Comcast Warns Customers Suspected of Bot Infection
eldavojohn writes "Comcast is pushing a new program nationwide that warns customers if they might have a bot infection. It puts a semitransparent overlay on the top of the website you're viewing, warning you that you may have a bot installed if the provider detects botnet traffic from your residence. Of course, if you have multiple machines running behind a router or modem then you're going to have a difficult time pinning down which machine might have the infection."
The method they chose for notification is to man-in-the-middle my connections? Are they injecting Javascript into sites I visit? Does this mess with protocols other than HTTP? Why can't they just send an email to the account holder, or call them with a recorded message? Why break your service in order to fix it?
Now if every other ISP would do something similar. Maybe block access until a user reads a notice or something.
That said, Comcast's way of doing this might look to me like the website I was looking at was trying to sell me malware... like one of those "YOU'RE INFECTED! SCAN NOW?" popups.
What happened to the good old days of ISPs where if your computer was being a menace the ISP phoned you, and if you still didn't fix it they cut off your internet access until you did?
It worked. and it worked well.
What about a phone call? My ISP does this. Granted, it only has about 1.5 million customers. The way it goes is first, a phone call, if they are unable to talk to the person, they disable the modem until they call back. They only do this for large botnets, unless they receive a complaint about an IP.
But it *IS* effective.
Overlays and emails will only teach people to click on fake antivirus warnings, like you said...
I've got better things to do tonight than die.
Who wants to bet that torrent trackers and users of uTorrent will end up with these "overlays"?
You are welcome on my lawn.
I'm kind of torn on botnets. The only sites that get taken down by botnets that I have read about lately are sites of organizations I wish didn't exist anyway.
When ACTA inevitably becomes the law of the land, DDoS will be one of the few weapons we plebes will have left against corporatism.