×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Symantec Wants To Use Victims To Hunt Computer Criminals

ScuttleMonkey posted more than 4 years ago | from the cyber-vigilante-network dept.

Security 139

Hugh Pickens writes "Business Week reports that security experts plan to recruit victims and other computer users to help them go on the offensive and hunt down hackers. '"It's time to stop building burglar alarms to keep people out and go after the bad guys," says Rowan Trollope, senior vice-president for consumer products at Symantec, the largest maker of antivirus software. Symantec will ask customers to opt in to a program that will collect data about attempted computer intrusions and then forward the information to authorities. Symantec will also begin posting the FBI's top 10 hackers and their schemes on its Web site, where customers go for software updates and next year the company will begin offering cash bounties for information leading to an arrest. The strategy has its risks as hackers who find novices on their trail may trash their computers or steal their identities as punishment. Citizen hunters could also become cybervigilantes and harm bystanders as they pursue criminals but Symantec is betting customers won't mind being disrupted if they can help snare the bad guys. "I'm convinced we can clean up the Internet in 10 years if we can peel away the dirt and show people the threats they're facing," says Trollope.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

139 comments

The World is America? (3, Insightful)

flymolo (28723) | more than 4 years ago | (#29316085)

How many of these scams and hack originate in the US anyway? Will their customers really have information to share?

Re:The World is America? (1)

interval1066 (668936) | more than 4 years ago | (#29316173)

@flymolo: "How many of these scams and hack originate in the US...?"

Probably at least as many as originate in China and Russia.

Re:The World is America? (4, Insightful)

Romancer (19668) | more than 4 years ago | (#29316245)

And the countdown to a DOS via spoofing a report to symantec of malware propogation..... Begins.

Re:The World is America? (1)

cnvandev (1538055) | more than 4 years ago | (#29317067)

Personally, I'm curious to see what happens when the results become...tampered [time.com] ...

Re:The World is America? (0)

Anonymous Coward | more than 4 years ago | (#29318349)

Personally, I'm curious to see what happens when the results become...tampered [time.com] ...

the top ten "hackers" will be the Symantec, the FBI, CIA, Barack Obama, Mcafee, and some others

Re:The World is America? (1)

david_thornley (598059) | more than 4 years ago | (#29317975)

I've had one intrusion so far. I found out the IP address the attack came from, and then got the domain name.

The domain name ended with ".ro". Now what? I'm supposed to go to Romania and hunt somebody down?

Re:The World is America? (1)

flymolo (28723) | more than 4 years ago | (#29318467)

And even if the hacker is in the US, getting law enforcement cooperation to get logs from that hacked box will be nigh impossible.

Hmm, tip line? Vigilante? or just more info? (1)

Anonymous Cowar (1608865) | more than 4 years ago | (#29316119)

Not sure that this is as much fun as the summary makes it out to be. I doubt that grandma will be slushing through routing tables or reading through log files to detect the source, but instead the next version of symantec's products will say "You've been pwned! Please provide ALL information to us, including data stolen, connection attempts, and your underwear sizes." and grandma will click "Send" and symantec will have more information to track down cyber-criminals.

And everyone will live happily ever after, with ponies. The End.

Re:Hmm, tip line? Vigilante? or just more info? (4, Insightful)

davidphogan74 (623610) | more than 4 years ago | (#29316371)

The example in the article is even misleading, since it was a Facebook account that was hacked, who knows if the hackers ever touched the system of the user. He may have just used the same password too many places. I'd assume Facebook isn't using Norton Internet Security, so I'm kind of wondering what cases this will really make a difference in. Most worms/viruses even don't come from the creator's PC, but infected zombies.

vigilante@home (1)

Speare (84249) | more than 4 years ago | (#29317439)

Hey, so this is like those cure-cancer protein folding things, or like the original find-an-alien-civilization SETI project, except where it's recruiting people to become cyber vigilantes with their spare computing cycles. Awesome! I want to get my computer infected just so my employer's favorite documents can be snagged AND my daughter's school project can be shredded AND I can be implicated in a giant DDoS zombienet counter-attack scandal too. Sign me up!

Re:Hmm, tip line? Vigilante? or just more info? (2, Funny)

JJJK (1029630) | more than 4 years ago | (#29316933)

-- The data sent to Symantec will contain following information:
-- Name: Grandma
-- Data stolen: pictures of cats
-- Underwear size: enormous
-- Thank you for your support.

Re:Hmm, tip line? Vigilante? or just more info? (0)

Anonymous Coward | more than 4 years ago | (#29317123)

I think the idea is it automatically sends the info, and the symantec software just tells you that so far it has protected you from over 9,000 hacking attempts.

The thing is, all those definition updates are draining bits from the internet, unless you send stuff back we're going to run out!

such a john wayne (1, Interesting)

nimbius (983462) | more than 4 years ago | (#29316141)

american "smoke em out" perspective. how about we do the following instead of chasing fourteen year olds in former east-block countries the symantec police have no jurisdiction in? 1. educate users
2. create hardened operating systems that may never need antivirus
3. promote open web standards and good coding practices open to scrutiny for flaws exploits and bugs.
4. stop letting marketing drive the internet bus.

Re:such a john wayne (3, Insightful)

Ethanol-fueled (1125189) | more than 4 years ago | (#29316213)

That's true. This is a huge mistake of Symantec's because they are tacitly admitting that people are paying them for nothing. "Give us your money and do the job that you paid us to do in exchange for an even slower computer!" Way to go Symantec!

Re:such a john wayne (0)

Anonymous Coward | more than 4 years ago | (#29316255)

Because then we would be proactive instead of reactive. And they couldn't preach the fire and brimstone of not purchasing their security products.
 
What I'd like to know is these citizens that have just loaded AOL on their machines to get the 600 free hours, on top of their normal high speed connection, are supposed to track down people that don't want to be tracked how exactly?

Re:such a john wayne (0)

Anonymous Coward | more than 4 years ago | (#29316277)

these fourteen year olds quite often become financially independent in their early twenties, all thanks to generous american online shoppers. many also know a lot more about security than symantec "experts" who are basically good at sales. and no, fbi has no power over there.

Re:such a john wayne (4, Insightful)

Runaway1956 (1322357) | more than 4 years ago | (#29316293)

1. Users are mostly idiots. An educated idiot is still an idiot.
2. Despite lame excuses about "market share" that MS uses for their frequently exploited vulnerabilities, there isn't a system that CANNOT be hacked.
3. The best standards and coding practices can probably only hope to reduce exploits by about 80 to 90 percent.
4. Damn good idea. Next time you meet a marketer, shoot him. We don't need his genes in the pool.

Re:such a john wayne (1)

nurb432 (527695) | more than 4 years ago | (#29316593)

2. Despite lame excuses about "market share" that MS uses for their frequently exploited vulnerabilities, there isn't a system that CANNOT be hacked.

Define hacked. My ROM based computer is pretty damned immune to being hacked, in the traditional definition of the word.

Re:such a john wayne (1)

phantomfive (622387) | more than 4 years ago | (#29316735)

You have a ROM based computer? You should submit a slashdot story of it, because it'd be interesting to hear how you got it working.

Unless your talking about an Amiga or something, where viruses spread on floppies. Even if you rebooted from ROM, as soon as you put in the floppy, you have your virus again.

Re:such a john wayne (1)

nurb432 (527695) | more than 4 years ago | (#29317633)

Well, i was actually thinking of my Atari ST ( with applications on cartridge ), but there are thousands of embedded machines that boot from ROM that run anything from DOS to QNX.

You can even buy ix86 style motherboards with linux in ROM.. or just boot off a CDROM or read only flash usb.

And depending on how you manage your PC, having infected floppies wont matter much. ( and what is a floppy? :) )

If 'a minimal OS' isn't your thing, you could run a VM and restore it from snapshot every time you 'reboot' it. In effect it would become read only.

Re:such a john wayne (0)

Anonymous Coward | more than 4 years ago | (#29317781)

On that basis, you can't hack my computer either, since I can just wipe the hard drives and re-install XP and Fedora.

What is the use of having Linux in ROM if that kernel image has one of the new trendy NULL pointer dereference bugs?

Re:such a john wayne (1)

Runaway1956 (1322357) | more than 4 years ago | (#29316745)

Hacked, in the context of TFA, and in the context of my post, would mean "exploited for the purpose of gaining valuable information and/or taking advantage of exploits on other computers".

I think it's fairly safe to say that any machine capable of browsing the internet can be taken advantage of, by one means or another. A ROM based machine may not be capable of hosting a trojan, virus or worm between boots - it is still a potential target for social networking, man in the middle, and other attacks. Boot up a LiveCD, browse to a Rickroll address, and tell us whether your browser can be hijacked. ;^)

Re:such a john wayne (1)

nurb432 (527695) | more than 4 years ago | (#29317553)

My definition is more of a long term thing, which would be negated if i reboot every day, or before i did something 'sensitive'.

Re:such a john wayne (3, Interesting)

Phurd Phlegm (241627) | more than 4 years ago | (#29316959)

Define hacked. My ROM based computer is pretty damned immune to being hacked, in the traditional definition of the word.

A recent paper [ucsd.edu] reports on hacking a voting machine that could only execute out of ROM. Interesting paper. I hadn't read about the technique they used before--it's quite ingenious. Turns out, being ROM-based didn't make it unhackable at all.

Re:such a john wayne (0)

Anonymous Coward | more than 4 years ago | (#29316649)

there isn't a system that CANNOT be hacked.

Hack mah abacus, n00b!

Re:such a john wayne (5, Funny)

cmiller173 (641510) | more than 4 years ago | (#29316797)

there isn't a system that CANNOT be hacked.

Hack mah abacus, n00b!

I kick the table your abacus is on causing the beads to shuffle about randomly.

next.

Re:such a john wayne (1)

tolkienfan (892463) | more than 4 years ago | (#29318391)

1. Mostly agree. 2. There exist systems secure enough that it's too costly to hack into them. 3. Not true. You do get diminishing returns, but you can get arbitrarily close to any desired level of security. 4. Agree. I can see a new sport...

Re:such a john wayne (3, Interesting)

cdrguru (88047) | more than 4 years ago | (#29316431)

1. Impossible. There is no way to both have "computing for everyone" and have educated users. Users are going to be, well, users always.

2. Sorry, not really possible either. If I can convince the user to run a program, grant security authorization to this program and do whatever it takes to take over their computer, the operating system is irrelevent. And yes, we are there today. Windows is plenty secure but it, as Linux does, requires an Administrator. When that is the "user" you no longer have security.

3. The criminals aren't interested in having their code reviewed.

4. I'm glad we have some unrealistic utopian folks here. It is always refreshing to see people that simply do not understand that all human activity since the beginning of time has revolved around "commerce" and "commerce" is, by its nature, marketing.

Dogs are not involved in commerce. Dogs do not experience "marketing". If everyone was more dog-like we wouldn't have problems like this. We would, however, have masters.

Re:such a john wayne (1)

commodore64_love (1445365) | more than 4 years ago | (#29316445)

>>> 1. educate users

That is why you fail. Most people can barely multiple 12 * 12 or write a coherent letter, and you want them to learn the intricacies of an electronic machine? It. Won't. Work. You might as well ask them to fix their own cars, which is impossible since most people can't even change the oil.

nice pipe dream.... Re:such a john wayne (2, Insightful)

damn_registrars (1103043) | more than 4 years ago | (#29316567)

1. educate users

Who is going to "educate" users? What will be taught? Where will it be taught, and to how many people? How do you deal with the differing systems that people would need to be "educated" on (remember there are still people using OSes that are 10+ years old)?

More importantly, who will pay for it?

It is easy to talk about "educating users", almost as easy as it is to blame the current problems on "uneducated users". But there are too many unanswered questions related to the statement.

create hardened operating systems that may never need antivirus

That is a great dream until someone goes to wal-mart and buys some nifty USB gadget from the $10 bin that only works in windows.

promote open web standards and good coding practices open to scrutiny for flaws exploits and bugs

That is a very good idea. Unfortunately getting it to go anywhere is another challenge altogether. If you know a good way to eliminate Flash from the web, I'm all ears...

stop letting marketing drive the internet bus

Good luck with that. Remember that a serious portion of all web sites are looking to make money. Which means they need exposure to bring in customers. While marketing droids seldom know much about web standards, they still have to be invited to the table.

Re:such a john wayne (4, Informative)

hairyfeet (841228) | more than 4 years ago | (#29317473)

Wow, you should have at least put "educate users" lower on the list, so you wouldn't fail right off the bat like that. I have been building, repairing, and selling boxes since the Win3.x days, and educating users=UBERFAIL. Why? Because of what i call "the Velma problem". You see all you have to do with Velma is send her something that says..ohh I don't know...."Happy_Puppy_Pics.scr.exe" and guess what Velma will do? If you said turn off her AV because the email tells her she has to before running her new screensaver/malware, you are right.

I had one customer that brought in a Toshiba laptop that had over 3400! viruses. The final count IIRC was something like 3467. It took nearly two hours under power to get to the desktop, but the boss wanted to see if it "broke the record" of 2700+ he found on one machine. Turned out you could put the word "lesbians" on just about anything and he would click. Lesbian_xxx_passwords.txt.exe, Hot_lesbians.avi.exe, etc. You get the picture.

So you see, education=UBERFAIL. It will always equal fail because the malware writers know about this thing called "social engineering" which will make otherwise normal and sane people do incredibly dumbass things, just by waving the right prize in front of them. For some it is sex, for others greed, for Velma it is cuteness. pretty much the ONLY way to remove the "Velma problem" would be to give them locked down thin clients with no rights to do much of anything, and Joe Average ain't gonna put up with that. Oh, and FLOSS guys PLEASE don't say "Linux Security" would fix it, as I tried that once with one of the porn guys, with either PCLOS or Mepis, can't recall which. He managed to complete bork the machine in less than 3 days. The poor thing wouldn't even boot anymore. How? He decided he didn't like that package manager thingie, so instead googled "Linux software" and ended up in dependency hell from a bucnh of crap he downloaded and installed from Freshmeat. Like the movie said "Stupid is as stupid does". All you can do is try to minimize the damage they can cause and clean up the mess afterwords. Sad but true.

Cleaning the uncleanable? (3, Interesting)

LitelySalted (1348425) | more than 4 years ago | (#29316193)

I think, ultimately, that the internet will never be cleaned up. It is very idealistic to think there are a finite number of hackers and that their methods will not become more and more sophisticated as time goes by.

The kind of "cleaned up" internet that these companies talk about requires STRICT regulation and STRICT monitoring. It is very apparent, from just the audience that posts on Slashdot, that regulation is the exact opposite of what people want.

As far as the approach, the idea of a proactive anti-virus is novel, but I think the idea of recruiting novices to help hunt expert hackers is ludicrous. All it would take is a couple of reprisals from the hackers to permanently deter the said novice from going after a hacker.

Re:Cleaning the uncleanable? (3, Insightful)

phantomfive (622387) | more than 4 years ago | (#29316663)

Don't know what country you live in, but around here, the only reason people tolerate hackers is because they don't really do anything. If crackers start doing reprisals (what are they going to do, reformat the hard drive? Send a hitman?), it's only going to make people angry. Despite what idiocracy fans might think, people aren't like sheep, and if you try abusing them, it only makes them mad and want to punish you back. A couple reprisals aren't going to deter novices any more than a couple arrests are going to deter crackers, or a couple executions are going to deter murderers. If punishment were a real deterrent, then the fight between Israel and Palestine would be over, because Israel has punished Palestine a lot. Instead, you get things like this [wikipedia.org] , where Palestine knows they can never beat Israel, but they are willing to hurt them however they can, even if it means they will be stepped on.

Sorry to bring politics into it, but it's a good example.

Re:Cleaning the uncleanable? (2, Insightful)

LitelySalted (1348425) | more than 4 years ago | (#29317591)

While you are arguing semantics (symantecs, lol) between hackers and crackers, I think you strongly, strongly overestimate the ability of the general populace to rise to this specific occasion.

Technology has developed at such an accelerated rate that there are few, at the least, who really know how things work. I think I've stated this before in another article, but to most people, computers are virtually magic. The level of understanding and specific knowledge required to do so is so in-depth that really, the only people who do so are those in the computer field. While that is a generalization, it also happens to be a fairly accurate one.

On to your politics argument: this is not a life or death scenario where the driving force is necessitated by a resolution. I'm not sure that the internet has reached a specific state of critical mass that requires the general populace to solve this issue. And as such, the majority of people will remain ignorant so long as they can check their email and post their tweets.

As I said, it is a novel idea to be proactive, but the suggested method is akin to trying to catch the wind with your bare hands.

Re:Cleaning the uncleanable? (0)

Anonymous Coward | more than 4 years ago | (#29317577)

This is the argument some make for spam, yet with effective blacklisting and zero content scanning we are able to block almost all of it. This is a strategy google and MS use with malware with their link of phishing links. You dont need to clean up the internet, you just need to block the parts of it you dont want.

I can see another level here where we have a blacklist of infected computers, hacked webpages, scammer IP blocks, and just blocking this shit from the firewall. The firewall could just download a list of bad IPs every few hours. Symantec could easily compile this list with the data they have. So even if the offenders are in Albania, computers in the US will know about them and just silently drop their packets and refuse traffic to them. A lot of ISPs are dropping packets to well known botnet control IPs but they have a very small list of whats bad out there.

Sure, the internet cant be cleaned up but we can stop accepting traffic from malicious hosts. Regardless, symantec should share what info they have.

They've hired a marine? (2, Informative)

Runaway1956 (1322357) | more than 4 years ago | (#29316199)

Marines aren't like cops at all. A marine knows that the best defense is a good offense. Go get 'em, before they come to get you!

Tommorrow's headline (0)

Anonymous Coward | more than 4 years ago | (#29316203)

"Hackers are now targeting Rowan Trollope, senior vice-president for consumer products at Symantec"

False leads? (2, Interesting)

dintlu (1171159) | more than 4 years ago | (#29316205)

How difficult would it be for an enterprising "computer criminal" to leave a trail of breadcrumbs leading to someone else?

IF this is easy to do, Symantec knows it, and this effort amounts to nothing more than a publicity stunt to sell more licenses.

Re:False leads? (1, Funny)

Anonymous Coward | more than 4 years ago | (#29316333)

Anonymous Coward, that bastard! I got his IP, it is 127.1.2.3, lets get him!

Re:False leads? (1)

Anarchduke (1551707) | more than 4 years ago | (#29316425)

Leave a trail?

I think you are overestimating what happens. I hear from people all the time how they "know" the've been hacked because things like some mysterious service host "svchost" is taking over their system in the task manager.

It would be nice not to have a constant deluge of viruses to clean up, but this ain't gonna happen.

The funny thing is, I am running Windows XP on one of my computers and it has no active anti-virus program on it, and I have never been infected with a virus in the three years that computer has been running.

Oh yeah, I don't run Internet explorer.

Re:False leads? (1)

thethibs (882667) | more than 4 years ago | (#29316795)

The funny thing is...

Same here. Every few months I download a few of the latest free AVs and ASWs, run them and then wipe them. In over five years the only thing any of them has found is suspicious cookies.

more of the same (1)

Red Flayer (890720) | more than 4 years ago | (#29316217)

Citizen hunters could also become cybervigilantes and harm bystanders as they pursue criminals but Symantec is betting customers won't mind being disrupted if they can help snare the bad guys.

Hah. You think Joe and Judy are going to be concerned about the big picture when they are trying to order Suzie's birthday party invitations and can't? The big picture is nice and all, but to expect people to act reasonably is, in my experience, a recipe for disappointment.

"I'm convinced we can clean up the Internet in 10 years if we can peel away the dirt and show people the threats they're facing," says Trollope.'"

More of the same. "If we can scare people, we can sell more product, er, I mean, clean up the internet," says security vendor.

They don't want to clean up the internet. They want to continue to make money selling products to people who need them (or are scared).

Private Police (0)

Anonymous Coward | more than 4 years ago | (#29316229)

I'd prefer my police to be run by and for the people, i.e. the government, rather than for profit. That said, the FBI/CIA has been ludicrously incompetent in tackling this problem.

Re:Private Police (1)

cmiller173 (641510) | more than 4 years ago | (#29316895)

I'd prefer my police to be run by and for the people, i.e. the government, rather than for profit. That said, the FBI/CIA has been ludicrously incompetent in tackling this problem.

The blurb said they were going to collect data and forward it to the authorities. I don't get the leap to private police force you seem to be suggesting.

I need a job ... (4, Funny)

neonprimetime (528653) | more than 4 years ago | (#29316315)

... will somebody victimize me so that I can put it on my resume?

Re:I need a job ... (1)

NoYob (1630681) | more than 4 years ago | (#29316459)

... will somebody victimize me so that I can put it on my resume?

Just look for nude pictures of celebrities - that's the only time in the last few years I actually got infected - AVG caught it. Or, visit porn sites and start clicking on links and when the "This site is a reported attack site." big red screen comes up, by pass it and start downloading. You'll get infected.

Re:I need a job ... (0)

Anonymous Coward | more than 4 years ago | (#29316523)

I will! Also, I recommend an acid-free cream-colored resume stock to handsomely set off the smear of bloody santorum that we'll leave there.

I'd like to see it applied for anti-spam as well (2, Interesting)

damn_registrars (1103043) | more than 4 years ago | (#29316393)

While it is pretty meaningless to go after spammers themselves in many cases, we could use a similar approach to cut off spammers where it really matters - at the revenue stream. If we made some strategic purchases from spamvertised sites, we could potentially figure out who is making money in the deal. And when we find them, we will find who is funding the spammers. After all, spam isn't sent out just for fun; it is sent out because someone is paying the spammers to send it out. You can use the merchant information to go after the people who are paying for spamvertising - they are often involved in illegal sales of (pirated software / counterfeit drugs / counterfeit property) anyways. If the funding dries up, the spammers will need to find other work.

And by victims, what do they mean exactly (1)

agnosticnixie (1481609) | more than 4 years ago | (#29316399)

So they're planning to recruit every one of their customers, or just a small subset of the group "victim of Symantec"?

i'll help... (1)

0110011001110101 (881374) | more than 4 years ago | (#29316495)

but only if i can get a trenchcoat, skateboard, really cool nickname and access to a non-baby crazy angelina jolie...

Re:i'll help... (0)

Anonymous Coward | more than 4 years ago | (#29317571)

Sadly you won't even be getting a magnifying glass, fingerprinting kit or even a water pistol.

Clean It Up? (1)

whisper_jeff (680366) | more than 4 years ago | (#29316501)

I'm convinced we can clean up the Internet in 10 years...

Bwahahahahahahahahahahahahahahahahahahahaha!!!

Oh gawd, that's rich. One of the funniest jokes I've read in a long time. Hysterical. Hopefully I'll see this guy at next year's Montreal Comedy Festival. Awesome comedian!

How do people like that get into the position of VP of anything? A bold statement that indicates such a complete and utter lack of possibility... Unreal.

Vigilante Cyberjustice? (1)

idontgno (624372) | more than 4 years ago | (#29316515)

Advocated by a guy name "Trollope"?

<looks at calendar>

It's not April 1st; what's up with that?

Re:Vigilante Cyberjustice? (1)

geekoid (135745) | more than 4 years ago | (#29316821)

I presume they like English Novelists from the Victorian era.

And no, I'm not sure how I know that

Ruler of the Interwebs (1)

tzvibish (1256458) | more than 4 years ago | (#29316549)

10 years? No crime on the Internet? And this is coming from one of the industry leaders in Internet security? Makes me laugh. For one, as long as there are people clicking on ads, clicking on spam, and opening unknown attachments, there will be crime on the web. As long as there is money to be had, someone will try and take it. This strategy is kind of like saying if your house gets broken into, the police will give you a gun if you want. Yes, burglaries may drop, but that doesn't mean crime will go away. And most people don't know what to do with a gun when they get one. Enlisting the common user in the fight against cybercrime is a nice idea, but realistically unfeasible. http://ruleroftheinterwebs.blogspot.com/ [blogspot.com]

Getting closer to the solution... (0)

Anonymous Coward | more than 4 years ago | (#29316551)

...almost there. The next logical step is to go after the company that released the software with all the exploitable security holes in the first place. If they were held accountable for the damages resulting from their poorly designed and more poorly implemented software, this would be a non-issue.

customers won't mind being disrupted? (1)

nurb432 (527695) | more than 4 years ago | (#29316569)

*I* mind, and will sue any responsible party or anyone that is encouraging it.

Huh? Clean up the Internet? (2, Insightful)

cdrguru (88047) | more than 4 years ago | (#29316573)

As long as an ISP values their customer's privacy and rights to step on other people more than they value the integrity of the Internet, we are going to have problems.

Right now, it is not illegal, wrong, immoral or forbidden to have a computer owned by a botnet. This means that if my computer at home is infected nothing will stop it from doing whatever its little botnet commander wants it to do. And my ISP will not do anything to prevent or deter this computer from stepping on the rights of others in any way possible.

Similarly, if your computer is intruded upon and you find an IP address that has been used to vandalize your computer, good luck. The ISP owning that ISP address will certainly not release any information about their customer without your suing the ISP or involving law enforcement. Law enforcement isn't interested until you have lots and lots of financial damages.

All in all, this absolutely assures that "script kiddies" will get away with anything until they do something really big. Similarly, fraudsters and credit card thieves will get away with it until they do something really, really big. So what if you track them down to an IP address? It doesn't help. Nobody cares because it is just the "Internet" and law enforcement is still caught up with the idea that the only people that lose anything are nerds and geeks or people that have been foolish trying to get rich quick - so they deserve whatever they lost.

Re:Huh? Clean up the Internet? (4, Interesting)

wagnerrp (1305589) | more than 4 years ago | (#29317855)

Right now, it is not illegal, wrong, immoral or forbidden to have a computer owned by a botnet. This means that if my computer at home is infected nothing will stop it from doing whatever its little botnet commander wants it to do. And my ISP will not do anything to prevent or deter this computer from stepping on the rights of others in any way possible.

Maybe 7 years ago, my sister's computer got caught into a botnet. Someone had loaded mIRC and a bot, and her computer was off trying sequentially to find more machines to infect. We got dropped offline, and our modem was blocked from reconnecting.

That evening, I called the ISP tech support, explained what was going on, and explained why we were disconnected. He turned our connection back on, and a couple seconds later, the scans started up again. He then proceeded to walk me though telneting into the modem, watching the NAT states to see which internal IP was causing the behavior, and then tracing that back to the machine that was infected so I could clean it.

A virus (1)

TheBilgeRat (1629569) | more than 4 years ago | (#29316583)

is just the interwebs way of asking you to quit surfing porn and clicking random attachments in email. Now, if we could only couple an electric shock every time grandma clicks on a Nigerian Scam email or Billy Frat Gentleman downloads a porn dialer, Pavlov would clean up the internet for us.

Finally! (1)

dword (735428) | more than 4 years ago | (#29316613)

Well, someone finally someone is doing something about it. I can't even remember how many hacked computers I got my hands on and I could clearly see the spam bots / irc bots processes, who controls them, how they are controlled, etc, but nobody would help me bring down the whole network. I've sent countless emails to companies who had their computer hacked, their ISPs and about 90% of them got replies from postmaster@ and the other 10% didn't get any reply. I sent logs and all the information they needed to track down the "mastermind" behind the bots but nothing ever happened.

The strategy has its risks ... (0)

Anonymous Coward | more than 4 years ago | (#29316623)

... and the biggest risk is installing some Symantec crap on your computer.
Even for Windows users, that is cruel and unusual punishment.

Big problem with the logic (1)

ParanoiaBOTS (903635) | more than 4 years ago | (#29316637)

There is a big problem with their logic. If the internet has taught us anything it's that the harder you try to regulate, or get rid of something, the more likely it is to stick around. Just look up the Streisand Effect http://en.wikipedia.org/wiki/Streisand_effect [wikipedia.org]
For every one hacker they take down, 2 will pop up in their place. Why? Because you are giving them exactly what they want. Hackers operate for 2 main reasons 1.) Because it is a challenge, and 2.) For the prestige earned when they pull off a great hack. By focusing on them this way you are simply just making the game more exciting for them.

Depressing. (1)

FlyingBishop (1293238) | more than 4 years ago | (#29316639)

It's really sad that our law enforcement is so incompetent that we're reduced to security contractors attempting enforcement pro bono.

Now, that's not entirely fair, our law enforcement isn't so much incompetent as nonexistent and /or apathetic in this arena. But still, this is ridiculous.

New game in town? (1)

An anonymous Frank (559486) | more than 4 years ago | (#29316665)

So, if I'm reading the summary correctly, there's this program where you can go and hunt down the bad guys, and these bad guys like to do bad things (intrusions?), and there might be bounties on the best/worst ones, and there's even a way to have bragging rights (TOP 10/killmail?), and you can collect a crazy amount of data to get this done...

I'm confused, are we talking about the next Eve-Online expansion, or is this a different MMORPG?

Cross-functional delusions (1)

thethibs (882667) | more than 4 years ago | (#29316689)

The strategy has its risks...

Interesting that the first thing Edwards (Business Week) thinks of are the cliché arguments for gun control.

In Soviet Amerika: (0)

Anonymous Coward | more than 4 years ago | (#29316697)

Symantec use computer criminals to hunt victims,
while these criminals [whitehouse.org] run free.

Yours In Astrakhan,
Kilgore Trout

Right... (0)

Anonymous Coward | more than 4 years ago | (#29316737)

If I was in the antivir business I'd hire a hacker pool to make more malware... smarter... eviler.

But then again getting customers to do your job for you sounds good also... plus it makes you look more authoritative.

*golden star in the margin*

Symantec trying to stop malware? That's a laugh (1)

taustin (171655) | more than 4 years ago | (#29316823)

Aside from what buggy bloatware their crappy AV is, the last time I worked on a new computer with a "trial" verison of Norton, I discovered that I couldn't completely uninstall their crapware even in safe mode. So where do I sign up? I want to report Symantec for distributing malware.

Stop building burglar alarms (1)

izomiac (815208) | more than 4 years ago | (#29316843)

Strange, by "stop building burglar alarms" that would mean that Symantec is leaving the antivirus industry. I find that unlikely, which makes it a very odd thing for the senior vice-president for consumer products to say. I'm hoping he was misquoted, but can't really imagine a context where that statement works. I suppose he could be attempting to simplify for the media, but in that case he clearly doesn't understand his point well enough to correctly simplify it. If someone that high up in management can't say what they mean, or at least say something that makes sense, in a single quoted sentence is there really any hope for that company? Or is it that the general populace simply doesn't parse what people say but instead focuses on how they say it?

Theater (1)

slasho81 (455509) | more than 4 years ago | (#29316845)

Symantec doesn't want to shutdown the criminals who create demand for Symantec's products. This is all PR bull. Why this is on Slashdot's front page is beyond me.

Symantec is just doing this for the Publicity... (1)

TheFatherMind (1605731) | more than 4 years ago | (#29316871)

They want people to think they are helping the law by using their product. The FBI does not care. Nor do the police. I have cought a few hackers red handed. Found their hangout, talked to them even. Notified the Police and the FBI. They did not care. What I was told was simply that they only have time to go after the BIG scammers. The ones that are stealing thousands and thousands of dollars. And the hackers know this. They know that if they keep it spread out and do not take large sums of money the police will literally IGNORE them. It is a sad but true fact. Now, really, I clean computers for a living. And the very first thing I do is take Symantec products off the machines. They conflict with windows and tend to make the computers run at a speed of about 30% of their potential. Their virus stuff acts more like a virus then a shield. And most of the machines with Symantec products are usually infected with something. Any decent tech will tell you this.

This reminded me of previous attack reports I got. (1)

jafo (11982) | more than 4 years ago | (#29316917)

A few years ago over the space of a week I got several phone calls from irate people telling me computers I owned were attacking them. They gave me the IP address it was coming from. Hmm, that's one of our NTP servers... I asked what port they were being attacked on. "Port 123". "Hmm, I see that the only packets flowing out from this IP address to yours are in response from a packet from your network. In other words, one of your systems is requesting the time from us and you are seeing the responses to that."

After the second such report that week, where the guy hung up on me, I decided to pull our servers off the ntp.org lists. The problem then went away.

I do think that we could be more active about making spam and other attacks stop, but that's really the governments job, not the population. The problem is that much of the crap doesn't come from the same country that I'm in... But, if someone implements a way to do this, I hope they are really careful not to make innocent NTP server operators be targeted.

Though, it does remind me of a joke I used to make: I want to invent a social networking site that connects spammers with people in their local area that own baseball bats.

Sean

How does Symantec monetize this? (1, Troll)

macraig (621737) | more than 4 years ago | (#29316969)

This doesn't make any sense... why would Symantec want to catch the bad guys, when the very existence of those bad guys is the bread and butter of the corporation? Biting the wretched hand that feeds it?

There's something else far more sinister going on here. Will Symantec make up the profit lost from having fewer bad guys from whom to "protect" people by milking the people themselves somehow? Of course it might be argued that's been done all along, but....

Nah, it's simpler then that (1)

Azureflare (645778) | more than 4 years ago | (#29317421)

Symantec is just going to use this to make computer users more afraid.

Computer users will think: "Oh man, look at all the evil schemes hackers are thinking of on the web! I'm really scared! But wait, Symantec knows all about what's going on the internet, so they can save us! Let's buy all their products so we don't have to be afraid anymore!"

In the end this looks like nothing more than a marketing ploy. If they were really interested in going after the "bad guys" (is that even possible when so many of them are in foreign countries??) they would be working with the FBI rather than using citizens.

Re:How does Symantec monetize this? (0)

Anonymous Coward | more than 4 years ago | (#29317787)

There's something else far more sinister going on here.

Symantec will be selling information to the black hats, maybe the user data, or maybe just the "here's how we tracked you" data. There's also the optional "Overlook fee" to "forget" to send the data to the feds, for any black-hat groups who try to play hardball.

</sarcasm>

Clean up the Internet? (1)

Ponga (934481) | more than 4 years ago | (#29316983)

"I'm convinced we can clean up the Internet in 10 years..."

Disconnect from the 'Net every computer running Windows operating systems. Hell, we can have this place spic-n-span overnight!

Does becoming a manager destroy brain cells? (1)

bradley13 (1118935) | more than 4 years ago | (#29317043)

Reading about his experience, Rowan Trollope has done real, solid technical work - back in the days when Symantec products (like Norton Utilities) were actually worth having. Given that, it is really hard to understand how he can say something like "clean up the Internet". The Intenet is real life, with easier anonymity. If we can't clean criminals out of ordinary cities, how in the world does he suppose we will clean them out of the Internet?

Daydreaming (1)

BoppreH (1520463) | more than 4 years ago | (#29317183)

"Hackers who find novices on their trail may trash their computers or steal their identities as punishment. Citizen hunters could also become cybervigilantes and harm bystanders as they pursue criminals." "Citizen hunters"? "Novices" on hackers trails? Really? It's a software to gather data about attacks, people. The editor's imagination went way too far.

Re:Daydreaming (1)

Angeliqe (1390757) | more than 4 years ago | (#29317455)

He's thinking of America's most wanted where any citizen can happen to spot a wanted criminal. I don't see the average user being able to do anything of this sort with internet hackers or scammers. You can be better informed about the methods and possibly avoid falling into the trap, but there are already websites for that. Collecting information about attempted hacks or unknown files identified as possible threats has already been done. Comodo asks you every time you run into one if you would like to send it to them for analysis. Symantec just realized how much they suck so they either hired or got some fool to think what they were doing was new and write an article on it.

and i would want to to this why? (0)

Anonymous Coward | more than 4 years ago | (#29317521)

Who wants to run symantec's crap anyway. I am forced to used windows because of work - there is no way in sam hell im gonna diss my computer system worse by putting symantec av crap on it. That is the worst sw out there and it doesn't catch the stuff anyway.

Get something else - there's free av better than this!

So how does this work? (1)

Orion Blastar (457579) | more than 4 years ago | (#29317615)

Why would someone use a possibly infected computer with their real info?

Why not set up a Honeypot system and create a fictional name via free web mail and then sign up for some web sites. When a scam email comes in click on the attached file or link, which will install malware on the system that Symantec can track back to the system that is accessing it. When the scammer/hacker/cracker has the fake info, you'll know that they stole it and the infected system can have a history of IP connection that leads back to them. Don't forget to download from P2P networks and install stuff as well. You'll soon have enough malware infections to start hunting down the perps.

Asking users to do that with their real info is too risky. It is better to volunteer a spare system and use fictional info so your real info won't be stolen. You can recruit people who want to be police officers and they can gain training this way to hunt down the bad guys.

Ok so you use your real info and the scammers steal it but Symantec hunts them down and has them arrested. How much would it cost to clean up your credit record and good name? It seems better if volunteers use fictional info instead of real info, you can work with banks and etc to create fictional accounts for law enforcement use. Then when you see an activity on the account, you know someone stole it, as nobody is supposed to be using it.

I am convinced this gives Symantec media exposure (1)

gweihir (88907) | more than 4 years ago | (#29318073)

And I really see nothing else here. A big mounth, thing said that sound right to those without a deeper understanding of the issue. "Commercial Bullshit", to (mis-)quote Anathem.

Interesting business strategy (1)

webbiedave (1631473) | more than 4 years ago | (#29318125)

"we can clean up the Internet in 10 years"
And rid the need for Symantec. I think I'll sell my stock now.

Nah, it's time to lock the damn house (1)

Jessta (666101) | more than 4 years ago | (#29318147)

"it's time to stop building burglar alarms to keep people out and go after the bad guys"
Nah, it's time to stop building burglar alarms and lock the damn house.
It's computer security, unlike physical security it's actually possible for it to be completely impassable. Just stop letting untrusted people run code on your machine.
You don't need to track these criminal down, you can just completely ignore them.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...