions of emails per day, and I will change my computer install yesterday.
There are a lot of people on this thread wondering how malware infection would be provable. Note that they said "part of a bot net". It's not too hard to tell if someone's computer is sending out floods of information to a specific site, and it's not too hard for an ISP to find out if that particular site is currently reporting that it's under DDoS attack. If there are many other computers sending out nearly identical floods of information to the same host, it's not too hard to spot a candidate.
If all attempts to contact the customer fail, then it may be necessary to cut them off -- if nothing else, to get their attention. If I were trying to upload a massive movie to whatever website, and I couldn't get through, I might be trying to get hold of my ISP or the site in question, not the other way around.
But if I'm on vacation in Key Largo (I wish), and my computer is spewing out tons of information, then something is wrong, and I'd rather my computer get cut off from the internet than have it be part of a DDoS attack.
Another way to determine if a host is part of a bot net is to see if they are connected to IRC for long periods of time, and if they are connected to a channel that is known to be a C&CC for a botnet operator. Symantec and Kaspersky are uncovering these on a daily basis. I imagine a lot of the other AV vendors are, too.
Yeah, sure, we'd like to find the CnC and stomp on it, but that's difficult - the %&^%*&s who run them are sneaky ^*^%s, usually using stolen machines to run it, and increasingly set up the zombies to check multiple places for the CnC. Of course you should look for them, but meanwhile, you can stop the zombies from doing most of the damage by limiting what kinds of connections they can make. Stopping direct SMTP's pretty easy, stopping access to ISP email servers is even easier, and stopping access to unconstrained DNS servers and popular websites (such as Gmail, facebook, etc.) is also pretty easy.
People should start thinking "outside the box" with this sort of problem.
It has been proven by numerous studies that unpatched computers and unqualified home users running cheap homebrew servers are the real culprits with the botnet dilema hence the best solution would be that every computer that connects to the internet should pass a validation check to ensure they have the latest most up to date security patches. In order to do this Microsoft could, for a nominal monthly fee, assist ISPs with setting up Genuine Online Transmission Control High Availability software. Any computer that does not have the latest update on their computer will be blocked.
Each computer that requires GOTCHA authentication will have a small monthly fee collected by GOTCHA ISPs on behalf of Microsoft.
This approach is a three dimensional solution to the problem:
1. This ensures all internet users can feel safe knowing that all other internet users have been passed as a GOTCHA customer.
2. All highly dangerous homebrew server operating systems will be blocked from the internet as only safe Microsoft operating systems will be able to pass the rigorous authentication - it is important to emphasize this will affect all terrorists running their own servers.
3. The flow of internet traffic will be more orderly and kept at a safe speed to discourage illegal downloaders of child pornography.
Anyone that cares about the online safety of their children and loved ones should tell their politicians and friends, there is only one solution - tell them Microsoft Gotcha!
P.S. Mr Balmer, GOTCHA is my IP but for a nominal monthly fee.....
BM3
It's like people who drive around with bad bakes because a rat chewed on the hoses. Obliviously the brake damage is not their fault and they don't know how-to fix them. So they need to hire a professional but anyone hurt by driving the car with bad brakes is the fault of the owner.
I think everyone missed my point. The internet as a whole is being attacked by systems loosely guarded by their owners due to onerous and obtuse support requirements and maintenance routines. The fact that there is even an antivirus industry speaks volumes about where we are now.
Windows PC make up the bulk, if not all of all botnets (please cite for me any unix/linus/macos x desktop botnet that's been discovered that isn't just focused on weak LAMP setups)
In the "developing" world we might see corruption that is culturally endemic, such as when a police oficer takes a bribe for processing a complaint, or a train conductor taking a bribe for helping you get to your destination. Yet we pay a stipend to a windows desktop software industry that by all accounts would almost disappear tomorrow if everyone switched en masses to Unix, Linux, or OS X...even temporarily. We pay off an entire sector that by all rights should be working towards its own demise as soon as possible. That it's not working to it's demise, but growing, tells me that we need to inoculate the internet, not just locally treat the infections. I am speaking of general user desktop security
here, not firewalls and banking systems or high stakes e-commerce or government portals.
That's why I think the solution proposed, while draconian, in ways does make sense. That my comment is modded troll, so that we can cite the one-in-a-million windows users who succeed in locking down their setup without A/V tells us again that there is a problem. For expert users windows is as fine as any other OS. I don't suspect that it makes sense anymore to say to people that they are just idiots because they don't know how to run windows update, but then do NOTHING to stop the problem by letting them back online.
Yes there would be widespread unemployment, but we could get back to work as *use* the internet. if we could lose the 90+ % of email traffic devoted to spam derived from botnets what else could we do with those savings?
I dunno...it's a dumb idea, yes, but all the others ain't working.
Oh god, no. This is a very very bad idea. We do not need to have our PC's "certified" by a Ministry, Department, or any 3rd party for that matter. Yes, they have done that for cars for pollution testing but it makes no sense for computers.
Do you seriously want some twithead bureaucrat telling you what a "safe" PC is and what a "dangerous" PC is?
I want you to choose a number from 1 to 60. This number represents the amount of seconds before Linux (or some other disliked-by-those-in-power application) goes onto the "dangerous" list. This number also represents how many days you have to install a properly maintained OS, such as those produced by Microsoft, onto your PC. Within 10 days, please bring us proof that you have made the correct repairs and we will waive your fine. Oh, but court costs are 200 euro. Thank you, drive through.
I am deadly serious when I say this: This is one of the all-time worst ideas I have ever read on Slashdot.
Who cares? He owns it, its his responsibility to fix it. Pay someone if he cant figure it out and stop clicking on NAKED_PHOTOS.EXE or doesnt understand why he should be doing those Microsoft updates. Should we also coddle drivers with unsafe cars because they arent mechanics?
Its only when there's a financial incentive to keep a machine patched and thinking before clicking that people will begin doing so. Or switching to OSX or Linux. The status quo of not taking responsibility for your own computer isnt sustainable and isnt helping anyone.
Money isn't necessarily a sufficient incentive either. Many people see a monetary loss, and if it's within their spending cash allotment, can ignore the financial drain. Look at the example in freakanomics: The Israeli daycare needed a way to discourage late pick ups. So they implemented a penalty based system: if you're late pay $, if you're more late pay more $. After the new policy went into effect, suddenly MORE people were late picking up their kids. By monetizing the penalty, the day care effectively told people, "it's ok to be late, it's just going to cost you."
I find it unlikely that a tiered cost for internet access would be sufficient to encourage people to maintain their boxes better or discourage them from proverbially leaving them to rust in the rain.
Also, consider the lawsuit MS would launch if such a law were passed.
Why bother implementing a troublesome and unpopular "Three Strikes" law to stop torrents when all you have to do is claim their machine is part of a botnet?
Bavarian Purity Law of Rice Krispie Squares: Rice Krispies, Marshmallows, Butter, Vanilla.
Business websites are being attacked. We do not know if we work tomorrow or stop because some hooligan may decide DDoS us without any apparent reason.
It is not amusing. Businesses lose millions upon millions because of these cyber pranks. Let alone spam which causes years of lost working time.
I am for these and other new measures to fight bot-nets and spam. I would also suggest that the malware bot-nets and spam are recognized by UN ITU (International Communication Union) as a crime against humanity.
The secrete services, the Hague international court of justice, state police and other bodies should be mobilized to fight this new threat to our civilization.
The world is more and more relies on computers and networks. Bot-nets and spam are weapons of mass distraction in this new world. They already cost billions to the economy and are major contributor to the economical crisis.
The governments and the international community are to wake up and do something against this new threat in a concerted global effort.
I'm Brian and so is my wife.
Two-pronged attack: cut off the zombies and back-trace the control connections.
Limiting the connection may get more attention than sending an email. The customer calls the help-desk to ask why he's being slowed and cleanup can start. It assumes you've already been told and ignored the message.
you don't have free speech
because it has been blocked by someone else abusing the priveledge, not living up to their responsibility
thus, my point that not exercising responsibilities means the loss of rights
most trangressions against your rights in this world is not done by any government, but by your fellow citizens
it doesn't "shit on centuries of philosophical though" (pffft) to make this plainly obvious observation
i don't know what exactly that you are missing about this simple obvious truth
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Are they looking for some candidates to shut down? I've got a nice list of IP addresses I gleaned from my Junk folder.
Free for the asking.
CUR ALLOC 20195.....5804M
Agreed.
Though, on the other side of the argument, I've always been amazed that the RIAA has been able to make IP address claims stick, when ISPs can't even vouch that a site is a 'botsite or not.
Well, apparently, you only have to fool the majority of people for a little while.
I'm not too familiar with how the botnets operate, but that may or may not be easy. First of all if a bot is meant to do something like take part in a DDoS attack it may very well be making port 80 requests, so easily filtering that means blocking Web traffic, which is what most people use their Internet connections for. (The bot could also do something like send out Email, similar problem.) As for command and control, I guess that depends. I'm sure a lot of the botnets these days don't just use IRC and actually have some sort of encrypted protocol, but it's hard to tell, especially if they use a range of ports for the traffic. Heck, maybe they even just make and respond to HTTP requests to talk to each other, bringing back the first problem.
Saying "I'll probably get modded down for this" in a post is the best way to get it modded up.
Once it has been identified that an end user has a zombie on their end, send the user a mail and a letter with a simple deadline - something like 72 hours to fix the problem or be disconnected. If the user doesn't fix the issue, disconnect. When the user have fixed the issue, he/she can petition to have the connection re-opened. Simple as that.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
Perhaps because 1) that can involve breaking the law (hacking machines) where as blocking people and making them tidy up doesn't, 2) the CnC nodes are getting more and more distributed, 3) that still leaves the bots on the machines, whether they're controlled or not and 4) chances are the CnC node is outside the ISPs control, where as the 100,000 bots are in their control and affecting resources they care about (like bandwidth and blacklisting of their IP addresses).
that not also carries with it a responsibility
and honestly, if you do not understand that, you understand very little about what it takes to maintain our rights in this world
rights are not magic things that exert some magic force that means they can never be taken away. rights are a social compact that must be maintained and fought for against constant backsliding in all societies and cultures. people, not governments, are constantly trying to violate your rights. you prevent them from doing that by giving them no reason to violate your rights. you give them no reason to violate your rights by acting repsonsibly with those rights
take for example your right to privacy. lets say some people use their right to privacy to hide for example, bombs in their luggage. if enough people do that, everyone else begins to consider the right to privacy something that is a negative, not a positive, and begin to support the violation of the right to privacy, to ensure they have another important right, the right to live
note that i am not talking about government policy, i'm talking about simple poopular attitude. you will never maintain, for example, a right to privacy, if everyone in a society doesn't support that right. and they won't support that right if people use that right to commit transgressions, if they don't live up to their responsibilities to use their rights fairly. the right privacy therefore can only exist in a society of people WHO RECOGNIZE THEIR RESPONSIBILITY NOT TO ABUSE IT. it stops existing when the right is abused. not because of anything the government does, but because the social compact, the common attitude, begins to go AGAINST that right
when you abuse your rights, when you ignore your responsibilities about how to behave them, you lose them. not because of some government mandate, but because of the attitude of everyone else in your society. its simple cause and effect, and its a direct correspondence
know that about your rights, that they are under constant threat and must be constantly maintained with responsible social behavior, or understand nothing about rights in this world: they are very tenuous, and must be maintained against backsliding, forever
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Because then botnet herders will just write botnets for Mac's. This does not address the cause of the problem, it only treats a symptom.
In addition to this, an internet comprised mainly of Mac users will create toxic levels of smug, they are bad enough at ~4% of internet users.
Calling someone a "hater" only means you can not rationally rebut their argument.
Umm...
This is being pushed by ISP's via the Internet Industry Association (IIA). As in no polly is actually pushing this, it's coming from the private ISP industry.
Calling someone a "hater" only means you can not rationally rebut their argument.