The Biggest Cloud Providers Are Botnets

← Back to Stories (view on slashdot.org)

The Biggest Cloud Providers Are Botnets

Posted by CmdrTaco on Tuesday March 23, 2010 @01:35AM from the resistance-is-futile dept.

Julie188 writes "Google is made up of 500,000 systems, 1 million CPUs and 1,500 gigabits per second (Gbps) of bandwidth, according to cloud service provider Neustar. Amazon comes in second with 160,000 systems, 320,000 CPUs and 400 Gbps of bandwidth, while Rackspace offers 65,000 systems, 130,000 CPUs and 300 Gbps. But these clouds are dwarfed by the likes of the really big cloud services, otherwise known as botnets. Conficker controls 6.4 million computer systems in 230 countries, with more than 18 million CPUs and 28 terabits per second of bandwidth."

29 of 116 comments (clear)

Min score:

Reason:

Sort:

where did they get their numbers from? by beh · 2010-03-23 01:35 · Score: 4, Insightful

And they came up with that number how?
28 terabit/s == 28.000 gigabit/s == 28.000.000 megabit/s
28.000.000 megabit/s / 6.400.000 systems would average out to 4.375 megabit/s AVERAGE bit rate over those 6 1/2 million systems in 230 countries... (oh - and to fully utilize that, it would also require the UPLOAD rate to be in the same ballpark figure; to have more than 4 megabit/s upload speed on average over that many systems in that many countries...?)
18.000.000 cpus in 6.400.000 systems is on AVERAGE 2.812 CPUs per system - so, most of the systems would already have been dual or even quad cores... ...oh - and in order to qualify such numbers, that would have to be the average number of systems online at any given moment; if half of them are switched off (while someone is asleep, away, ...) - the numbers go down.
I would believe, that conficker and similar botnets are huge, but the numbers depend strongly on 'estimates'. Also, if conficker really managed to 'rent out' the computing power, the botnet would likely quickly decrease in size, as more and more people would take their systems to repairs, because they are so slow all of a sudden...)
So, how do they get to those numbers? Apart from, obviously, pulling them out of thin air? ...and apart from the desire, to get the name of the company coming up with the number out on slashdot?
1. Re:where did they get their numbers from? by ZorbaTHut · 2010-03-23 01:53 · Score: 2, Interesting
  
  Also, if conficker really managed to 'rent out' the computing power, the botnet would likely quickly decrease in size, as more and more people would take their systems to repairs, because they are so slow all of a sudden...)
  You'd be surprised how true that isn't. Even Windows is reasonably good at idletime priority processes - unless they intentionally used CPU that the user was trying to use, people would probably never notice.
  A bigger problem is that there are very few useful problems that are practical to calculate on a distributed botnet of that fashion. It's been tried and failed before, more than once - most real-world problems involve large databases of confidential data, which is obviously inappropriate for a network like this on multiple levels.
  
  --
  Breaking Into the Industry - A development log about starting a game studio.
2. Re:where did they get their numbers from? by Gudeldar · 2010-03-23 01:56 · Score: 5, Insightful
  
  I can't even figure out how they got to 230 countries. The UN has 192 members, Wikipedia lists 203 de jure and de facto states.
3. Re:where did they get their numbers from? by Anonymous Coward · 2010-03-23 01:57 · Score: 3, Funny
  
  95% of the world use's periods only American's use commas
  at least we know how to use an apostrophe, retard
4. Re:where did they get their numbers from? by Anonymous Coward · 2010-03-23 02:03 · Score: 5, Funny
  
  Oh my God! The Botnets are creating their own countries!
5. Re:where did they get their numbers from? by bunratty · 2010-03-23 02:07 · Score: 2, Interesting
  
  A bigger problem is that there are very few useful problems that are practical to calculate on a distributed botnet of that fashion. It's been tried and failed before, more than once - most real-world problems involve large databases of confidential data, which is obviously inappropriate for a network like this on multiple levels.
  Probably a bigger problem is that not many useful problems are "embarrassingly parallel". The nodes performing the computations need fast communication between other nodes in most parallel algorithms. The distributed algorithms that can be farmed out to idle computers need no communication with other nodes -- they perform work on the unit they were given and send the results back when they're done.
  
  --
  What a fool believes, he sees, no wise man has the power to reason away.
6. Re:where did they get their numbers from? by dskoll · 2010-03-23 02:12 · Score: 5, Insightful
  
  Probably a bigger problem is that not many useful problems are "embarrassingly parallel".
  Sending spam is. DoSing a victim is. Brute-forcing passwords is.
  It's unfortunate, but a lot of problems of interest to unethical people are indeed embarrassingly parallel. :(
7. Re:where did they get their numbers from? by danny_lehman · 2010-03-23 02:14 · Score: 5, Informative
  
  here you go. you made me curious. http://www.filibustercartoons.com/allcountries.htm
8. Re:where did they get their numbers from? by natehoy · 2010-03-23 03:13 · Score: 2, Funny
  
  Right. Except in most of the world the dot (what we in America use as the decimal point) is actually the thousands separator and the comma (what we use as the thousands separator) is actually the decimal point.
  American: 1,000,000.00
  Most of the rest of the world: 1.000.000,00
  I'm sure we'll switch as soon as we go Metric. ;)
  
  --
  "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
9. Re:where did they get their numbers from? by bigredradio · 2010-03-23 03:28 · Score: 2, Insightful
  
  Yeah, with 230 countries, I am starting to question that 6.4 million computer number as well.
  
  --
  Flexible bare-metal recovery for Linux/UNIX
10. Re:where did they get their numbers from? by JoshuaJ · 2010-03-23 06:37 · Score: 2, Informative
  
  Ha! I think I found where they got at least some of these numbers: confickerworkinggroup.org. To quote the source: "it is with a lot of trepidation that we even show any values for conficker knowing that they will most likely be taken out of context and quoted by many." Oh well. They show conficker traffic hitting their honeypots from about 6.2 million unique IPs in 225 geographic areas (presumably based on ccTLDs, which use a liberal definition of "country") -- interestingly close to the stats quoted.
11. Re:where did they get their numbers from? by spazdor · 2010-03-23 06:43 · Score: 2, Insightful
  
  At least we know how to properly capitalize and terminate sentences while using the correct diversity-sensitive language, Palin-American.
  
  --
  DRM: Terminator crops for your mind!
How long before... by Lord+Lode · 2010-03-23 01:47 · Score: 3, Interesting

How long before these botnets are so big and complex that they become similar in structure to the human brain and start thinking on their own?
1. Re:How long before... by Anonymous Coward · 2010-03-23 01:48 · Score: 4, Funny
  
  Seeing some troll comments here, I wonder whether they (the botnets) already do - and post to slashdot... ;-)
2. Re:How long before... by Anonymous Coward · 2010-03-23 01:55 · Score: 2, Funny
  
  > How long before these botnets are so big and complex that they become similar in structure to the human brain and start thinking on their own?
  Now?
Something where academia should learn from by Pegasus · 2010-03-23 01:48 · Score: 4, Insightful

I'm impressed how while academia is all high on grids, billable cpu time, fault tolerant and robust distributed computing, in place live upgrades, all that is already in natural evolutional development out there in the wild. I'm sure that the botnet uptime numbers they get are much higher that any commercially available cloud, while running on household PCs with household broadband connectivity.
I think it's time to embrace the true nature of wild wild web. Where can I rent this botnet legally?
1. Re:Something where academia should learn from by WillAdams · 2010-03-23 02:00 · Score: 2, Interesting
  
  I believe you want access to systems running xGrid:
  http://www.macresearch.org/openmacgrid
  William
  
  --
  Sphinx of black quartz, judge my vow.
2. Re:Something where academia should learn from by bunratty · 2010-03-23 02:10 · Score: 2, Interesting
  
  Where can I rent this botnet legally?
  BOINC is an academic platform to do exactly what you describe.
  
  --
  What a fool believes, he sees, no wise man has the power to reason away.
3. Re:Something where academia should learn from by theIsovist · 2010-03-23 02:17 · Score: 2, Interesting
  
  Where can I rent this botnet legally?
  you can't because the botnets are created illegally. There are "botnets" created for scientific use, such as folding@home, but these do not spread on their own and are completely opt in (and, more importantly, opt out). Perhaps someone should create an opt in cloud system where users who provide cpu power are given a cut of the profit from the distributed super computer use. Perhaps someone already has, as I'm not an expert on these things. I would doubt that the income from this would offset the increased electrical bills, though.
interesting... by Anonymous Coward · 2010-03-23 01:51 · Score: 3, Interesting

So it's actually Windows which is good at distributed computing...
The BotNet Song! by GPLDAN · 2010-03-23 02:01 · Score: 4, Funny

Rustok was a real piss cock
Who was very rarely stable.

Cutwail, Cutwail was a woozy beggar
Who could dos you under the table.

Bobax aka Kraken could out-consume
Nagle!

And Maazben was a leery swine
Who was just as poorly coded as Bagle!

There's nothing Grum couldn't teach ya
'Bout the razing of the kernel.
Mega-D, itself, was permanently pissed.

Festi-ville, of its own free will,
On half a gig of pipe was particularly ill.

Xarvester, they say, could stick it away--
Half a dozen XP machine every day.

Donbot, Donbot was a bugger for the lot.
Conficker was fond of its spam,

And Gregory King was a drunk on bling.
'I spam, therefore I am.'

Yes, ZeuS, itself, is particularly missed,
A lovely little thinker,
But a bugger when it's pissed!

-- Apologies in advance to the Pythons
There still is a difference by houghi · 2010-03-23 02:06 · Score: 2, Insightful

Google will have availability of those 100% of the day and 100% of processor. The bot while impressive in numbers won't. People turn of their computers. Many for most of the day. And many of the cycles will still be used not for the Botnet, but for playing games and other things people do on their PC.

--
Don't fight for your country, if your country does not fight for you.
Could be put to good use by Arancaytar · 2010-03-23 02:08 · Score: 5, Insightful

The fact is that most Windows users firstly don't care what runs on their computer, and secondly don't use even a non-negligible fraction their computer's power.
Suggestions have been made, by frustrated sysadmins, for a "destructive" counter-virus, a large-scale attack that cripples botnets by destroying infected computers. That's not only morally wrong but also just impractical - the average computer user just buys a new computer, and all the virus does is destroy property to satisfy lust for vengeance. Value is lost.
A more practical idea may be to re-purpose this vast resource of free computing power and put it to better use than churning out advertisements. A botnet worm could instead hook these computers up to a grid computing project like Folding or SETI, or distributed file transfer, cloud storage, providing uncensored communication to authoritarian countries. The worm could at the same time inoculate computers against more damaging viruses and botnets. The user gets free protection instead of the overpriced crud by McAfee & co; the world gets free computing infrastructure, the internet gets less spam. Everybody gains value.
It would be like a very lenient security tax - for letting their computers pose a risk to the network at large, users donate a share of their computing power/bandwidth for the good of society, at no real cost to themselves.
(And yes, the obvious ethical dilemma here is whether it is morally wrong to manipulate a person's property without their knowledge or consent, even to their own benefit. This suggestion takes a strict utilitarian perspective, which doesn't always lead to the best option.)
Does this mean Microsoft has the lead? by miffo.swe · 2010-03-23 02:09 · Score: 3, Interesting

Does the fact that 100% of these machines run Windows XP/Vista/7 mean that Microsoft is the biggest supplier of Cloud OS computing software (if you disregard the small patches from the botnet owners)?

--
HTTP/1.1 400
makes me nostalgic for the good old days by circletimessquare · 2010-03-23 02:10 · Score: 3, Funny

when all we could do was imagine quaint toothless beowulf clusters of something

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Re:Cloud providers? by Glonoinha · 2010-03-23 02:13 · Score: 4, Insightful

Regarding whether it's better to host in the cloud or buy your own environment - I often ask when designing a software solution to process a given business requirement 'Does this need to be repeatable (forever, using different datasets) or is this a one time run?' If they only want the answers to a problem once against a single data set, I can crank out a one-pass solution with about 1/10th the time (and effort, and cost) that it would take me to engineer a long term solution that I can hand over to their business users to use forever using different data sets.
I would take the same stance on something applicable to cloud computing. If you only need the results from a small limited set of runs or you will only run it a very small portion of the time, it makes sense to lease someone else's environment. If you are going to need this solution as part of your day to day business and it runs wide open 24x7 - it's probably more cost effective to procure your own environment.
Need a massive render farm to do a proof of concept showing a four minute preview of Toy Story 4? Cloud computing.
Need a massive render farm to actually generate every CGI frame for every movie Disney or Lucas is going to produce the next four years? Buy your own environment.

--
Glonoinha the MebiByte Slayer
Period confusion by tivoKlr · 2010-03-23 02:15 · Score: 2, Insightful

"18.000.000 cpus ... is on AVERAGE 2.812 CPUs per system

Now judging by the illogic of using periods for expressing these two quantities, one large and one small, you create confusion in the reader, hence the appropriate use of commas to clarify a large number, and a period as a decimal point to elucidate a fraction.

Now, I'm all about the metric system, euro socialized medicine and other progressive concepts, but using the same piece of punctuation to express two completely different numerical concepts, in the same sentence, IS CONFUSING.

--
Ocean is land, covered with water.
Hey You... by trurl7 · 2010-03-23 02:30 · Score: 2, Funny

..get off of my cloud!
Social engineering... The worst culprit... by AgentMagneta · 2010-03-23 03:22 · Score: 2, Interesting

I might be offending some people. But botnets are not made by users who are technically proficent. Sometimes I find it interesting that you find Linux imperviuos to this threat... You would have to defend Linux like any other system... Just because, well most often than not it exploits the user. Not the os. I am a user like no other. I use Windows 7 and many microsoft os:es. And I can never think of any time in my 25 years of using a computer I really caught a virus... Finally after 10:s of years I got a virus scanner, haha. But to this date I have never had any use for it. But I always recommend a virus scanner to my friends. Virus operators just have to influence you personally to have a virus on your computer. Social engineering works much better than any technical exploit :( All you can do is to inform people of the dangers. And still we have people playing street games... :D