Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

US ISPs Continue To Support DNSChanger Redirection Servers

Soulskill posted about 2 years ago | from the you-had-one-job dept.

AT&T 87

darthcamaro writes "On Monday of this week, the primary servers that kept those infected with the DNSChanger malware were taken offline. It's a story that sparked lots of media hype with people claiming that hundreds of thousands of people could lose their Internet access. As it turns out, major U.S. ISPs including Verizon, Cox, AT&T and CenturyLink all kept their own DNSChanger servers online, protecting any users from losing their access."

cancel ×

87 comments

Sorry! There are no comments related to the filter you selected.

What's the big deal? (4, Insightful)

Jah-Wren Ryel (80510) | about 2 years ago | (#40643559)

Don't all of those ISPs play that dirty trick of redirecting failed DNS lookups to advertising? Why don't they just set their DNSchanger servers to redirect all lookups to some page telling the user that their system is infected and how to download a tool to fix it?

Sure it will break everything but http(s) but if they are happy to do it for money why aren't they happy to do it for the common good?

Re:What's the big deal? (3, Insightful)

NettiWelho (1147351) | about 2 years ago | (#40643595)

Because if they meddled with end-user functionality they'd be swamped with angry customers demanding service and help. They take the cheap route that doesnt require additional effort on their part and lessens the incoming workload.

Re:What's the big deal? (1)

Anonymous Coward | about 2 years ago | (#40644621)

Because if they meddled with end-user functionality they'd be swamped with angry customers demanding service and help.

"You need help? There's a link on your screen. Click it, install the Cleaner program, and run it. Have a nice day. ::click::"

Problem solved.

Re:What's the big deal? (1)

Anonymous Coward | about 2 years ago | (#40645511)

I can tell you have never worked a day supporting CLNK customers.

Re:What's the big deal? (5, Insightful)

nurb432 (527695) | about 2 years ago | (#40643605)

The big deal is they are keeping infected computers online.

These should have been cut off day one, with a message 'call your isp' and allow NO other traffic to protect the users data.

Re:What's the big deal? (0)

mechtech256 (2617089) | about 2 years ago | (#40643635)

Sure, and let's do that to people using torrents too! ISPs should be dumb pipes, it's better than way. Be careful what you wish for.

Re:What's the big deal? (2)

nurb432 (527695) | about 2 years ago | (#40644167)

Torrents != virus.

Re:What's the big deal? (2)

icebike (68054) | about 2 years ago | (#40644715)

GP is actually right. There was never any justifiable reason to continue run these DNS servers, and they should have just been shut down when the FBI found them.
The client machines were infected, and there is no reason to assume the DNSChanger was the only virus or malware running on the boxes. The best bet is to just unplug the DNS servers and let the chips fall where they may.

Yeah, all of a sudden lots of people would find that they can't resolve anything. So what?

I suspect the reason they didn't was to mine the DNS requests going out from those infected clients.
Meanwhile all those infected machines are still on the net.

And none of this required packet inspection or torrent tracking. All it would have required was for the ISPs to do NOTHING.

Re:What's the big deal? (1)

JWSmythe (446288) | about 2 years ago | (#40645971)

You know, that's been done before, and (hopefully) will be done again.

    I forget the name of the malware, but there was a nasty that basically took over IP networking on Windows machines, and pumped everything through somewhere in Eastern Europe.. ... then the server went down. Hopefully, it was someone saying "Hmmm, malware, unplug the network cables."

    And about a dozen people dragged their home computers in to me to fix. Well, theirs, their friends, family, and apparently they had told everyone in their neighborhood.. There was no graceful redemption, no "think of the users". It broke, and people all over the world cleaned up yet another malware infested machine. It may have been tens of thousands, it may have been millions. It wasn't newsworthy, because we just did what we always do.

    Actually, unless a piece of malware managed to get on every Windows machine in the world, and absolutely wipe out everything on all direct and network attached drives, before popping a Warner Brothers cartoon "That's All Folks" [blogspot.com] , would I even consider it noteworthy. Then again, it couldn't be newsworthy, as virtually every reporters computer would now be lacking an OS.

    All the really managed to do is give the malware author a few more minutes of fame. Whoopdie-fucking-doo.

Re:What's the big deal? (0)

Anonymous Coward | about 2 years ago | (#40643877)

Cox does do that! I was writing a simple SMTP server for fun (learning a new language and picked that as a project) and sending emails to my own SMTP server on non-SMTP port. The only way I could get them to restore service was to tell them I had the problem fixed. According to their staff it was spam (I'm not really sure how you can spam yourself). After that incident I switched ISPs. Being called a spammer pissed me off more than insulting my wife or mother.

I'm perplexed as to why they'd allow this malware, but others they instantly disconnect. I'm guessing it's because of the amount of customers that are infected.

Re:What's the big deal? (1)

John Bokma (834313) | about 2 years ago | (#40644129)

Yup, if they don't they lose customers (or that's the idea). For the same reason a lot of ISPs do nothing about infected computers in their net work. No matter how much spam they send out or how many requests they do to your web servers. A smaller group of ISPs (e.g. MediaTemple, to name just one) have no problem at all with spammers in their network (and/or make reporting spammers extremely hard), as long as the customer pays (and the complainer: not). Spam etc. is plenty because people accept money to look the other way. Whether it's to the left or the right, doesn't matter.

Re:What's the big deal? (1)

nurb432 (527695) | about 2 years ago | (#40644199)

I think a page saying you have a security problem on your PC and to please call us would make customers happy.. "they care about us" I know they don't really, but it would make many feel that way.

Re:What's the big deal? (3, Interesting)

John Bokma (834313) | about 2 years ago | (#40644279)

You and me both. But I know plenty of people who consider themselves "power users" and would consider such a move patronizing (and an accusation that they made a mistake; how could they!). And I know even a few who don't care about malware on their computer as long as it isn't too much in the way (some even call it cool to be a part of one or more botnets...).

Re:What's the big deal? (0)

Anonymous Coward | about 2 years ago | (#40644489)

(some even call it cool to be a part of one or more botnets...).

As a species, we really are doomed.

Re:What's the big deal? (1)

WhitetailKitten (866108) | about 2 years ago | (#40646771)

This reminds me of the shit on Facebook where people like pages marked, basically, "I have never read a book in my life and I'm proud of it."

Western society is in a death spiral, and Idiocracy is coming far faster than predicted.

Re:What's the big deal? (1)

ganjadude (952775) | about 2 years ago | (#40644879)

true, I hate having to deal with tech support and I get annoyed at people trying to force me to do things. having said that, having a default page that tells you your machine is messed up is a little bit different. I say hell, even let them keep using it, just make them see the msg and hit ok (frames maybe?) I know the hardcore crowd will claim the ISPs are hijacking or snooping or whatever, yeah, thats exactly whats going on in my scenario, and probably one of the only few exceptions to snooping I would be ok with because your PC being infected does in fact affect me.

Re:What's the big deal? (3, Informative)

CheshireDragon (1183095) | about 2 years ago | (#40645773)

Then those ego maniacs need a slap in the face. If they were in fact a power user they wouldn't have let this happen to their system.

Re:What's the big deal? (1)

JWSmythe (446288) | about 2 years ago | (#40646029)

    I guess you don't see the obvious problems with that...

    1) There's plenty of existing malware that does that already. "Click here to clean your computer". Some even give a friendly 800 (or 900) number to call for "advice", so you can call and give your credit card number of the phone because it's "so much safer".

    2) When they redirect a residential customer to the security problem page, it's not going to just redirect the infected machine, it will redirect all of your machines. That makes it difficult to get tools to clean up with.

    And being I've had to remotely clean up machines for plenty of machines for people who were too far away to drive to, and couldn't figure out how to run an antivirus with explicit instructions and hand holding over the phone.

Re:What's the big deal? (1)

Jah-Wren Ryel (80510) | about 2 years ago | (#40646189)

2) When they redirect a residential customer to the security problem page, it's not going to just redirect the infected machine, it will redirect all of your machines.

No it won't. Only the infected machines are using the bogus nameservers.

Re:What's the big deal? (1)

JWSmythe (446288) | about 2 years ago | (#40647469)

    In his case, the implication was for any malware. Definitely they could have done it for this specific case. It looks like they just went for the easier option of a static route and put the IP(s) on their own DNS server(s).

Re:What's the big deal? (1)

Anonymous Coward | about 2 years ago | (#40644253)

you have no idea what you are talking about. i have worked for several regional ISPs and when we notice virus traffic originating from your computer/router you will either get an email/call from us notifying you that you need to resolve the issue or we will disconnect your service, or we just disconnected your service and call you to inform you why this happened.

Re:What's the big deal? (0)

Anonymous Coward | about 2 years ago | (#40663487)

A smaller group of ISPs (e.g. MediaTemple, to name just one) have no problem at all with spammers in their network (and/or make reporting spammers extremely hard), as long as the customer pays (and the complainer: not). Spam etc. is plenty because people accept money to look the other way. Whether it's to the left or the right, doesn't matter.

Matt from (mt) here. Just wanted to let you know that we try to take down spammers as quickly as possible. Spammers not only ruin our reputation, but they also effect performance at times with their massive email pushes.With the amount of customers we have, it's difficult to catch every spammer that may use our services. We welcome anybody to bring us information about spammers so that we can take care of the problem.

Re:What's the big deal? (1)

v1 (525388) | about 2 years ago | (#40644373)

The big deal is they are keeping infected computers online.

These should have been cut off day one, with a message 'call your isp' and allow NO other traffic to protect the users data.

hmmmm... protect the public, or protect profit... protect the public, or protect profit... oh wait, that's an easy decision!

Re:What's the big deal? (1)

devitto (230479) | about 2 years ago | (#40654143)

No they are not. They are contacting those customers, duh !

Re:What's the big deal? (1)

icannotthinkofaname (1480543) | about 2 years ago | (#40644381)

Sure it will break everything but http(s) but if they are happy to do it for money why aren't they happy to do it for the common good?

Since when is there money to be made by supporting the common good?

Re:What's the big deal? (1)

Asic Eng (193332) | about 2 years ago | (#40644719)

I guess the problem is when they do that they'll get swamped with support requests by the most clueless of their user base. Who is going to handle all these phone calls? That costs quite a bit of money. Setting up another server to handle these DNS requests is cheap, though. So that's what they are doing.

Re:What's the big deal? (1)

Jah-Wren Ryel (80510) | about 2 years ago | (#40644855)

Yep, that's what a lot people think and it sure fits the stereotypical corporate mentality. But, it really isn't that hard to mitigate. Set the servers up to redirect to a warning page for only 1% of the ISP's address range per day or something in that ballpark. That reduces the flood of support calls down to something manageable.

Re:What's the big deal? (1)

Asic Eng (193332) | about 2 years ago | (#40644945)

That's a good approach, but there were so many warnings already and for such a long time. These people don't care about their computers at all. You redirect them to a warning page, maybe they'll call you and you'll get them to fix it. That one problem. What about the other malware on their machines? What about the malware they'll get next week?

Your best hope is that sooner or later they'll replace their desktops with iPads.

Re:What's the big deal? (1)

CheshireDragon (1183095) | about 2 years ago | (#40645847)

"These people don't care about their computers at all."
This is my cousin exactly. She is 14 and fscking stupid. She has a thing that posts on her facebook everyday that is clearly a highjack and I always comment "...and hacked." then "change your password." It's been almost 2 months. I bet you can guess what she hasn't done. I been considering just changing her password myself and not telling her what it is.

Re:What's the big deal? (0)

Anonymous Coward | about 2 years ago | (#40645533)

Good idea as far as handling peak volume.

Does absolutely nothing for total volume though.

But what really costs money is when said moron customer can't connect to the internet and cancels service.

get it now?

Re:What's the big deal? (1)

CheshireDragon (1183095) | about 2 years ago | (#40645831)

That's right, AC you are so super smart (clear sarcasm)

Because everyone is irrational and cancels their service when there internet goes out just once.

Re:What's the big deal? (1)

CheshireDragon (1183095) | about 2 years ago | (#40645699)

because there is no money to be made in 'the common good.'

Oh for the love of god (4, Insightful)

0racle (667029) | about 2 years ago | (#40643561)

Knock them off the internet already so they know they have a problem. DNSChanger is probably not the only issue they have.

Re:Oh for the love of god (5, Insightful)

bmo (77928) | about 2 years ago | (#40643623)

Knock them off the internet already so they know they have a problem. DNSChanger is probably not the only issue they have.

This. I have *never* seen a compromised system with just one piece of badware. These people are probably running around with dozens, if not hundreds of pieces of evil in their machines.

Knocking them off the net would be doing them a favour.

--
BMO

Re:Oh for the love of god (0)

Anonymous Coward | about 2 years ago | (#40644033)

horrific! not just evil in their machine, but PIECES of evil in their machine.

holy mother of beezelbulb!

hey have you heard of that new band POE?

Pieces
Of
Evil

They're quite good.

I hear they're better than the sum of their parts.....

Re:Oh for the love of god (0)

Anonymous Coward | about 2 years ago | (#40644515)

Comcast has more than once told me one of my machines was infected when in fact it wasn't. Fortunately, they only TOLD me instead of disconnecting me.

Any algorithm to decide what machine is infected remotely is not going to be any smarter than the designer, and probably a lot less so.

Re:Oh for the love of god (4, Informative)

bmo (77928) | about 2 years ago | (#40644707)

Any algorithm to decide what machine is infected remotely is not going to be any smarter than the designer, and probably a lot less so.

The thing is that there is no algorithm at work at all except the infection itself.

If you paid attention at all to the goings-on of this issue at all, you'd know that DNS Changer does what it's titled to do: point at a (formerly) criminally controlled set of DNS machines. These have since been commandeered by authorities and maintained. The infected machines are being artificially propped up. To "disconnect" people, all they have to do is turn these off and let the end users fend for themselves.

So let me repeat: there is no "remote turnoff" being done here. The computers are left without a DNS when the fake DNS machines are turned off. If your computer does not point at a valid DNS when they turn off the fake DNS, it is 100 percent guaranteed that you have the DNS Changer malware.

--
BMO

Re:Oh for the love of god (1)

ganjadude (952775) | about 2 years ago | (#40644905)

I have not been keeping up on this, so If I read you correctly, All a user would need to do (assuming they were literate enough to get networking..and not know they were infected, is remap the DNS section of their IP config to resolv the issue? or will this virus re-remap it back to the bogus dns?

Re:Oh for the love of god (3, Informative)

bmo (77928) | about 2 years ago | (#40645163)

All a user would need to do (assuming they were literate enough to get networking..and not know they were infected, is remap the DNS section of their IP config to resolv the issue?

If it was really, really simple, yes. But I suspect that the authors of DNS Changer already thought of that and will prevent you from simply changing it manually, or at least run a scheduled task to keep it set wrong (the Macintosh variant does this with a crontab).

It was spread as a "video codec" on porn sites and then as "funny video" sites, which I guess is more popular. The internet was built on porn and lolcats.

In any case, if you have an updated malware removal tool, it should remove it. Removal is effective.


If your DNS servers are in these range, then you are affected.

        64.28.176.1 - 64.28.191.254
        67.210.0.1 - 67.210.15.254
        77.67.83.1 - 77.67.83.254
        85.255.112.1 - 85.255.127.254
        93.188.160.1 - 93.188.167.254
        213.109.64.1 - 213.109.79.254

--
BMO

Re:Oh for the love of god (1)

ganjadude (952775) | about 2 years ago | (#40645593)

Thanks for the info, I am personally good but This will be useful when I get a phone call telling me all of a sudden my grandma cant connect

Re:Oh for the love of god (1)

Billly Gates (198444) | about 2 years ago | (#40643739)

Are you going to pay them for the calls that are going to be ringing off the hook! My guess is the phone system will be so overloaded it would probably crash and prevent legitimate calls from coming through.

Are you going to pay their legal fees when business users sue due to lost income? Yes it was both forseen and the ISP has a duty of care, and has even excersized this supporting its users. A lawyer would be drooling if you said fuck it and cut the cord.

It is a business decision and not a moral or philosophical one.

Re:Oh for the love of god (0)

Anonymous Coward | about 2 years ago | (#40643905)

So disconnect them in waves. For example disconnect 10% once those are resolved disconnect the next 10%. Eventually the issue would be resolved and it wouldn't flood their phone support all at once. They could also add a $5 stupid tax on their bill for one month to help cover part of the costs.

-wmbetts
Posting AC, because I have mod points.

Re:Oh for the love of god (1)

ganjadude (952775) | about 2 years ago | (#40644935)

except for chances are those 1st 10% would most likely be reinfected before they had enough time to worry about it.

I truly do not understand how so many people can be infected yet not know it. I have had a virus, Ive had trojans, Ive been hit with it all, but to the extent that my machine was messed up or being controlled by someone else? hardly the second my mother has more than a few tabs open and her game slows down, i get a call to look at it, usually it is nothing, but once or twice there has been an issue, not a dehibilitating issue but an issue. A little common sense goes a LONG way people

Re:Oh for the love of god (1)

osu-neko (2604) | about 2 years ago | (#40644255)

It is a business decision and not a moral or philosophical one.

These are not mutually exclusive. It is a business decision, but it is also a moral one. Any decision that affects others (and arguably some that don't) are moral decisions. Pretending otherwise is a wonderful excuse for avoiding moral responsibility, though...

Re:Oh for the love of god (1)

Billly Gates (198444) | about 2 years ago | (#40644509)

Well a corporations job is to make money. Its moral and ethical guidelines is to increase shareholder wealth on a quarterly basis by constantly raising the share price.

It does not serve them well if some companies get hurt with no internet access and it is stealing from them otherwise. Liability is real as older computers without updates typically are corporate owned systems in places like managerial offices and other places where they can't be cleaned easily without a local IT staff. They could lose money in the process and blame megatelecom for the losses. They would win too as the FBI warned the ISPs about this and used their help sadly so it is foreseen and a acknowledged responsibility.

Keep both the users and shareholders happy is the game and for people who need real help to report things like outages. I wish I could yank the cords but you are talking about other people's property too and what gives us to right to dictate? Even if we are right it is another angle.

Re:Oh for the love of god (1)

Culture20 (968837) | about 2 years ago | (#40644953)

Well a corporations job is to make money. Its moral and ethical guidelines is to increase shareholder wealth

Full Stop. You can increase shareholder wealth many ways. Dividends work well even when stock prices are steady or even dip a little. Carry on...

on a quarterly basis by constantly raising the share price.

Re:Oh for the love of god (2)

Hamsterdan (815291) | about 2 years ago | (#40644751)

I second that too. That kind of malware is never alone on most computers. The job of an ISP is to provide internet access, not holding customer's hands. Tech support is one thing, but an infected machine is a risk for *every* customer of said ISP. What if the ISP's email servers get banned because some machine is sending spam? Any responsible ISP will make sure either a) the problem's fixed or b) the customer's access is bloqued until it's fixed. Keeping those machines online is irresponsible.

Booorrring (1)

Simpson,Homer_Jay (2666667) | about 2 years ago | (#40643563)

Next article please

Pretty altruistic of them! (2)

Immostlyharmless (1311531) | about 2 years ago | (#40643567)

On a side note, can anyone tell me why all of the ads I see are for AT&T?

Petty and evil of them! (0)

Anonymous Coward | about 2 years ago | (#40644849)

Pretty altruistic of them!

What?! Keeping people in the dark about compromised computers so they don't have to pay for tech support is altruistic in your view?!

Re:Petty and evil of them! (1)

Immostlyharmless (1311531) | about 2 years ago | (#40646305)

I do believe someone missed the joke :P I promise to make it more obvious next time ;-)

So... (1)

evafan76 (2527608) | about 2 years ago | (#40643581)

That's why I didn't get a phone call from my parents asking me to fix their Internet.

Why? (5, Insightful)

Technoodle (1384623) | about 2 years ago | (#40643583)

This is a fail. The problem will not go away if we keep coddling people that have infected machines.

Re:Why? (0)

Anonymous Coward | about 2 years ago | (#40663819)

Why?

Money. ISP's don't care if your machine is infected. They only care if you call and pester them wasting their money. This saves them lots of support calls. It's not like they're held financially responsible for the spam and fraud committed from hacked machines on their network that they know exist. Sure it is clearly negligence. They could be sued for knowingly allowing these crimes to continue, but will they? I doubt it.

Loose (0)

Anonymous Coward | about 2 years ago | (#40643679)

Hundreds of thousands of people are going to launch their internet like an arrow?

Neat!

"Loose"? (4, Funny)

danomac (1032160) | about 2 years ago | (#40643683)

It's a story that sparked lots of media hype with people claiming that hundreds of thousands of people could loose their Internet access.

That was the problem initially, the computers were too loose and malware got in.

Re:"Loose"? (1)

Samantha Wright (1324923) | about 2 years ago | (#40643927)

I think the danger is more about them setting their internet access loose on the entire world, maybe? I mean, it must be pretty scuzzy.

Re:"Loose"? (0)

Anonymous Coward | about 2 years ago | (#40647035)

your just being a spelling nazi

typo in text loose should be lose (1)

Progman3K (515744) | about 2 years ago | (#40643709)

typo in text loose should be lose

Re:typo in text loose should be lose (0)

Anonymous Coward | about 2 years ago | (#40643775)

I think you meant it should be "finally have to fix"

Commercial Decision (4, Insightful)

sociocapitalist (2471722) | about 2 years ago | (#40643741)

"...protecting any users from losing their access."

This had nothing to do with protecting users. This was because the ISPs didn't want to be overwhelmed with support calls and have to deal with X ignorant and pissed off customers who don't know DNSChanger from a hot dog and who will just blame the ISP for any outage.

Re:Commercial Decision (0)

Anonymous Coward | about 2 years ago | (#40643963)

ISPs DO want to be "overwhelmed" with support calls. That's free money! (unless the ISP in question has a non-fee phone number)

Re:Commercial Decision (0)

Anonymous Coward | about 2 years ago | (#40644779)

Clue bat: Customer service numbers are always either local or toll free long distance (e.g. 1-800 or 1-888) in the US.

The real story (1)

SpaceLifeForm (228190) | about 2 years ago | (#40644723)

The ISPs did not have dedicated servers for DNSChanger, they have been filtering your DNS traffic all along.

What will it take? (3, Insightful)

crow (16139) | about 2 years ago | (#40643797)

What will it take for people to start taking security seriously? One of these days a major botnet will wipe a few million hard drives with no warning. I'm not convinced that even that would do it.

Re:What will it take? (0)

Anonymous Coward | about 2 years ago | (#40643957)

Indeed, they'd probably blame the hard drive manufacturers for defective hardware.

Re:What will it take? (2)

Scorch_Mechanic (1879132) | about 2 years ago | (#40644031)

I sincerely doubt it. The days of malware simply destroying data are behind us. It's far more useful (and profitable!) to pwn computers and steal information, serve ads, send spam, preform DDoS attacks... you get the idea.

A swarm of computers with garbled drives has no value. A swarm of computers in a botnet you own is infinitely more valuable.

Re:What will it take? (2)

RoknrolZombie (2504888) | about 2 years ago | (#40644445)

Not everyone is motivated exclusively by money. Especially in this age of "online activism", I suspect that at some point someone will be motivated by fame, or (as many posting here at ./) the idea that "people need to be smarter"...eventually someone will produce some malicious code that *will* do irreparable damage to the systems that are compromised. When that day comes people will - as in nature - be forced to adapt or fail.

Re:What will it take? (1)

crow (16139) | about 2 years ago | (#40644727)

Yes, malware is mostly there for a financial incentive, but I can see several scenarios where a large botnet would get wiped. Suppose...

Someone includes self-destruct code that will wipe computers if the network is taken over of the control node are shut down. The idea would be to blackmail security organizations into leaving the botnet alone.

Or someone has a botnet encrypt drives and then make them pay to get the decryption key. A code bug or takedown of the control network causes all the keys to be lost.

Or simply a code bug in the malware.

Or someone gets control of a botnet and decides the best way get the menace off the net is to wipe all the infected systems.

Or the Iranian government buys a botnet located in the United States and wipes all the systems in an attempt to fight back.

Or, well, I'm sure I could keep thinking of scenarios.

Make ISPs responsible (was Re:What will it take?) (1)

John Bokma (834313) | about 2 years ago | (#40644153)

Make ISPs responsible (and if they want they can make their customers responsible). Now they can have tens if not hundreds of zombies within their network, knowingly and doing nothing since they might lose customers. Not going to happen; $$$$.

Re:Make ISPs responsible (was Re:What will it take (1)

foradoxium (2446368) | about 2 years ago | (#40644711)

this will be bad news though, we should be trying to force the ISP to keep their hands OFF our data.

Re:What will it take? (1)

houghi (78078) | about 2 years ago | (#40644257)

What will it take for people to start taking security seriously?

What will it take IT people to factor in the human? Look at what you can change and look at what you can't. You can't change humans.

When I see them changing password policy in companies to 32 random characters that need to be changed every 34 hours, I just know people will start writing it down.

Next you need to remember 378 different logins for different connections and each one has different rules. Most logins you can not select yourself, so they will be semi random as well.
Also you need to drag 42 key generators around, because that is a great rule you must follow.

Sorry, it is the rules that are wrong. Unfortunately we can not expect a generic solution, because each company will want to hold the copyrights, trademarks and patents and will block all others out. Using an open standard won't work, because then they can copyright, trademark and patent the shit out of it.

So when ARE people going to start taking security seriously and think about security as a process, not only about not letting people accessing your server.

Re:What will it take? (1)

NemoinSpace (1118137) | about 2 years ago | (#40645689)

Seriously?
Companies plan to spend 4.5 percent more on computer security this year than last year, according to results of a Morgan Stanley survey of 100 U.S. chief information officers, released July 13.
They are taking it seriously, they are just doing it wrong.
Never attribute to malice that which is adequately explained by stupidity.

Re:What will it take? (1)

fast turtle (1118037) | about 2 years ago | (#40645599)

Not even a bot net wiping a few milllion drives will do it. It'll take a Terminator and Skynet to get through to the damn idiots and at that point it's easier to nuke it from orbit

Re:What will it take? (0)

Anonymous Coward | about 2 years ago | (#40645959)

What will it take for people to start taking security seriously?

Do you really understand what you're asking for? The end of that path doesn't end with everybody becoming expert sysadmins or running Linux. It ends in more walled gardens, more signed and encrypted Palladium-style bootloaders, more deep packet inspection of network traffic, and more invasive system health monitoring.

good job! (0)

Anonymous Coward | about 2 years ago | (#40643913)

Bravo! That's what they call "network neutrality"!

AA&T internet wasn't working yesterday (1)

scharkalvin (72228) | about 2 years ago | (#40643931)

We have AT&T (bellsouth.net) and yesterday internet access was spotty at best. Some sites loaded right away as usual, some never loaded, some now and then. Ebay was a lost cause, google was ify and google hits went nowwhere. At work we have comcast and it was business as usual.
At home it made no difference which computer I used, MAC, PC, Linux all had issues. My router / DSL modem is a Motorola.

Re:AA&T internet wasn't working yesterday (2)

jnork (1307843) | about 2 years ago | (#40644591)

I've got my home network set up to bypass my ISP's mediocre servers and use the fastest public DNS servers I could find.

Of course I also checked all our computers before D-Day happened. They were clean.

But my ISP doesn't get to decide how my DNS queries resolve.

Re:AA&T internet wasn't working yesterday (0)

Anonymous Coward | about 2 years ago | (#40644749)

Mine does. It intercepts ALL dns queries, whether aimed at their server or not. I figured it out when they started redirecting bad addresses to their search page.

Re:AA&T internet wasn't working yesterday (0)

Anonymous Coward | about 2 years ago | (#40645857)

Some AT&T modems have dns issues. type in your modem model number and dns.. see whether anything pops up. It's a timeout issue.

because... (1)

otaku244 (1804244) | about 2 years ago | (#40644141)

It's cheaper to keep it broken than to get customers to go fix it. Duh.

I hate it when I loose my internet access. (0)

Anonymous Coward | about 2 years ago | (#40644315)

Somebody should tighten that sucker up for 'em.

No Need for Gov't Intervention (2)

hemo_jr (1122113) | about 2 years ago | (#40644579)

Just shows that the Internet can take care of itself, and government meddling is not needed.

Re:No Need for Gov't Intervention (0)

Anonymous Coward | about 2 years ago | (#40646021)

Just shows that the Internet can take care of itself, and government meddling is not needed.

So you are saying the correct way to treat an infection is to assist it and help it spread?

God damn it (0)

Anonymous Coward | about 2 years ago | (#40645123)

Now I have to put up with another round of fielding questions when the media gets another Scary Computer Story Boner when they turn *these* severs off?

I'm also waiting for the malware that gets installed via scareware over this whole bullshit.

DNSSEC-enabled stub resolvers or browsers (1)

jroysdon (201893) | about 2 years ago | (#40645485)

DNSSEC-enabled stub resolvers on the client and/or browsers would have stopped this from ever becoming a problem. Of course, the bad guys would have just disabled this feature and/or replaced the root key on the clients, if they had access. However, it sounds like much of the time it was a vulnerable router that had the dns settings changed. In this case, the clients would have detected false/forged DNS records and stopped the problems sooner..

Re:DNSSEC-enabled stub resolvers or browsers (0)

Anonymous Coward | about 2 years ago | (#40645651)

/kb/2028240
DNSSEC is a DNS Server technology. Windows DNS Clients are not impacted by DNSSEC..
 
Whether a server rejects their connection or is no longer there makes no difference to the end user. I think you meant to say ... would have stopped this from ever becoming our problem.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>