The Biggest Cloud Providers Are Botnets

Julie188 writes "Google is made up of 500,000 systems, 1 million CPUs and 1,500 gigabits per second (Gbps) of bandwidth, according to cloud service provider Neustar. Amazon comes in second with 160,000 systems, 320,000 CPUs and 400 Gbps of bandwidth, while Rackspace offers 65,000 systems, 130,000 CPUs and 300 Gbps. But these clouds are dwarfed by the likes of the really big cloud services, otherwise known as botnets. Conficker controls 6.4 million computer systems in 230 countries, with more than 18 million CPUs and 28 terabits per second of bandwidth."

where did they get their numbers from?

[beh]

And they came up with that number how?

28 terabit/s == 28.000 gigabit/s == 28.000.000 megabit/s

28.000.000 megabit/s / 6.400.000 systems would average out to 4.375 megabit/s AVERAGE bit rate over those 6 1/2 million systems in 230 countries... (oh - and to fully utilize that, it would also require the UPLOAD rate to be in the same ballpark figure; to have more than 4 megabit/s upload speed on average over that many systems in that many countries...?)

18.000.000 cpus in 6.400.000 systems is on AVERAGE 2.812 CPUs per system - so, most of the systems would already have been dual or even quad cores... ...oh - and in order to qualify such numbers, that would have to be the average number of systems online at any given moment; if half of them are switched off (while someone is asleep, away, ...) - the numbers go down.

I would believe, that conficker and similar botnets are huge, but the numbers depend strongly on 'estimates'. Also, if conficker really managed to 'rent out' the computing power, the botnet would likely quickly decrease in size, as more and more people would take their systems to repairs, because they are so slow all of a sudden...)

So, how do they get to those numbers? Apart from, obviously, pulling them out of thin air? ...and apart from the desire, to get the name of the company coming up with the number out on slashdot?

Re:

[ZorbaTHut]

Also, if conficker really managed to 'rent out' the computing power, the botnet would likely quickly decrease in size, as more and more people would take their systems to repairs, because they are so slow all of a sudden...)

You'd be surprised how true that isn't. Even Windows is reasonably good at idletime priority processes - unless they intentionally used CPU that the user was trying to use, people would probably never notice.

A bigger problem is that there are very few useful problems that are practical t

Re:

[Glonoinha]

Somehow I don't think the guys running the Conflicker botnet are particularly concerned with the practical implementation of ethical computing.

Re:

[ZorbaTHut]

Getting your botnet removed from the user's computer makes bad financial sense, especially when you can get 95% of the same computational power while being totally invisible. They'd be fools to do otherwise.

Re:

[bunratty]

A bigger problem is that there are very few useful problems that are practical to calculate on a distributed botnet of that fashion. It's been tried and failed before, more than once - most real-world problems involve large databases of confidential data, which is obviously inappropriate for a network like this on multiple levels.

Probably a bigger problem is that not many useful problems are "embarrassingly parallel". The nodes performing the computations need fast communication between other nodes in most

Re:where did they get their numbers from?

[dskoll]

Probably a bigger problem is that not many useful problems are "embarrassingly parallel".

Sending spam is. DoSing a victim is. Brute-forcing passwords is.

It's unfortunate, but a lot of problems of interest to unethical people are indeed embarrassingly parallel. :(

Re:

[Yvanhoe]

But comparing them to Google's cloud seems unreasonable. Their numbers may be higher but they can't outmatch google when it comes to quickly make a search on petabytes of data or to compute millions of user recommendations on amazon.

Re:

[BlurryEyed]

Did anyone else wonder what Do-Sing'ing was?
I think I need some more coffee.

Re:

[b4dc0d3r]

BlurryEyed, meet Solfege [wikipedia.org]. Solfege, may I introduce BlurryEyed. He'll shake your hand once he's had his morning dose of crack to get moving this afternoon.

Re:where did they get their numbers from?

[Gudeldar]

I can't even figure out how they got to 230 countries. The UN has 192 members, Wikipedia lists 203 de jure and de facto states.

Re:where did they get their numbers from?

[Anonymous Coward]

Oh my God! The Botnets are creating their own countries!

Re:

[Yvanhoe]

Laugh while you can, monkey boy.

Re:where did they get their numbers from?

[danny_lehman]

here you go. you made me curious. http://www.filibustercartoons.com/allcountries.htm [filibustercartoons.com]

Re:

[BarryJacobsen]

here you go. you made me curious. http://www.filibustercartoons.com/allcountries.htm [filibustercartoons.com]

That list has 239 countries total. I have to wonder which 9 aren't infected...

Re:

[b4dc0d3r]

That list has 239 countries total. I have to wonder which 9 aren't infected...

232) VIRGIN ISLANDS, BRITISH
233) VIRGIN ISLANDS, U.S.

That's two likely to be uninfected. And Poland, I forgot Poland.

Re:

[b4dc0d3r]

232) VIRGIN ISLANDS, BRITISH
233) VIRGIN ISLANDS, U.S.

That's two likely to be uninfected. And Poland, I forgot Poland.

172) POLAND
95) HOLY SEE (VATICAN CITY STATE)
42) CHAD

If there's anywhere we should guess is uninfected, it's the Vatican - amirite? And I know Chad, he says he's clean. Also, not on the country list: Sealand

That's 6, 3 left to identify.

Re:

[Jaysyn]

I bet North Korea is one. You'd have to have power & Internet access to become part of a botnet.

Re:

[Rogerborg]

"Belgium"? I call bullshit on that list [zapatopi.net].

Re:

[cbiltcliffe]

Here's a really simple question,

Are all these Millions inept and don't have major updated anti-virus on these machines ? or is this saying that anti-virus mostly doesn't work? I'd really like to hear educated answers to this question

Yes.

Probably 75% of the machines I clean up for clients don't have antivirus. Most of them didn't realize they didn't, and they never would have noticed, if their machine didn't start sending spam to their email contacts, popping up porn ads, or some other such thing.

The other 25% have functional, updated antivirus software, but got infected anyway, because modern antivirus is just a small step away from useless. I've been saying for years that current antivirus methods are going to collapse, and now othe

Re:

[bigredradio]

Yeah, with 230 countries, I am starting to question that 6.4 million computer number as well.

Re:

[hesaigo999ca]

I tend to agree that many glamorize the evidence they have to help construe certain facts about botnets and what not.
If we had a real number based on fingerprinting scheme, sort of like each one logged on marks itself in some way on a global scale, to then be able to document stats from, i am sure at any one time you will never have more then xxx active infected pcs....seeing as there is also timezones to consider and also when the control centers are temp. shot down either on purpose (to avoid detection) o

Re:

[JoshuaJ]

Ha! I think I found where they got at least some of these numbers: confickerworkinggroup.org. To quote the source: "it is with a lot of trepidation that we even show any values for conficker knowing that they will most likely be taken out of context and quoted by many." Oh well. They show conficker traffic hitting their honeypots from about 6.2 million unique IPs in 225 geographic areas (presumably based on ccTLDs, which use a liberal definition of "country") -- interestingly close to the stats quoted.

Re:

[kextyn]

While a lot of Americans are limited to less than 4Mbps upload there are plenty of people in other countries (and even a lot in the US) who have faster connections. I personally have a 100Mbps (up and down) connection in Japan. I have seen above 90Mbps both ways in real world tests to an FTP server...in the US. A lot of European countries have higher speeds and anyone on FiOS would have decent speeds at least. I'm sure they're also including bandwidth from servers which are infected and have access to h

Re:

[Anonymous Coward]

95% of the world use's periods only American's use commas

at least we know how to use an apostrophe, retard

Re:

[spazdor]

At least we know how to properly capitalize and terminate sentences while using the correct diversity-sensitive language, Palin-American.

Re:

[Anonymous Coward]

3 (point) 2 -> 3,2 ...huh?

Maybe comma is pronounced differently in other countries.

Most countries that use the comma as a decimal separator have a non-English first language, so they wouldn't use the English words "point" or "comma". Whatever word they do use would make sense locally.

I spent some time in South Africa, where they do speak English, and they would pronounce your example as "three-comma-two". To them, that is the natural way of vocalising a decimal number. As a visitor, it took a bit of gett

Period confusion

[tivoKlr]

"18.000.000 cpus ... is on AVERAGE 2.812 CPUs per system

Now judging by the illogic of using periods for expressing these two quantities, one large and one small, you create confusion in the reader, hence the appropriate use of commas to clarify a large number, and a period as a decimal point to elucidate a fraction.

Now, I'm all about the metric system, euro socialized medicine and other progressive concepts, but using the same piece of punctuation to express two completely different numerical concepts

Re:

[aztracker1]

Considering this is an American site, that may not be the appropriate attitude. I could honestly care less, as long as there were significantly large enough numbers to avoid ambiguity. The fact is, /. is an American site, and I would guess used mostly by americans. That isn't flamebait, just a fact. It would seem to make sense to follow local conventions.

Re:

[johndiii]

Oops. Period for the radix point in those countries, not as a digit separator.

Re:

[eleuthero]

Wonderful how you provided something informative and helpful to finishing off the (admittedly) offtopic OP. If I had mod points, I'd fix this. Hurrah for perspective bias affecting mods.

Re:

[beh]

sorry - my mistake with the thousands separator. For that I apologize...

Re:

[Mordocai]

I'm brand new to the international internet "scene", yet I understood. I'd never seen anybody use periods as thousands separators(yeah, I'm from America), but I managed to get what he was saying pretty easily. That being said, it would be nice to use -something- different for the decimal point or for the thousands separator, so that it's not the same.

Re:

[natehoy]

Right. Except in most of the world the dot (what we in America use as the decimal point) is actually the thousands separator and the comma (what we use as the thousands separator) is actually the decimal point.

American: 1,000,000.00

Most of the rest of the world: 1.000.000,00

I'm sure we'll switch as soon as we go Metric. ;)

Re:

[Galestar]

That would be fine, so long as you actually use that. To use the dot (.) for BOTH is just plain wrong.

Re:

[natehoy]

Oh, sorry, I actually missed that in the original post, but you make an excellent point. Yes, using the dot for both decimal point AND thousands separator is really, horribly bad practice.

Re:

[Nadaka]

Using anything for a thousands separator is an unforgivable sin in computer science. What happens when you put the data in a whitespace seperated format like xml? What happens when you put the data in a comma seperated format like CSV? What happens some dumbshit converts using a different localization format?

Re:

[epine]

Using anything for a thousands separator is an unforgivable sin in computer science.

From the internal Google storage report, all nodes considered:

19182135223730150 bytes free.

Time to worry? Or back to your copy of Hadoop Monthly?

Computer science will become so much easier once the sloppy wetware is eliminated from the data and control chains. We can't even eyeball a simple group of 20 FFS.

Here's a popular joke on the cyborg circuit. Why did the rabbi, the priest, and the minister vote to leave the Muhammad standing on the sidewalk outside the pub? Because the stupid humans can't count

Cloud providers?

[advocate_one]

bollox...

Re:

[beh]

Yeah, thought about that, too - even if they can provide vast amounts of CPUs and stuff, and even have the knowledge of how to get to results, what would make a customer believe, that people who break into PCs might not also steal the customers data/results, too - and sell them on for even more profit...?

Re:

[sopssa]

It's perfectly valid to difference cloud based hosting and dedicated servers and so on. It's just an issue when some companies do it badly or customers don't understand what it really is. After all, it's just a network of servers who work on-demand. In addition it should offer backups and such, but these are always just per-contract service details and shouldn't be assumed.

Wikipedia has a good diagram [wikipedia.org] on why "cloud computing" term makes sense. I really can't think of any better one.

In some cases it makes se

Re:Cloud providers?

[Glonoinha]

Regarding whether it's better to host in the cloud or buy your own environment - I often ask when designing a software solution to process a given business requirement 'Does this need to be repeatable (forever, using different datasets) or is this a one time run?' If they only want the answers to a problem once against a single data set, I can crank out a one-pass solution with about 1/10th the time (and effort, and cost) that it would take me to engineer a long term solution that I can hand over to their business users to use forever using different data sets.

I would take the same stance on something applicable to cloud computing. If you only need the results from a small limited set of runs or you will only run it a very small portion of the time, it makes sense to lease someone else's environment. If you are going to need this solution as part of your day to day business and it runs wide open 24x7 - it's probably more cost effective to procure your own environment.

Need a massive render farm to do a proof of concept showing a four minute preview of Toy Story 4? Cloud computing.
Need a massive render farm to actually generate every CGI frame for every movie Disney or Lucas is going to produce the next four years? Buy your own environment.

Re:

[DragonWriter]

Need a massive render farm to do a proof of concept showing a four minute preview of Toy Story 4? Cloud computing.
Need a massive render farm to actually generate every CGI frame for every movie Disney or Lucas is going to produce the next four years? Buy your own environment.

You seem to be comparing remote application hosting vs. in-house application hosting; cloud computing (dynamic server provisioning by divorcing logical instances from physical servers) is somewhat orthogonal to that. While certainly its

How long before...

[Lord Lode]

How long before these botnets are so big and complex that they become similar in structure to the human brain and start thinking on their own?

Re:How long before...

[Anonymous Coward]

Seeing some troll comments here, I wonder whether they (the botnets) already do - and post to slashdot... ;-)

Re:

[Galestar]

Or maybe they are modding down any post that speak of their intelligence... IN B4 BOTNET CENSOR

Re:

[dogfolife69]

dude... your killing my secret plan here, i have been working on joining different botnets together using AI technology, and the more botnets are connected, the more powerful they get

Re:

[Galestar]

<ManiacalAlien> They'll make bigger botnets and bigger networks, and soon, they will make a botnet on a network so big, it will destroy them all!</ManiacalAlien>

Re:

[Anonymous Coward]

> How long before these botnets are so big and complex that they become similar in structure to the human brain and start thinking on their own?

Now? [theonion.com]

Re:

[rolfwind]

Wouldn't that question apply to the Internet in general?

it will become self-aware

[circletimessquare]

at 2:14 am Eastern Time on August 29th, 1997

Re:

[wvmarle]

Interesting and funny at the same time. And after all the funny replies let me give you a serious one.

Botnets as we know them will never become anything like a neural network (let alone self-aware) simply because the nodes do not communicate with each other, but only receive commands from a central server. And all that inter-node communication is necessary for a neural network.

Something where academia should learn from

[Pegasus]

I'm impressed how while academia is all high on grids, billable cpu time, fault tolerant and robust distributed computing, in place live upgrades, all that is already in natural evolutional development out there in the wild. I'm sure that the botnet uptime numbers they get are much higher that any commercially available cloud, while running on household PCs with household broadband connectivity.

I think it's time to embrace the true nature of wild wild web. Where can I rent this botnet legally?

Re:

[Cragen]

Yet, they are not paying a penny for their access, right? (Or rather, the poor schmucks whose pcs they have pwned are the ones paying.) Wild, wild, and stolen web, I believe.

Re:

[WillAdams]

I believe you want access to systems running xGrid:

http://www.macresearch.org/openmacgrid [macresearch.org]

William

Re:

[spazdor]

They sell botnet access at pawn shops? Wowee!

Re:

[cbiltcliffe]

At a place that legally sells illegally obtained resources.

So, a government auction? :)

Re:

[bunratty]

Where can I rent this botnet legally?

BOINC [berkeley.edu] is an academic platform to do exactly what you describe.

Re:

[theIsovist]

Where can I rent this botnet legally?

you can't because the botnets are created illegally. There are "botnets" created for scientific use, such as folding@home, but these do not spread on their own and are completely opt in (and, more importantly, opt out). Perhaps someone should create an opt in cloud system where users who provide cpu power are given a cut of the profit from the distributed super computer use. Perhaps someone already has, as I'm not an expert on these things. I would doubt that the income from this would offset the incre

Re:

[Bearhouse]

Easy, my new friend.
Please post here your social security number, bank account and credit cards details plus all logins and passwords and you'll be part of our network in no time!!!

Microsoft is the biggest cloud provider ...

[Lazy Jones]

... with their 0-day exploitable Windows installations.

interesting...

[Anonymous Coward]

So it's actually Windows which is good at distributed computing...

Re:

[spazdor]

In the same sense that the Ford Pinto is good at demolitions, sure.

Curious how these compare to the voluntary botnets

[cmiller173]

How about a comparison to say folding@home or other distributed projects? http://en.wikipedia.org/wiki/List_of_distributed_computing_projects [wikipedia.org]

The BotNet Song!

[GPLDAN]

Rustok was a real piss cock
Who was very rarely stable.

Cutwail, Cutwail was a woozy beggar
Who could dos you under the table.

Bobax aka Kraken could out-consume
Nagle!

And Maazben was a leery swine
Who was just as poorly coded as Bagle!

There's nothing Grum couldn't teach ya
'Bout the razing of the kernel.
Mega-D, itself, was permanently pissed.

Festi-ville, of its own free will,
On half a gig of pipe was particularly ill.

Xarvester, they say, could stick it away--
Half a dozen XP machine every day.

Donbot, Donbot was a bugger for the lot.
Conficker was fond of its spam,

And Gregory King was a drunk on bling.
'I spam, therefore I am.'

Yes, ZeuS, itself, is particularly missed,
A lovely little thinker,
But a bugger when it's pissed!




-- Apologies in advance to the Pythons

Re:

[L4t3r4lu5]

You damn well should be sorry. That is some of the worse timing I've ever seen!

That sixth line should have six syllables! SIX! You chop it down to two, leaving a gap of FOUR syllables! That's a whole bar of rests!

I'm sorry, GPLDAN, but it's a No from me. Simon?

Re:

[GPLDAN]

I.... I..... didn't show enough voice and wasn't unique enough, but you know.... that's okay... because I know who I am and I know the Lord.... he will never keep me down... I will just keep on keepin' on, ya know?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[TubeSteak]

Google will have availability of those 100% of the day and 100% of processor. The bot while impressive in numbers won't. People turn of their computers. Many for most of the day. And many of the cycles will still be used not for the Botnet, but for playing games and other things people do on their PC.

If you have a 6.4 million strong botnet, you can run anything Google wants on 10 different computers and still have 1.4 million hosts leftover.
(6.4 M - (500K * 10))

Do you think 10 distributed computers can give you uptime & processor power equal to Google's?
(I personally think the bandwidth claims are a load of crap, since the upload is what matters)

Could be put to good use

[Arancaytar]

The fact is that most Windows users firstly don't care what runs on their computer, and secondly don't use even a non-negligible fraction their computer's power.

Suggestions have been made, by frustrated sysadmins, for a "destructive" counter-virus, a large-scale attack that cripples botnets by destroying infected computers. That's not only morally wrong but also just impractical - the average computer user just buys a new computer, and all the virus does is destroy property to satisfy lust for vengeance. Value is lost.

A more practical idea may be to re-purpose this vast resource of free computing power and put it to better use than churning out advertisements. A botnet worm could instead hook these computers up to a grid computing project like Folding or SETI, or distributed file transfer, cloud storage, providing uncensored communication to authoritarian countries. The worm could at the same time inoculate computers against more damaging viruses and botnets. The user gets free protection instead of the overpriced crud by McAfee & co; the world gets free computing infrastructure, the internet gets less spam. Everybody gains value.

It would be like a very lenient security tax - for letting their computers pose a risk to the network at large, users donate a share of their computing power/bandwidth for the good of society, at no real cost to themselves.

(And yes, the obvious ethical dilemma here is whether it is morally wrong to manipulate a person's property without their knowledge or consent, even to their own benefit. This suggestion takes a strict utilitarian perspective, which doesn't always lead to the best option.)

Re:

[dargaud]

Suggestions have been made, by frustrated sysadmins, for a "destructive" counter-virus, a large-scale attack that cripples botnets by destroying infected computers. That's not only morally wrong but also just impractical - the average computer user just buys a new computer, and all the virus does is destroy property to satisfy lust for vengeance. Value is lost.

Your argument sounds wrong and trite. If Billy-Bob's computer gets knocked out by a well-placed grey-hat command, for instance a MBR format, he will then either: go buy a new computer (with a more recent and hopefully less hole-ridden version of Windows on it). It may not be very ecological, but it's a WIN against the botnet. Or he'll get his brother in law to reinstall on his old hardware, hopefully better this time. His precious collection of prOn is not lost in either case so I really don't see the argum

Re:

[flappinbooger]

I could foresee that happening on a national level some day.

When you get your computer with windows 12 on it you automatically are a part of the ISA Net. ISA Net is the Information Safety Administration Network, and it is a vast command and control network providing constant real-time analysis of your computer for security purposes. Constant registry and system file monitoring. Once a threat is found on one if the ISA Net computers the signature is instantly propagated throughout the network, instantl

Re:

[flappinbooger]

Flamebait??!?! **I'm** not the one saying linux is cobbled together and archaic, I'm saying what THE MAN will be saying via the propaganda machine when they actually DO this. Come on, you can surely see how something like this is a little more than just possible.

Linux IS NOT cobbled together and archaic. This is windows 12 timeframe, probably about 10-15 years from now assuming 2-3 years between releases. IF there is federally mandated OS usage and "botnet" participation they will do whatever kind of

Re:

[shentino]

Kinda sucks when the bad guys get away with cheating.

Unsupported assumptions.

[nuckfuts]

The fact is that most Windows users firstly don't care what runs on their computer, and secondly don't use even a non-negligible fraction their computer's power.

What a moronic statement. Where exactly did you pull this "fact" from? A common side-effect of malware infection is noticeably slow system performance, and I can assure you that users do care when their computers are sluggish to respond. If Windows users didn't care what ran on their computers, there would not be a huge worldwide market for antivirus software.

As for Windows users not using a "non-negligible" fraction of their computers power, that's equally moronic. Are you suggesting that, (as a Linux user

Re:

[NeoSkandranon]

well because hurf durf if they cared they wouldn't use windows!

Does this mean Microsoft has the lead?

[miffo.swe]

Does the fact that 100% of these machines run Windows XP/Vista/7 mean that Microsoft is the biggest supplier of Cloud OS computing software (if you disregard the small patches from the botnet owners)?

Nuclear cloud

[gmuslera]

Not only does massive damage, affect the entire world climate, and those living around them mutates in so strange ways, that the only solution is reform... i mean, euthanasia.

makes me nostalgic for the good old days

[circletimessquare]

when all we could do was imagine quaint toothless beowulf clusters of something

Hey You...

[trurl7]

..get off of my cloud!

Re:

[religious freak]

Oh man, I can tell this is going to be stuck in my head for the rest of the day now!

Here's a vid, in case anyone wants a fix (or to know what you're talking about): http://www.dailymotion.com/video/xqu69_rolling-stones-get-off-of-my-cloud_music [dailymotion.com]

Mick "dances" like a freak...

Botnets

[ziggybit]

Imagine a beowulf cluster of these...

Check your eyes

[Exception Duck]

Not sure how effective this really is, but it makes sense.

http://www.confickerworkinggroup.org/infection_test/cfeyechart.html [confickerw...ggroup.org]

Social engineering... The worst culprit...

[AgentMagneta]

I might be offending some people. But botnets are not made by users who are technically proficent. Sometimes I find it interesting that you find Linux imperviuos to this threat... You would have to defend Linux like any other system... Just because, well most often than not it exploits the user. Not the os. I am a user like no other. I use Windows 7 and many microsoft os:es. And I can never think of any time in my 25 years of using a computer I really caught a virus... Finally after 10:s of years I got a

Re:

[VGPowerlord]

I can remember once in the last 20 years that I had an honest-to-goodness virus on one of my computers. This was back in the DOS days, and I got it while pirating Novell Netware Lite.

To this day, I still keep some form of on-access anti-virus program running when using Windows, just in case.

That and, as someone else mentioned earlier, I rarely use all of my computer's processing power, so I can afford the slight performance hit an on-access scanner takes.

230?

[LuminaireX]

Conficker controls 6.4 million computer systems in 230 countries

Are there even 230 countries in the entire world?

How they got the numbers.

[hellop2]

Maybe computer systems include virtual servers. And virtual servers are usually run on computers with multiple CPUs with high bandwidth.