Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

White House Announces Initiative To Fight Botnets

samzenpus posted more than 2 years ago | from the fighting-the-good-fight dept.

Botnet 89

benfrog writes "ISPs and financial-services companies would share data about computers made into botnets under a pilot program announced today by the Obama administration. From the article: 'The voluntary principles announced today include coordinating across sectors and confronting the problem globally. They were developed by the Industry Botnet Group, comprising trade groups including the Business Software Alliance and TechAmerica.' The White House is also backing a bill proposed by Joe Lieberman that would put the Department of Homeland Security in charge of cybersecurity of vital systems such as power grids and transportation networks."

cancel ×

89 comments

Sorry! There are no comments related to the filter you selected.

So the BSA is leading the charge (5, Insightful)

Voyager529 (1363959) | more than 2 years ago | (#40162221)

Anyone want to start taking bets as to when a copy of uTorrent or Transmission will deem you as a part of the botnet?

Re:So the BSA is leading the charge (0)

Anonymous Coward | more than 2 years ago | (#40162243)

Lots of botnets are using encryption these days, too.

Re:So the BSA is leading the charge (1, Interesting)

MrNaz (730548) | more than 2 years ago | (#40162361)

It's OK. They'll declare war against botnets, and then implement a bunch of laws to combat them, all of which will result in a further slide into tyranny. Eventually we'll have government agents from the to-be established Department of Home Computer Security come into our homes once a week to inspect all of our computing devices. For our own protection, of course.

Re:So the BSA is leading the charge (-1)

Anonymous Coward | more than 2 years ago | (#40162455)

Sounds like just the kind of jobs program a Republican could support!

Re:So the BSA is leading the charge (0, Redundant)

ae1294 (1547521) | more than 2 years ago | (#40162477)

Sounds like just the kind of jobs program a Republican could support!

Who needs all that when I can just install CleanMyPC.com and have a faster computer with more memory and faster Internet speeds.

Re:So the BSA is leading the charge (1)

HyperQuantum (1032422) | more than 2 years ago | (#40164759)

My meme-sniffing dog just got very excited about the parent post...

Re:So the BSA is leading the charge (-1)

ganjadude (952775) | more than 2 years ago | (#40162933)

last I checked it wasnt the republicans who were pushing for more internet restrictions.... but dont let the partisanship get in the way of a good attack

Re:So the BSA is leading the charge (4, Interesting)

BasilBrush (643681) | more than 2 years ago | (#40163225)

You didn't check very well. The SOPA was introduced by a Republican.
http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act [wikipedia.org]

Re:So the BSA is leading the charge (4, Interesting)

ganjadude (952775) | more than 2 years ago | (#40163349)

That it was, however when the republicans as a whole (not the singular who introduced it) bailed on it, the democrats continued to push for it. The obama admin has quite a few officials who were prior RIAA or MPAA members. but as I said, dont let the partisanship ruin things for you.

Re:So the BSA is leading the charge (2)

BasilBrush (643681) | more than 2 years ago | (#40164527)

You're the one with the partisanship. I just gave a fact to contradict your prior assertion that this was a Democrat and not Republican trait. It's bipartisan.

If there's more Democrat weight behind anti-piracy moves, it's probably that Republicans don't tend to be creative people. They're more likely to consume than create.

Re:So the BSA is leading the charge (0)

Anonymous Coward | more than 2 years ago | (#40164989)

I thought all the dirty capitalists creatomg real products were republicans

Re:So the BSA is leading the charge (0)

Anonymous Coward | more than 2 years ago | (#40165507)

Snarky tone defending democrats makes you partisan.

Re:So the BSA is leading the charge (1)

Anonymous Coward | more than 2 years ago | (#40163417)

To be fair, PIPA was introduced by a Democrat.
http://en.wikipedia.org/wiki/PROTECT_IP_Act [wikipedia.org]

Not to detract from the blame due either side, of course.

Re:So the BSA is leading the charge (0)

Anonymous Coward | more than 2 years ago | (#40164775)

It always gives me a warm feeling when both sides of the house can put their differences aside to fight for a common goal.

Re:So the BSA is leading the charge (2, Informative)

Anonymous Coward | more than 2 years ago | (#40163255)

Then you should check again.

http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act

Democratic - yes votes: 42 no votes: 140 did not vote: 8
Republican - yes votes: 206 no votes: 28 did not vote: 7

But you missed the point anyways, the Republicans say they oppose jobs bills because it might help poor people but they will support "backdoor" jobs bills like military, prison and law enforcement spending which tends to put neanderthalic white knuckledraggers to work cracking skulls.

Re:So the BSA is leading the charge (0)

Anonymous Coward | more than 2 years ago | (#40164105)

I'm a neanderthalic white knuckledragger, you insensitive clod!

Re:So the BSA is leading the charge (1)

Anonymous Coward | more than 2 years ago | (#40162539)

But will they touch my crotch while they're here? This is important.

Re:So the BSA is leading the charge (1)

Shavano (2541114) | more than 2 years ago | (#40162967)

It's OK. They'll declare war against botnets, and then implement a bunch of laws to combat them, all of which will result in a further slide into tyranny. Eventually we'll have government agents from the to-be established Department of Home Computer Security come into our homes once a week to inspect all of our computing devices. For our own protection, of course.

Department of Cyber Security. They're working like crazy to resurrect that word.

Re:So the BSA is leading the charge (0)

Anonymous Coward | more than 2 years ago | (#40163125)

It's OK. They'll declare war against botnets, and then implement a bunch of laws to combat them, all of which will result in a further slide into tyranny. Eventually we'll have government agents from the to-be established Department of Home Computer Security come into our homes once a week to inspect all of our computing devices. For our own protection, of course.

Department of Cyber Security. They're working like crazy to resurrect that word.

I heard someone at work say that on the phone a while ago.... Cyber space..... haha

Re:So the BSA is leading the charge (1)

Stan92057 (737634) | more than 2 years ago | (#40170243)

What is your answer to botnets then? We ignore it as if it wasn't there?

Re:So the BSA is leading the charge (-1)

Anonymous Coward | more than 2 years ago | (#40162313)

Anyone want to start taking bets as to when a copy of uTorrent or Transmission will deem you as a part of the botnet?

The blacks. It's their fault.

What was missing from the Million Man March? 3 miles of chain and an auctioneer!

Re:So the BSA is leading the charge (4, Informative)

Jeremiah Cornelius (137) | more than 2 years ago | (#40162359)

Yeah, and they'll stop these with drone attacks. Welcome to the age of corporate Stalinism

The Justice Department's Office of Legal Counsel prepared a lengthy memo justifying that extraordinary step, asserting that while the Fifth Amendment's guarantee of due process applied, it could be satisfied by internal deliberations in the executive branch.

Attorney General Eric Holder then publicly claimed: "'Due process' and 'judicial process' are not one and the same, particularly when it comes to national security. The Constitution guarantees due process, not judicial process."

http://www.salon.com/2012/05/30/how_extremism_is_normalized/singleton/ [salon.com]

Re:So the BSA is leading the charge (0)

Mashiki (184564) | more than 2 years ago | (#40162601)

Hey Holder is the same guy who doesn't have any problems with the New Black Panther Party using voter intimidation at polling places, so...I guess I shouldn't be surprised at a statement like that.

Re:So the BSA is leading the charge (2)

craigminah (1885846) | more than 2 years ago | (#40165499)

You better be careful of you may get accused of racism as that's the standard Democratic come-back.

Re:So the BSA is leading the charge (2)

SlippyToad (240532) | more than 2 years ago | (#40167329)

Hey Holder is the same guy who doesn't have any problems with the New Black Panther Party using voter intimidation at polling places,

Do you have a link where this occurred? Last I recall the NBP numbered apprxoimately four fucking people.

In the meantime, Rick Scott has thrown thousands of minority Florida voters off the rolls because they have a funny-sounding name. And Teabag state after Teabag state is adopting unconstitutional poll taxes (disguised as Voter ID laws).

If you're gonna start bitching about election fraud with an R next to your name, bring a flame suit, bitch. You will have a lot of fucking explaining to do.

Re:So the BSA is leading the charge (1)

Hentes (2461350) | more than 2 years ago | (#40166783)

Don't forget that folding@home is also basically a big botnet.

Re:So the BSA is leading the charge (1)

buchner.johannes (1139593) | more than 2 years ago | (#40168007)

Anyone want to start taking bets as to when a copy of uTorrent or Transmission will deem you as a part of the botnet?

Don't forget that folding@home is also basically a big botnet.

So is Skype. Which shows that peer-to-peer will not be outlawed.

DHS in charge of cybersecurity?? (5, Funny)

Anonymous Coward | more than 2 years ago | (#40162231)

I feel safer already.

Re:DHS in charge of cybersecurity?? (0)

ae1294 (1547521) | more than 2 years ago | (#40162511)

I feel safer already.

Their with the government... Their here to help...
Now why don't you have a seat over there while they tabulate the ravenous fines and prison sentence for having a copy of 'Hackers - The Movie'.

Re:DHS in charge of cybersecurity?? (1)

Anonymous Coward | more than 2 years ago | (#40162575)

If by chance they also offer help with remedial spelling then you may profit from such a program!

Re:DHS in charge of cybersecurity?? (2)

ae1294 (1547521) | more than 2 years ago | (#40162917)

If by chance they also offer help with remedial spelling then you may profit from such a program!

No the government doesn't help with that sort of education.

Re:DHS in charge of cybersecurity?? (1)

smooth wombat (796938) | more than 2 years ago | (#40165831)

You missed a golden opportunity for a comeback:

We are the United States government. We don't do that sort of thing.

Re:DHS in charge of cybersecurity?? (2)

mcohrs (1044844) | more than 2 years ago | (#40163073)

Might as well put Homer Simpson in charge, same result, less expensive

Uh Oh, define "Botnet" (4, Insightful)

SuperKendall (25149) | more than 2 years ago | (#40162237)

I try not to be paranoid, but when I see the BSA and the department of Homeland Security are joining forces, I can't help but have a feeling of dread...

It really makes me wonder just what constitutes a botnet. After all, large numbers of computers contributing to torrent downloads are a form of bonnet also.

If this doesn't make you think the government has too much money and free time, nothing will.

I know where this is going..... (4, Insightful)

Lumpy (12016) | more than 2 years ago | (#40162279)

Bittorrent = Terrorism.

I guarantee the BSA scumbags are already pushing this point.

Re:I know where this is going..... (4, Insightful)

wbr1 (2538558) | more than 2 years ago | (#40162343)

Bittorrent = Terrorism.

I guarantee the BSA scumbags are already pushing this point.

Do not forget Bitorrent == Pro Child Predator

Re:I know where this is going..... (1)

mysidia (191772) | more than 2 years ago | (#40164257)

Bittorrent = Terrorism.

Yeah, and BT uploaders and seeders are vTerrorists or "Virtual" Terrorists, who should be jailed immediately upon identification, for life, without trial, as enemy vCombatants.

I have a solution (-1)

Anonymous Coward | more than 2 years ago | (#40162323)

Buy everybody iPads. Problem solved. I guarantee that will be less expensive than whatever bandaid those jokes in Washington can dream up to to stick on Microsoft's broke shit.

bullshit (2, Insightful)

znrt (2424692) | more than 2 years ago | (#40162349)

if botnets were the issue they'd ban windows and bam! all botnets down.

but botnets aren't the issue. illusion of control is.

Re:bullshit (0)

GodfatherofSoul (174979) | more than 2 years ago | (#40163051)

That's ridiculous analogy. You want to treat cancer by incinerating victims, too? But, since there's a slam on MS, I see you're getting modded up.

Re:bullshit (1)

znrt (2424692) | more than 2 years ago | (#40164271)

You want to treat cancer by incinerating victims, too?

your analogy is wrong. a more accurate one would be "i'd prevent lung cancer by shutting off the tobacco industry"

of course i don't advocate for that either. the only real solution is education. but that's gonna be a hell of an effort and i don't see how the white house, the department of homeland security, the house of representatives, joe lieberman or a bunch of crap selling fluff spraying corporations could be of any help at that, not to mention they could very well be part of the problem!

But, since there's a slam on MS, I see you're getting modded up.

that's a very interesting issue! ms should definitely be liable to some extent for the all those botnets. it's just weird that nobody has already pressed charges for criminal negligence, not even in the suing states of america! :o)

Re:bullshit (0)

Anonymous Coward | more than 2 years ago | (#40165571)

because the manufacturer of a given tool is always responsible for what a customer with free will does after the tool changes possession in the sale.

Re:bullshit (2)

countach74 (2484150) | more than 2 years ago | (#40165947)

the only real solution is education. but that's gonna be a hell of an effort and i don't see how the white house, the department of homeland security, the house of representatives, joe lieberman or a bunch of crap selling fluff spraying corporations could be of any help at that, not to mention they could very well be part of the problem!

No, the answer is not education. I don't care how much education you throw at a head of lettuce, it's still a head of lettuce and it's still about as stupid as the average American. Intelligence is a choice. We don't need to educate the masses; we need to encourage the masses to educate themselves, which is a far more difficult task. Oh, and I'm rather convinced that there's no government program or agency that could possibly accomplish this--in fact, they probably see to it that it maintain status quo.

BRUCE SCHNEIER and EUGENE KASPERSKY announces... (4, Interesting)

gavron (1300111) | more than 2 years ago | (#40162377)

It makes sense for "Homeland Security" to secure power grids, and critical infrastructure.
They know nothing of computer security, botnets, or doing much more than confiscation.
The BSA knows even less.

I would be excited to see a team of REAL security experts (Schneier and Kasperksky)
working together with the folks at http://garwarner.blogspot.com/ [blogspot.com] to eliminate the real threats.
Grandmothers, breastfeeding mothers, little girls with insulin pumps, and people who copy
Windows 98 are _NOT_ the real threat.

Ehud

Re:BRUCE SCHNEIER and EUGENE KASPERSKY announces.. (1)

ganjadude (952775) | more than 2 years ago | (#40162953)

people still copy windows 98?

Re:BRUCE SCHNEIER and EUGENE KASPERSKY announces.. (1)

ganjadude (952775) | more than 2 years ago | (#40162959)

I prefer windows 95 - 00000-00000-00000-00000-00000 gotta love it

should I expect a takedown coming my way now?

How big does my tinfoil hat need to be... (2, Interesting)

Anonymous Coward | more than 2 years ago | (#40162383)

to think that this is a not very subtle attempt to give the government an excuse to build a Great Firewall of America?

Re:How big does my tinfoil hat need to be... (0)

Anonymous Coward | more than 2 years ago | (#40164797)

whoaaa... The Great Firewall of America... can you view that from space or can cyber tourists take a shot at it ?

joe lieberman (0)

Anonymous Coward | more than 2 years ago | (#40162427)

anything by him is suspect, that dude is human scum.

Re:joe lieberman (0)

Anonymous Coward | more than 2 years ago | (#40162519)

What evidence do you have that it's human? From what I've seen, it behaves more like a p-zombie than a human being.

Re:joe lieberman (1)

El Torico (732160) | more than 2 years ago | (#40164125)

I thought he was a meat popsicle.

war on botnets (4, Funny)

fish waffle (179067) | more than 2 years ago | (#40162429)

Great. I'm sure this will be every bit as successful as the war on poverty, war on drugs, war on terrorism. How are those doing anyway?

Re:war on botnets (5, Insightful)

runeghost (2509522) | more than 2 years ago | (#40162453)

They're doing great at giving the government more power, the corporations more money, and the citizenry more oppression.

Re:war on botnets (5, Funny)

troll -1 (956834) | more than 2 years ago | (#40162461)

Next will be the War on Violence.

Re:war on botnets (0)

Anonymous Coward | more than 2 years ago | (#40163015)

Next will be the War on Violence.

Yes. And if we are not winning this war, we are not using enough violence.

Re:war on botnets (1)

Mashiki (184564) | more than 2 years ago | (#40162621)

Well we won the war on poverty. Welcome to North Korea.

Anything Leiberman likes... (2, Informative)

doston (2372830) | more than 2 years ago | (#40162447)

Is total garbage. He's one of the worst people in the world...total scumbag.

Re:Anything Leiberman likes... (1)

craigminah (1885846) | more than 2 years ago | (#40165529)

Maybe so but he's one of the better Democrats out there :)

Re:Anything Leiberman likes... (2)

doston (2372830) | more than 2 years ago | (#40169379)

Maybe so but he's one of the better Democrats out there :)

Anybody still thinking in Republican or Democrat terms is a sucker. One party, two factions. Their rivalry is complete theater.

Botnets exist due to the BSA & propritary soft (5, Interesting)

Anonymous Coward | more than 2 years ago | (#40162567)

It is humorous that the BSA is taking charge of solving a problem that is essentially created by its members (and not able to solve it). The BSA is all about fighting for proprietary software. They ensure third parties (like antivirus companies) can't fix the code which lets botnets propagate and they ensure we don't have an Debian-like/apt-get like solution to software maintenance, distribution, and trust models.

This BSA lead solution is bound to fail.

The only thing I can conceive of working well to reduce or eliminate botnets is to free the software, implement official security standards all software need comply with, and fix the distribution problem. We would need to properly fund free software platforms and ecosystems. The move to free software with carefully scrutinised (think Debian) channels of trust exist and the software is available for third party review. These software repositories should require certain minimum security standards too. For the most part it's already being done as such with Debian although without any such standards (apart from trust in relation to distribution). They need to eliminate all but essential features of applications which execute scripts.

- applications should not generally implement support for unnecessary scripting features, embedded objects, etc

1. Web browsers should not have flash, PDF readers, java applets, GPU accelerated 'gaming' features, or silverlight.
2. PDF software should not support scripting or embedded objects (like flash).
3. Office software should not support macros; there is a business case although that needs restrictions and should not generally be in consumer office applications. Even within the business situation there needs to be restrictions on the businesses users ability to install such macros without technical advise.
4. E-mail clients and similar should not support scripting or even html except for a minimal subset of features.
5. Instant messaging software should also not implement scripting and limit any HTML to a subset of the standard.
6. Applications should not install third party plug-ins to web browsers or similar.

Re:Botnets exist due to the BSA & propritary s (1)

ganjadude (952775) | more than 2 years ago | (#40162971)

so...why dont you make all these pieces of software you believe should be made "your way"? I dont disagree with your wishlist,but dont just complain about it be about it

Re:Botnets exist due to the BSA & propritary s (2)

BlueStrat (756137) | more than 2 years ago | (#40163205)

so...why dont you make all these pieces of software you believe should be made "your way"? I dont disagree with your wishlist,but dont just complain about it be about it

So nobody has a right to criticize anything that they don't personally have the skills to do themselves?

If you're dissatisfied with the airlines, don't bother with criticism, start your own. Train is late? Don't bitch. Start your own railroad. Your doctor commit malpractice or just does a crappy job? Don't whine, go to medical school and treat yourself. Your lawyer falls asleep in court and fails to properly represent you? Don't file a complaint with the Bar, get a law degree and represent yourself.

See how silly and arrogant that attitude is now?

Strat

Re:Botnets exist due to the BSA & propritary s (1)

ganjadude (952775) | more than 2 years ago | (#40163759)

to a point yes, to another point no,

it takes many materials to create an airline or a railroad, it takes a word processor and a compiliar to create a program, the knowledge part is free, and 1000% in your control. and with torrents out there, you can clearly get the tools needed to create such a product to suit your needs

this is /. , of course the best answer is build it yourself!

Re:Botnets exist due to the BSA & propritary s (1)

BlueStrat (756137) | more than 2 years ago | (#40163911)

it takes many materials to create an airline or a railroad, it takes a word processor and a compiliar to create a program, the knowledge part is free, and 1000% in your control. and with torrents out there, you can clearly get the tools needed to create such a product to suit your needs

What a narrow view you have, grandma!

You are aware that there are people who spend all their time doing much more important things than write software, right? Like a nurse that works 60-70-80 hours or more a week taking care of sick/dying people, and then has to come home and take care of a family and doesn't have the time or energy to learn programming and then fix some random application.

That "fix/write it yourself or don't criticize" attitude is fine for somebody that doesn't have an important & essential full-time career already, and lives in their mom's basement with all the time in the world and an endless supply of Mountain Dew & Cheetos that your mom keeps stocked.

It doesn't fly in the real world, however.

You really should get out more. There *are* other things in life, and some of those things are more important than coding, even.

Strat

Re:Botnets exist due to the BSA & propritary s (0)

Anonymous Coward | more than 2 years ago | (#40164197)

option one: whine about software and ... well thats it, hope it gets fixed automagically
option two: either write or help other write/fix the software... job done.

you get to pick either option one OR option two.

Re:Botnets exist due to the BSA & propritary s (1)

BlueStrat (756137) | more than 2 years ago | (#40164783)

option one: whine about software and ... well thats it, hope it gets fixed automagically
option two: either write or help other write/fix the software... job done.

you get to pick either option one OR option two.

OR, how about thinking of the solution in more than black and white, one extreme or the other, terms?

Look, I get it that you write the stuff mostly because you wanted to for your own reasons, and it's wonderful that you've shared it when you didn't have to at all. You're under no obligations, that's understood. But there needs to be some better way to do things that allows the users a more convenient & friendly way for users to find willing programmers and pay for changes/improvements.

How about a web service programmers could join (or not) where users can submit programming tasks and programmers can bid on doing the work? Have a ratings system for both programmers and users/bidders, maybe along similar lines to how Ebay rates it's buyers and sellers.

Not sure if that *exact* solution is workable, but there *has* to be some innovative ideas out there that would work. At least, if people would stop thinking in binary terms.

If someone could hit on the right formula, such a service could become huge. It would also greatly advance the practicality of using open source software. Never mind a whole new way for independent programmers to make money on their terms.

Strat

Re:Botnets exist due to the BSA & propritary s (0)

Anonymous Coward | more than 2 years ago | (#40164725)

Nothing is more important than coding! You're delusional, stop fantasizing about nurses!

Re:Botnets exist due to the BSA & propritary s (0)

Anonymous Coward | more than 2 years ago | (#40165299)

1. Web browsers should not have flash, PDF readers, java applets, GPU accelerated 'gaming' features, or silverlight.
2. PDF software should not support scripting or embedded objects (like flash).
3. Office software should not support macros; there is a business case although that needs restrictions and should not generally be in consumer office applications. Even within the business situation there needs to be restrictions on the businesses users ability to install such macros without technical advise.
4. E-mail clients and similar should not support scripting or even html except for a minimal subset of features.
5. Instant messaging software should also not implement scripting and limit any HTML to a subset of the standard.
6. Applications should not install third party plug-ins to web browsers or similar.

I have a better suggestion:

  • 'Rockstar' Software "Engineers" should have to own up to their mistakes. I suggest public execution for remote access-level flaws.

A new angle? (1)

Dega704 (1454673) | more than 2 years ago | (#40162651)

Just like measures they tried to introduce in the name of stopping child pornography, this seems harmless and well-intentioned at first; but with the BSA and DHS involved I cringe to think how it will be abused.

its not the botnets... (0)

Anonymous Coward | more than 2 years ago | (#40162691)

wake me when the white house announces an initiative to fight robots, but only if they enlist Magnus

The Answer is More Government, Please No! (0)

Anonymous Coward | more than 2 years ago | (#40162753)

Do we really need even more governmental? BSA is right up there as well.

Don't we already have this? (2)

Gary Perkins (1518751) | more than 2 years ago | (#40162791)

If I'm not mistaken, don't we already have at least one or two government agencies involved in information security? Why do we need to have more?

Re:Don't we already have this? (1)

El Torico (732160) | more than 2 years ago | (#40164145)

You can never be too diligent Citizen! Now, where's my new Agency's budget? I have some conferences in Las Vegas to go to.

Do they go on a kill list? (1)

Shavano (2541114) | more than 2 years ago | (#40162957)

Personally approved by the President? Will there be video of the drone strikes?

Of all the things to complain about, this program? (1)

GodfatherofSoul (174979) | more than 2 years ago | (#40163071)

It's cooperative effort to confront a huge, insidious problem on the internet. I'm as paranoid about government control, but this is hardly a blip flashing on my radar. My only problem is that by giving Homeland Security a vital role, it's that much more unlikely that it'll ever go away.

Agreed - for pretty much SAME reasons too (0)

Anonymous Coward | more than 2 years ago | (#40164995)

http://news.slashdot.org/comments.pl?sid=2884651&cid=40164875 [slashdot.org]

* I also agree that perhaps giving "big gov't." MORE "power" MAY NOT be a 'great idea' though...

HOWEVER: Is it "bad" in this case?

E.G.-> The idea of coordinating MANY ISP/BSP's together for collaborative infornation

For

I.E.-> Stalling botnet C&C servers' communications (along with other measures in "crowd-sourced" fashion such as stopping access to KNOWN threats from sites/servers/hosts-domains that are KNOWN to serve up malicious scripting, bogus adbanners, malware, or botnet C&C servers etc./et al)...

I think it's a potentially VERY good thing, personally!

APK

P.S.=> Pretty much the SAME THING has been going on for MANY YEARS for folks like myself that use custom HOSTS files for blocking out those things I noted above for better "layered-security"/"defense-in-depth", & I can see applying such methods for the creation of DNSBL's + firewall rules tables too for even more of the same, albeit this time, between ISP/BSP's... not a bad idea, imo @ least!

... apk The idea of coordinating MANY ISP/BSP's together for collaborative infornation

For

I.E.-

in other news (0)

Anonymous Coward | more than 2 years ago | (#40163359)

as a response people all the world over join anonymous and become botnets :P
fuck you obama

The US Government Uses Botnets (2)

CodeBuster (516420) | more than 2 years ago | (#40163375)

Does it strike anyone else as ironic that on the one hand the United States is rushing to develop what it calls "cyber weapons" (side note: why must everything be prefixed with cyber anyway, especially when it has nothing to do with man machine integration?), which would include autonomous programs communicating amongst themselves and coordinating activities via a command / control channel (i.e. a "botnet"), while at the same time announcing an initiative to "fight" the very programs that they are also creating? Why must everything be couched in language suggesting a "war on whatever"? Why not simply say, "we will respond in kind to those who attack us using these weapons", acknowledging the obvious fact that such weapons are inevitable, and leave it at that.

Re:The US Government Uses Botnets (0)

Anonymous Coward | more than 2 years ago | (#40172699)

just like how the government tries to stop crazies with a shed full of guns and bombs, but makes tons of them itself? It is not the weapon that is the problem, it is those that control it that is the issue.

Nothing good will come of this... (1)

Karmashock (2415832) | more than 2 years ago | (#40163381)

First, there isn't anything the US government can do that isn't already being done.
Second, this will serve as justification for a massive expansion of US Executive power onto the currently anarchic internet.

Precisely what we need. (1)

utkonos (2104836) | more than 2 years ago | (#40163387)

We need the government "helping" fight botnets.

Again - fix this with capability based security... (1)

ka9dgx (72702) | more than 2 years ago | (#40163427)

Capability based security can fix this, virus scanners and blind linux fanboyism aren't enough any more.

President Obama Orders The Murder of Mitt Romney (0)

Anonymous Coward | more than 2 years ago | (#40163641)

With Mr. Mitt Romney gaining the delegates to win the GOP nomination, President Barak Hussien Obama II with blessings from the US Dept. of Justice and with help from the Central Intelligence Agency, Secret Service and Federal Bureau of Investigation has ordered the killing, murder, of Mr. Mitt Romney and all family members of Mr. Romney in the name of President Obama. :|

More intrusive DHS (0)

Anonymous Coward | more than 2 years ago | (#40164371)

Department of Homeland Security in charge of cybersecurity of vital systems such as power grids and transportation networks

The DHS tried to search trains and was told to fuck-off. They're already searching cars without probable cause. What else can they do? Search people who open a meter box. They'll be on a first name basis with a lot of farmers and electricians.

Excellent - lets start on this new 'Flame' spyware (0)

Anonymous Coward | more than 2 years ago | (#40164571)

http://www.wired.com/threatlevel/2012/05/flame

I hear rumors that a nation state in the middle east is responsible for this; no time for evidence or due process, start the drones!

IS this "such a BAD idea"? (0)

Anonymous Coward | more than 2 years ago | (#40164875)

Think about it: It's NOT so different from folks creating DNSBL's by coordinating w/ one another on WHICH sites/servers are hosting botnet C&C servers (to block them out) OR doing what I do with custom HOSTS files, which is Blocking out KNOWN sites/servers/hosts-domains that:

---

A.) Host malicious script in their content
B.) Host malicious script in their adbanners
C.) Serve up malwares

---

Between securing a system & educating end-users more/better on the sources of attack + conscientious patching OR even "security hardening" tweaking (such as cutting off services you don't need that MAY have remote exploit vulnerabilities + far more), & group security based policies, ala guides like this one:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&qs=ns&form=QBLH [bing.com]

Which, in essence & practice does ALL of the above (mostly in stopping users from indiscriminately accessing the MOST USED THREATS against them), typically of:

---

1.) Maliciously scripted website pages (mostly javascript)
2.) Faulty JAVA apps or exploits of JAVA vulnerabilities
3.) Faulty Adobe apps (e.g. - FLASH exploits)

---

?

* You've got MOST of the game "licked"/beaten... I've been doing it MOSTLY via sites that host information on KNOWN sites/servers/hosts-domains that block ALL of the above known threats... & yes, it actually works!

The community online's been taking care of itself on THAT front, via lists for custom DNSBL's &/or custom HOSTS files for a LONG TIME now... & again - it works, for the same ideas/principles these guys are reaching for now (community sharing of vital information - in essence/effect, a sort of "security crowd-sourcing")...

THUS, above & beyond std. client-side workstation node security, server-level security + app level security & patching?

The rest you'd get by blocking out those KNOWN malicious sites/servers/hosts-domains (& their pages known to serve up malicious script OR malwares + botnet C&C servers etc./et al...)

APK

P.S.=> It could be an aid to a principle I've been using for decades of "what you can't touch, can't hurt you" & by blocking out those things enumerated above? You get that...

Simply thru sharing such information for blocking them off from users either thru custom HOSTS files, firewall rules tables, OR DNSBL's server-side @ the DNS server level (preferably ALL 3 measures in combination, along with ONLY USING JAVA or JavaScript + plugins in FLASH only where you ABSOLUTELY NEED THEM for function only) - it could be a VERY effective tool vs. online exploit (& it does work, I've been doing the same basic idea for decades along with many users)... apk

Re:IS this "such a BAD idea"? (0)

Anonymous Coward | more than 2 years ago | (#40167553)

COULD you use some MORE ACRONYMS R.S.V.P. to DESCRIBE the ICMP TLS latency caused @ resolve TIME by your hosts FILE?

Thx

Ur off-topic, but here goes troll! (0)

Anonymous Coward | more than 2 years ago | (#40168251)

As far as blocking KNOWN bad host-domain names/sites-servers? Doesn't matter - they're MEANT to be blocked off & currently, I blockout 1,787,196 of those...

As far as my favorite sites I go to "hardcoded" into the hosts file?

Ahem - They're the "TOP 20" entries (I only keep 20 now) items in my hosts file, & read immediately!

(Especially once cached into memory by the local diskcaching kernelmode subsystem after the initial 1st read...).

Thus?

Heck - Even a B-Tree seek over 2++ million hosts file record entries wouldn't make a difference in speed...

(Do the math: You'll see I actually do about the same, OR LESS, seeks than you would in a binary tree seek over that many hosts file entries records)

All since I place my "favorite sites" @ the topmost spots in my custom hosts file so even IF the DNS system goes down (like is expected for infested users on July 9th via DNSChanger), or DNS poisoning redirection is done to DNS servers (even though I use the "best ones in the biz" as far as those that filter vs. known online threats, in OpenDNS, Norton DNS, &/or ScrubIT DNS in both my hardware router firewall + my Windows IP stack DNS settings)?

I'll still have the ADDED RELIABILITY of resolving those favs sites of mine locally, & be doing it FAR FASTER than calling out to potentially downed OR dns poisoned redirected DNS servers... by far.

(Blocking out adbanners does the rest, & gains users HUGE amounts of absolutely NOTICEABLE speed... see below on that much in fact from your peers on /., and, security pros too!)

Good luck disproving any of what's written above, OR especially BELOW... you'll NEED it!

APK

P.S.=> So much for trolls & their off-topic b.s., lol... & you KNOW I've just GOTTA say it: This?

This was just "too, Too, TOO EASY - just '2EZ'", as always, in dispatching off-topic trolls that are WEAK in their computing technical skills...

Lastly - I'd also like to "toss this one on" for good measure, in your /. peers AND security experts/pros agreeing that custom HOSTS files can benefit end-users of them in more speed/bandwidth, more "layered-security"/"defense-in-depth", reliability, & even 'anonymity' to an extent (bypassing unjust DNSBL's &/or DNS request logs):

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]

---

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

... apk

  -"/bquote (874524) on Monday December 19, @05:03PM (#38427432)BANNER ADS

DHS in charge of electricity and transportation? (0)

Anonymous Coward | more than 2 years ago | (#40165597)

I scanned the comments and is no one alarmed by this? It doesn't seem too paranoid to think that DHS (who does a swell job running the TSA) would shut down the electricity grid "to protect it". There are already VIPR teams stopping vehicles on the highway. CBP and DHS has been seen at the Detroit Electronic Music Festival. DHS ordered 450 million rounds of .40 hollow points. Draw your own conclusions.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>