Slashdot Mirror

← Back to Stories (view on slashdot.org)

Knocking Infected PCs Off the Internet

Posted by samzenpus on from the and-stay-out dept.

nk497 writes "Malware could block your access to the internet – but in some cases by those on the right side of the security fence, who are deploying tactics such as blocked ports, letters in the mail and PCs quarantined from the net to combat the most damaging threats. The DNS Changer clean up saw some PCs prevented from accessing the web. Should such tactics be used more often to prevent malware from spreading — or is that taking security a step too far?"

7 of 206 comments (clear)

  1. Not just infected PCs... by Howitzer86 · · Score: 5, Insightful

    My local university does this. It's actually a pretty good idea if it's done right. Of course, the other side of the reality is that in addition to knocking infected computers off of the internet, my university also knocks off computers suspected of internet piracy. If you torrent anything on campus, even a legitimate download, you have to go to the Computing Services office to explain yourself and get it back online.

    Our internet service providers are often our media providers. Comcast, AT&T, Time Warner, etc, are all interested in the idea of controlling your access to things like that, and if they're given free range to scan your computer and knock them off the internet - they will certainly look for evidence of torrenting as well.

    1. Re:Not just infected PCs... by girlintraining · · Score: 5, Insightful

      My local university does this. It's actually a pretty good idea if it's done right. Of course, the other side of the reality is that in addition to knocking infected computers off of the internet,

      The problem is that detecting infected computers invariably requires some level of privacy intrusion, and possibly committing numerous felonies to probe the machine. That's why only large organizations do this; because they own all the machines and can dictate that policy. It's entirely another matter when the system isn't owned by you, and that's what's under discussion.

      The internet was designed to allow free and unfettered communication between any and all nodes. On the internet, every IP address was a peer to every other. But then corporations came, and they started walling things off, messing up the protocols, and trying to convert the internet to an asymetrical content distribution network to push their wares. And then the government came in and offered protection to that corruption of the network. Then other countries joined with the same pattern of uptake; And now countries are starting wars or engaging in war-like acts with each other, all to answer the question: Who will control the internet?

      Given that, the question of whether you should be able to attack and offline other nodes on the network, for whatever reason, comes down to whether you believe you should have the same rights on the network as groups, organizations, corporations, and governments. The internet itself doesn't care which side you take -- you're just another peer, and all the ideologies now warring over control of it are heaped on top of it.

      If you're an old school hacker, the answer is obvious. If you're a 20-something, you probably accept intellectual property, and the idea that the internet can be owned (as a collective entity, as membership to, not as individual components).

      As an old-schooler, I will only say this: The Native Americans believed land couldn't be owned. It's a fine ideal. But the other guys had guns, and it didn't matter who was right, only who was left.

      --
      #fuckbeta #iamslashdot #dicemustdie
  2. It should be more than obvious by fustakrakich · · Score: 4, Insightful

    This will be abused. Life is too short to list how and why. Let's just say that people will be knocked off (up?) for expressing something "offensive". Feel free to define that as you wish. The authorities and fanbois will.

    --
    “He’s not deformed, he’s just drunk!”
    1. Re:It should be more than obvious by pla · · Score: 4, Insightful

      This will be abused.

      No kidding, it stuns me that anyone would even consider allowing this as a precedent.

      Two major problems, as I see it:

      First, how do you know my PC doesn't mean to send out thousands of emails an hour? That may come from an infection; I could works as a (semi-legitimate) spammer; or perhaps it just means I run a large listserv. How do you know that I don't mean to port-scan thousands of IPs per hour? That could come from an infection; I could work as a researcher collecting vulnerability statistics; or I might work as a consultant paid to do penetration testing for dozens of companies on an ongoing basis. Opting for a "solution" that would also block legitimate activity counts as a great big "no-no".

      Second, who gets to define "malware"? The major ISPs in the US would love to have even the thinnest possible excuse to outright ban P2P traffic; for an example, look at what happened to NNTP - Once considered a "must-have" ISP service, as soon as Cuomo gave them an out (on the basis of a mere 88 out of 80k groups), they all ditched their USENET servers ASAP. And aside from the opportunity to ban legitimate but undesirable traffic, try explaining to Grandma that the "coupon program" she keeps reinstalling can and will use her machine like a Columbian prostitute. Some people will choose to use spyware, even knowing that fact, for whatever service it provides them; should the ISPs have the right to tell a adult what they can and can't do online?


      All that said, I would still like to see it made legal to hunt down and painfully kill malware authors and spammers. Fix the problem at the source, not the destination.

  3. I think it's taking it a step too far... by Revotron · · Score: 4, Insightful

    ...In other unrelated news, when I had tuberculosis all the restaurants in my area kicked me out when they found me coughing on their salad bars. How dare they stifle my freedoms! Police state!

  4. the question will become. by Truekaiser · · Score: 4, Insightful

    Who defines what is malware if this happens.
    I have no doubt that if the isp in question is also a media company, programs that access the internet and are of their competitor's 'might' occasionally be flagged as malware.
    I can also see that alternative o.s.'s could theoretically be flagged as such.

    But above 'all' how could they determine if malware is installed simply from the isp side and without requiring special programs on their customer's pc's to access their services.

  5. Public infrastructure by LourensV · · Score: 4, Insightful

    We don't let people drive unsafe cars on the roads, or connect non-FCC certified equipment to the telephone network, or fly uninspected airplanes over other people's rooftops, so why should we let infected computers onto the Internet?

    If it's clearly infected, you quarantine it and make sure all that can be accessed from that machine is instructions on how to remove the infection, updates for virus scanners, etc. Basic common sense.