Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The NYT on the Proliferation of Botnets

Zonk posted more than 7 years ago | from the we-live-in-interesting-times dept.

Security 244

ThinkComp writes "The New York Times has a up a story on the proliferation of botnets. The article cites a number of security researchers who paint a depressing picture of the state of internet security, and concludes with the suggestion that for home users, buying a new 'updated' PC may be the only real solution. Unfortunately, as most of us know, given the number of outstanding flaws in software and the ingenuity of malicious software authors, that might not even help."

Sorry! There are no comments related to the filter you selected.

Woot (-1, Redundant)

lucifuge31337 (529072) | more than 7 years ago | (#17493396)

First post?

Re:Woot (-1, Troll)

lucifuge31337 (529072) | more than 7 years ago | (#17493434)

Yep. Burn, karma, burn.

Re:Woot (-1, Troll)

Spazntwich (208070) | more than 7 years ago | (#17493446)

f u mang, I needed that fp

lameness filter > me

Re:Woot (0, Offtopic)

lucifuge31337 (529072) | more than 7 years ago | (#17493504)

That's right. No GNAA for you.

not gnaa lol (-1, Troll)

Spazntwich (208070) | more than 7 years ago | (#17493402)

GNAA Congratulates the Debian Project on the Release of Debian GNU/Linux 3.1 "Sarge"
GNAA Congratulates the Debian Project on the Release of Debian GNU/Linux 3.1 "Sarge"

BATON ROUGE, LA - June 6, 2005 - The Gay Nigger Association of America extended today its congratulations to the Debian Project regarding its 8th consecutive release of the Debian GNU/Linux distribution. The latest incarnation of Debian, codenamed "Sarge", had been eagerly anticipated for approximately 6,000 years by both unwashed GNU/Hippies and fizzlebearded Open Source aficionados alike. So far the reception of "Sarge" has ranged from indifferent to uninterested, but the release has managed to draw the attention of many fundamentalist Christians, who have long seen the release of a new version of Debian as one of the major signs of the apocalypse.

"Sarge" is notable for greatly expanding upon the Debian policy of creating distributions that are obsolete before they are even released - a practice which, while not particularly desirable, has been enthusiastically received by nostalgic collectors of outdated open source software, as well as the National Association for Marketing Buggy Linux Applications, or NAMBLA. Debian project leader Branden Robinson defended the policy, however, in an impromptu GNAA interview which was conducted at his home. When asked to comment on Debian's slow adoption of new software, he was quoted as saying, "Look, the fact is that the open source development model is so ineffective that just as many new bugs are probably created in each release as old ones are fixed, so it all evens out. Right? Um - please stop touching my leg. No I'm not homophobic, I just - hey, I said cut it out! No, stop! I'm saving myself for Bruce Perens! HELP!"
About Debian

The Debian project was started in 1993 by Ian Murdock, who was unsatisfied with the level of political bickering and useless hand-wringing found in other projects at the time. The Debian Project has grown steadily over the years and currently consists of over 1,000 developers and maintainers, yet contains more bugs and is more out of date than the older Slackware distribution, which is produced by a single maintainer with a chronic bacterial infection. Debian's use has been on the decline due to users being fed up with its sluggish release process and political drama, but it has nevertheless received the accolade of those Linux users who have not yet discovered the existence of superior and more modern distributions such as Ubuntu, Fedora Core, and Windows Server 2003.

About GNAA:
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the first organization which gathers GAY NIGGERS from all over America and abroad for one common goal - being GAY NIGGERS.

Are you GAY?
Are you a NIGGER?
Are you a GAY NIGGER?

If you answered "Yes" to all of the above questions, then GNAA (GAY NIGGER ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join GNAA (GAY NIGGER ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time GNAA member.
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the fastest-growing GAY NIGGER community with THOUSANDS of members all over United States of America and the World! You, too, can be a part of GNAA if you join today!

Why not? It's quick and easy - only 3 simple steps!

        * First, you have to obtain a copy of GAYNIGGERS FROM OUTER SPACE THE MOVIE and watch it. You can download the movie (~130mb) using BitTorrent.
        * Second, you need to succeed in posting a GNAA First Post on slashdot.org, a popular "news for trolls" website.
        * Third, you need to join the official GNAA irc channel #GNAA on irc.gnaa.us, and apply for membership.

Talk to one of the ops or any of the other members in the channel to sign up today! Upon submitting your application, you will be required to submit links to your successful First Post, and you will be tested on your knowledge of GAYNIGGERS FROM OUTER SPACE.

If you are having trouble locating #GNAA, the official GAY NIGGER ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is NiggerNET, and you can connect to irc.gnaa.us as our official server. Follow this link if you are using an irc client such as mIRC.

If you have mod points and would like to support GNAA, please moderate this post up.

Buy a Mac (0, Redundant)

Anonymous Coward | more than 7 years ago | (#17493412)

Sure the Mac will get 'targeted' as popularity increases, but UNIX will _always_ have a leg up on security over Windows _always_ so even if it is not perfect, it will be a better solution for most people. Experts might be better off with a Linux distro like Debian. But the worst thing to do is to buy yet another Windows box. Might as well paitn targets on your email, personal data, and financial accounts.

Re:Buy a Mac (0, Redundant)

purpleraison (1042004) | more than 7 years ago | (#17493438)

I agree with you completely -- nix based systems by default prove more secure. It's too bad you got modded down -- I probably will as well.

Re:Buy a Mac (-1, Troll)

Anonymous Coward | more than 7 years ago | (#17493650)

What the hell are you talking about? You post on Slashdot that Unix based systems are more secure and you actually expect to be modded down? Are you smoking crack? You will probably get +5 Interesting just on kneejerk response.

Oh actually I get it. If you write that your post is probably going to be modded down then you by default deserve to be modded up for being 'brave.' For that reason alone you deserve to be modded down.

Not a flaw, but a feature (1, Funny)

Anonymous Coward | more than 7 years ago | (#17493414)

Its nice to see somebody using all those cycles the noobs waste.

Good for them.

Re:Not a flaw, but a feature (2, Interesting)

FooAtWFU (699187) | more than 7 years ago | (#17493440)

On that note, how long before some vigilante creates their own botnet and uses it to keep hundreds of thousands of machines up-to-date on their security, spyware-free, and running Folding@Home or something in their spare cycles?

Welchia (3, Interesting)

MillionthMonkey (240664) | more than 7 years ago | (#17493496)

Been done already. [wikipedia.org] And it didn't work out so well IIRC.

Re:Welchia (2, Interesting)

thinsoldier (937530) | more than 7 years ago | (#17493832)

More like it doesnt work anymore but for a time it did the positive things it was meant to do. It would be nice if the security vendors collaborated on something like this and agreed not to treat it like a virus. Also maybe use bittorrent protocol to transfer the security updates between systems.

Re:Welchia (1)

MillionthMonkey (240664) | more than 7 years ago | (#17494146)

More like it doesnt work anymore but for a time it did the positive things it was meant to do.

Did you ever see it in action? They were in the middle of installing blaster patches at work the day welchia came in through a still unpatched machine. I wasn't even peripherally involved (having patched) so I wasn't paying too much attention but I remember it caused quite a stir.

Re:Welchia (1)

LiquidCoooled (634315) | more than 7 years ago | (#17494212)

No, how about simply have the security companies come up with a product which shares a central repository of signatures and available updates and make it a part of the wall of protection.

Since they will be connected to multiple other machines, they can detect spikes and irregularities and collectively brace together to at least slow down the spread until real support (signatures and/or patches).

Think of it like the atomic dog in snowcrash.

Re:Welchia (2, Interesting)

kalpaha (667921) | more than 7 years ago | (#17494560)

It failed because the measures it was taking where far too soft. The worm should've disabled the machine with instructions to take it to the repairman (who could've done a proper job of cleaning the machine) and a message that indicated MS was to blame.

The problem is that people who think "Car accidents never happen to me" (most of us) mistakenly think: "Virii will never happen to me"[1], if they even know virii exists. Getting a hundred or two in repair costs might make them think for once.

Footnotes:
[1] Virii [wikipedia.org]

Re:Not a flaw, but a feature (0)

Anonymous Coward | more than 7 years ago | (#17493730)

thats pretty interesting, add a little invisibity so it doesn't get too much in the way, then pay 'em a small paycheck every week (throw the computer users a bone sheesh!), and you got yourself a new business.

Re:Not a flaw, but a feature (2, Funny)

MillionthMonkey (240664) | more than 7 years ago | (#17493992)

throw the computer users a bone sheesh!

Paycheck? They get screensavers. Just take a popular screensaver, write a hostile wrapper, and upload it to your scum site. If antivirus software removes your malware, some users will even reinstall it.

I want a big red button (1)

Anonymous Coward | more than 7 years ago | (#17493436)

...on the front of my computer. When I push it, it saves a list of all the current programs on a protected partition and then allows me to install one program. No pushing, no installing. Programs would have to say "If you'd like to continue installation, press the big red button."

If something sneaks in that I don't want, then I press the big green button on the front of my computer, and select which program listing I want restored.

Re:I want a big red button (2, Interesting)

Constantine XVI (880691) | more than 7 years ago | (#17493772)

Good idea, until someone finds a hole in the software that handles the big red button. Apple actually did something like this a while back for system updates. There was a "programmer button" on the back you had to press in order to install the update.

Re:I want a big red button (3, Insightful)

gradedcheese (173758) | more than 7 years ago | (#17493966)

We have that now, it's just that we type 'sudo' rather than pushing a big red button, but it's the same effect. For you, perhaps we can wire up a red button that echoes 'sudo' to your shell?

Re:I want a big red button (2, Insightful)

Anonymous Coward | more than 7 years ago | (#17494050)

sudo ? on Windows ?? it's called RunAs... but in the most wonderful MS world msiexec can install software without you having admin rights... and this process can be trigged by ActiveX too...

Re:I want a big red button (1)

Simon80 (874052) | more than 7 years ago | (#17494814)

Well that's just it, Windows isn't designed like that, so don't use Windows, it's that simple. There's absolutely no excuse for the insecurity of Windows, even if there may be excuses for people who still use it.

Re:I want a big red button (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17493984)

mmmm... stupid lusers press "Ok" on those security warnings that software pops up all the time...
It will not be different if it is a physical button. This CAN NOT be done in any technical way, the only way is to educate lusers to become users... and it is a real pain in the ass when those dickheads in Redmond are telling people that any bloody idiot can use a computer. There should be a bloody "Computer user license", 60 hours of education in computer security, with checks every 2 years.

--

AC without cause...

Well, that's sorta backwards (2, Insightful)

davecb (6526) | more than 7 years ago | (#17493448)

An older Windows release, reasonably patched,
running under Linux (win4lin) and behind a paranoid
firewall is safer than XP or Vista.

Alas, not as safe as an unpached RH9, mind you,
but still safer than Vista (;-))

--dave

Re:Well, that's sorta backwards (3, Insightful)

nmb3000 (741169) | more than 7 years ago | (#17493644)

is safer than XP or Vista.
but still safer than Vista (;-))

You say this with what evidence?

Vista hasn't even been released to the public yet and the only versions people have seen are unfinished betas and a very few corporate users who have started playing with the new RTM Enterprise. You know you're on Slashdot when a product that isn't even out yet has already been relegated to the insecure/unsafe/junk software category.

However, I see you have that little winky smiley thing at the end of your post. Does that mean you're just kidding and it's all a joke? Or are you serious, but going under the guise of joking so if somebody calls you out on your statement you can just say "whoosh!"? Emoticons are stupid--better for people to say what they mean and stick with that.

Re:Well, that's sorta backwards (0)

Anonymous Coward | more than 7 years ago | (#17494002)

Fair enough, I'm working on a co-operative multitasking, non-memory protected kernel in pure 16-bit assembly. But you can't rate it because it hasn't even been released yet!

So why should I trust NTv6 (or is it still 5x?) when the previous editions sucked ass?

Re:Well, that's sorta backwards (1)

644bd346996 (1012333) | more than 7 years ago | (#17494044)

I doubt the GPP can actually compare RH9 with Vista (especially since not all boxed RH9 installs had the same isos) but it is only a little bit unfair to dismiss Vista as insecure. The last release candidates did contain major security flaws, and there is no particular reason to think that they were all fixed before Vista shipped to corporate clients. On top of that, it is reasonable to assume that no drastic changes were put in place post-RC to make it harder for average users to install trojans.

Since every publicly availible version of Vista has so far had the typical windows [in]security, the retail versions will probably continue the trend.

Re:Well, that's sorta backwards (0)

Anonymous Coward | more than 7 years ago | (#17494160)

Well you are really mountain settler aren't you?

Re:Well, that's sorta backwards (1)

timeOday (582209) | more than 7 years ago | (#17494320)

You say this with what evidence?... You know you're on Slashdot when a product that isn't even out yet has already been relegated to the insecure/unsafe/junk software category.
Such optimism!

Truth is, every new piece of software is insecure junk until proven otherwise. Almost always, that takes time and exposure, and patches. Certainly that's been the case with past MS OS's, and Vista has a lot of new code. Sorry, nobody gets tens of millions of lines of new code [symantec.com] exactly right the first time. You'd be insane to throw out XP for Vista on security grounds right now.

Re:Well, that's sorta backwards (1, Funny)

Anonymous Coward | more than 7 years ago | (#17494464)

Whoosh!

Re:Well, that's sorta backwards (4, Interesting)

denoir (960304) | more than 7 years ago | (#17494834)

As a current Vista user I can tell you the following: Microsoft has a high priority of not being blamed for security issues. Their solution is to through the UAC (User Account Control) warn the user before he makes any action that could potentially be harmful to the system. This is just about any action. "WARNING! Operation 'use keyboard' is a high security risk. Press any key to abort." Ok, perhaps not that bad - but nearly. If you are an experienced user, you will turn UAC off after cursing at Microsoft for 15 minutes. If you are an inexperienced user you will just blindly accept the warning - otherwise you can't use your computer normally. In effect the operating system is constantly crying wolf and there is no way in hell an inexperienced user will be able to tell the difference between an irrelevant warning and a relevant one. Vista is also supposed to be much more secure under the hood. I really hope so, because their approach to user based security sucks. The only real point that I can see is avoiding getting sued.

Re:Well, that's sorta backwards (1)

0racle (667029) | more than 7 years ago | (#17493656)

The VM is unnecessary and just adds a layer that does nothing for security. Any system behind a good firewall is enough but will not save the user from themselves.

Look at it logically and focus your efforts. (4, Insightful)

khasim (1285) | more than 7 years ago | (#17493826)

There are a limited number of ways for a machine to be cracked.

#1. Worms - if you don't have any open ports, then you're pretty much immune to worms (unless they can crack basic TCP/IP operations). Ubuntu ships BY DEFAULT with no open ports. Windows ships with lots of open ports. Change that behaviour and you've solved an entire CLASS of attacks.

#2. Viruses - an infected program infects other programs, but does not otherwise change those programs. This is not very common now.

#3. Trojans - this is the biggest current threat. And there is no real way to remove it 100%, but it CAN be limited (again, look at Ubuntu). This is primarily a social engineering attack. You have to convince the user to run an app or open a message that will exploit a flaw in their email app (and so forth).

So, why aren't we seeing a focus on the biggest security issue?

Why hasn't Microsoft released a bootable CD so you can run the anti-virus/spyware/adware stuff easier? Clean up the junk AND patch the vulnerabilities in Outlook. Even if it means turning off some of the functionality.

If you cannot do it securely, then you should not do it.

Re:Look at it logically and focus your efforts. (2, Informative)

0racle (667029) | more than 7 years ago | (#17493914)

Windows ships with lots of open ports
IIRC, it hasn't since XP SP2 as the firewall is enabled by default. Any open ports a users system has since then is because they allowed those connections themselves.

Firewalling them is not the same as closing them. (5, Insightful)

khasim (1285) | more than 7 years ago | (#17493956)

IIRC, it hasn't since XP SP2 as the firewall is enabled by default. Any open ports a users system has since then is because they allowed those connections themselves.

Nope. There are still lots of ports open, it's just that Microsoft put a firewall on the system, too.

The problem still exists. But now there is a wrapper obscuring it that you have to get through. That isn't solving the problem. That's just attempting to hide it.

And exploits have been found for Microsoft's firewall. Which demonstrates the problem with not solving it at the lowest level.

I can put an Ubuntu machine with a default install onto the Internet without any firewall and still be safe from worms.

I cannot do that with WinXP (or Win2K or Win9x or WinNT). If you aren't solving the problem at the lowest level, you're not really solving it. You're just hiding it.

Re:Firewalling them is not the same as closing the (2, Insightful)

Akaihiryuu (786040) | more than 7 years ago | (#17494184)

I wish more people would point this out! A firewall by itself is not security. It's just an extra layer of protection. Protecting insecure apps by putting them behind a firewall is a recipe for disaster. Ideally, you should be able to turn your firewall off and still not be any more vulnerable. The primary function of a firewall is to reduce visibility, not add security.

Re:Look at it logically and focus your efforts. (2, Insightful)

mistralol (987952) | more than 7 years ago | (#17494224)


Well thats not really true. There is almost an unlimited number of ways a machine can be compromised.
Most of them still valid.

A program written for a specific task downloaded and run by the end user does not fall into the categories you list.

First problem with XP and SP2 was its new security features did very little. Like come on it now asks the end users is this ok to run ? but the problem is the first time they saw things like this every time they clicked no their programs didnt work. So from then on they always click yes.

Security != Asking an end user something they dont understand.

I am pritty sure as a whole security is being tackled in the wrong way.
From what i can see ever security problem is being tackled by 3rd party software to take care of a problem that should not exist in the first place.

eg Virus's are taken down by Anti Virus software. If you ask some basic information on an non-technical end user about what a anti virus program does and how it works. They are not aware that something like symantec does not garentee protection but is only able to tell you that it doesnt see a virus that exists in its database.

Something that i have been looking for for windows for a long time is a simple connection tacking firewall that will support rule based filtering. Like the basic functions of iptables. eg will track connections and allow / block / drop on different ports and flags. There currently is nothing that i know of for windows that will support this. They all ask the end user. The end user doesnt know the answer. Therefore why install the firewall in the first place.

I see currently security practices as a method of fire fighting only! Only in this case the fire is much more powerful that the fighters. A great example of this is the spam wars. Create spam filter. Spammers work around filter. Create better adapted spam filter. Spammers find workarounds. Create DNS blacklists. Spammers change method of sending spam. But during the whole time if the SMTP protocol was fixed. The problem could be elimenated overnight.

We need the same sort of approach for security. While discussing this the other day in work with people we reached an agreement that it is currently impossible to protect end users when any sort of permissions are required for running lots of bady written applications.

Is Bill Gates moderating? (1)

Harmonious Botch (921977) | more than 7 years ago | (#17494178)

Parent got moderated 'flamebait'??

His post seriously addresses TFA, and the only possibly flame-like statement has a smiley after it. Somebody please scroll back and mod him up.

Capitol Punishment (5, Funny)

flyneye (84093) | more than 7 years ago | (#17493476)

Capitol Punishment on national television for owners of botnets.
O.K.,O.K. maybe just corporal punishment ,but it has to be bareass.

I STOLE YOUR PERSONAL INFOS (0)

Anonymous Coward | more than 7 years ago | (#17493526)

LOL

Re:Capitol Punishment (1)

Original Replica (908688) | more than 7 years ago | (#17493736)

Maybe if there were free tools available to find and remove bots from home computers, you could argue that a "pollution" fine would be in order for those that allowed (through neglect) bot proliferation.

Re:Capitol Punishment (2, Funny)

Anonymous Coward | more than 7 years ago | (#17494988)

What is "capitol" punishment? A stick of dynamite in the rotunda?

You mean "capital" punishment.

Rootkits (1)

Brewskibrew (945086) | more than 7 years ago | (#17493490)

What happens when the virus is in there from the factory software build? (It's coming from inside your house!) And no, the Windows operating system is not a virus.

There's was so much crap and adware on someone's new Dell (I heard about), it took an hour to get it all off so I could install my pirated version of Microsoft Office. (err... at least, that's what my friend told me.)

Make Microsoft liable (4, Insightful)

wytcld (179112) | more than 7 years ago | (#17493506)

When a corporation creates a product that is unsafe not just to its user, but to many thousands of others, and provides instructions for that product which, even if faithfully and fully followed by its user, are insufficient to prevent it from causing damage and suffering to thousands of others, that corporation should be liable for the damage and suffering.

If you sell me a chain saw, and I ignore the instructions and cut off my hand, it's my own damn fault. If I ignore morality and criminality and cut off my spouse's head, it's still my own damn fault. But if the chainsaw goes off on its own power, while I'm sleeping, and slices and dices the whole damn town, it's your fault for selling me such a product, especially if you manufactured it with the knowledge that it could, in certain not-uncommon circumstances, do exactly that.

Re:Make Microsoft liable (2, Interesting)

zCyl (14362) | more than 7 years ago | (#17493568)

But if the chainsaw goes off on its own power, while I'm sleeping, and slices and dices the whole damn town, it's your fault for selling me such a product, especially if you manufactured it with the knowledge that it could, in certain not-uncommon circumstances, do exactly that.

And what if it's a GPL'd chainsaw that you made in college, put on the internet for people to copy and use if they want, but never took the time to test thoroughly?

Re:Make Microsoft liable (4, Insightful)

petrus4 (213815) | more than 7 years ago | (#17493902)

And what if it's a GPL'd chainsaw that you made in college, put on the internet for people to copy and use if they want, but never took the time to test thoroughly?

Ever been part of the warez scene on IRC?

I'm assuming you haven't, so I'll explain. That system is entirely trust based, and self-regulating. If a file ever comes from anyone which has a virus or anything else suspect included, the source of the file immediately gets ostracised, at least as a source, and most likely in terms of download access as well, since the system is based on reciprocal trade. Wrong, I hear you say...what about cracks coming from warez *web* sites or p2p nets which have malware? Said malware would likely be put into the archives by the webmasters of those sites themselves...the upstream cracking groups would NOT be doing it, because there are a lot of people in the warez food chain who are not going to want to receive/propogate known malicious files. ANY group which includes files for compromising a system with a release has just destroyed its' ability to subsequently release files that people will trust at any point in the future. Ditto for eMule files that have nasties in them...they get intercepted/recreated downstream. That is part of the entire reason why nets like eMule use the sorts of file hashing systems that they do; if you know the hash of a particular group's release, you can download said release and get entirely clean warez.

Ditto with any moron who was going to be dumb enough to try and write GPL licensed malware...they'd gain a horrible reputation very, very quickly. The other thing is, anyone who is sufficiently interested in doing the wrong thing as to be writing malware in the first place is not going to care about licensing it unless they are exceptionally stupid...which malware authors generally aren't. Sociopathic and deserving of being used as live shark bait, yes. Stupid, no.

Accidental bugs which lead to buffer overflows and such are different. They are unavoidable, and people know that...despite the best of developer intentions, occasionally they happen. As such, although the author of said bug will not risk ostracision for authoring it, in most cases (at least if the program in question has more than half a dozen or so users) it gets patched very quickly.

Re:Make Microsoft liable (0)

Anonymous Coward | more than 7 years ago | (#17494512)

Accidental bugs which lead to buffer overflows and such are different. They are unavoidable, and people know that...despite the best of developer intentions, occasionally they happen.

Don't make excuses for incompetent programmers.. why are buffer overflows unavoidable.. do you really believe that??? That's a pretty sad statement about software today.

I think buffer overflows should be like plane crashes: if you see one, it makes the news. Unfortunately, that's not the case, and the first step is not to tolerate them, expect them, or say they are "unavoidable", when of course they are!

Re:Make Microsoft liable (0)

Anonymous Coward | more than 7 years ago | (#17494896)

hush now baby, dont say a word.
Papa's gonna buy you a new gag...

Re:Make Microsoft liable (1)

Kjella (173770) | more than 7 years ago | (#17493660)

If you sell me a chain saw, and I ignore the instructions and cut off my hand, it's my own damn fault. If I ignore morality and criminality and cut off my spouse's head, it's still my own damn fault. But if the chainsaw goes off on its own power, while I'm sleeping, and slices and dices the whole damn town, it's your fault for selling me such a product, especially if you manufactured it with the knowledge that it could, in certain not-uncommon circumstances, do exactly that.

Hey, yank the network cord and you got a pretty damn safe computer. This is more like someone sneaking in at night, and starts either slicing up you (pop-ups and crapware) or the whole town (botnet and spam) and quite frankly, the chain saw would start without hesitation. Try querying for example Debian's database for all patches market "security", you'll find there's a damn lot. It's more like trying to build a car where someone can't stuff a banana up your tail pipe, let the air out of the tires or tear off your windshield wipers or any other form of vandalism than with with a Ford Pinto or Sony laptop battery blowing up on its own.

Re:Make Microsoft liable (5, Funny)

tomhudson (43916) | more than 7 years ago | (#17493686)

If I ignore morality and criminality and cut off my spouse's head, it's still my own damn fault.

Hans Reiser, is that you?

Re:Make Microsoft liable (1)

0racle (667029) | more than 7 years ago | (#17493696)

Liable for what? Releasing software with bugs in it? You would have to extend that to every software manufacturer that has ever existed.

Re:Make Microsoft liable (2, Interesting)

mistralol (987952) | more than 7 years ago | (#17494246)



And i was thinking about this the other day. Thats why software typically isnt bought by end users but licensed on an "as is" bases.

Re:Make Microsoft liable (1)

KKlaus (1012919) | more than 7 years ago | (#17494378)

I don't like MS either, but thats not really whats going on. If I have an unsecure windows machine, nothing happens until someone else (or some creation of theirs) attacks it. So even if in practice they're selling ticking time bombs, in theory they're not, and the theory is where the law works.

A better analogy would have been a chainsaw can be very easily rigged to kill the whole town. The chainsaw is vulnerable, and thats pretty reprehensible, but the manufacturer clearly isn't liable in the same way.

Re:Make Microsoft liable (2, Insightful)

c6gunner (950153) | more than 7 years ago | (#17494416)

"Insightful"? Dammit. Slashdot REALLY needs a better moderation system.

This psychotic-chainsaw-with-artificial-intelligence analogy is one of the dumbest things I've ever heard. Maybe the author of that post is really so ignorant about computers that he believes them capable of free-thought and action. If he is, I feel sorry for him. The people who modded him up, though, should know better. Computers require programming or user input, or both. Either way, they only do what SOMEONE ELSE has told them to do. So if you REALLY wanted a chainsaw analogy, this is more akin to someone breaking into your house, stealing your chainsaw, and then using it to slaughter half the town. After which you, naturally, wake up, curse the makers of the chainsaw, and try to convince everyone that this never would have happened if only the chainsaw had come with better security.

Seriously, the ignorance in this place never fails to amaze me....

Re:Make Microsoft liable (0)

Anonymous Coward | more than 7 years ago | (#17495096)

"Insightful"? Dammit. Slashdot REALLY needs a better moderation system.

While the analogy is not apt, it does contribute to and further the discussion, and that's the purpose of the mod system - to improve the visibility of useful posts. "Interesting" would have been a better choice, but obviously the fact that some people found it worth modding up means that it's a point that they and no doubt others considered valid, and so a proper refutation would improve the commentary.

Buying a new computer won't help you (2, Insightful)

Junior J. Junior III (192702) | more than 7 years ago | (#17493514)

unless you know how to secure it and maintain it.

The people offering this "advice" have got to be idiots. True, it might cost more to pay someone else to de-own your PC and train you on how to avoid problems in the future than the cost of replacing the hardware. That doesn't mean that educating yourself isn't the right answer though. What does buying a new machine do to make you more secure? Buy a $400 brand spankin' new bottom of the line Dell, throw it up on the net, and get owned in under 20 minutes. Does anyone make the $1200/hr it would take to keep a steady supply of new bottom of the line bot-to-be PC's flowing into the households of idiot users who can't be bothered with learning fundamental literacy?

Being proficient with a computer is not optional if you want to own and use a computer. Learn about TCP/IP. Learn about NAT. Learn about not trusting everything. Learn about understanding how things work at least a little bit before you try to run. You don't need to be a security guru, but you can't get by thinking you can just use a computer and never have to learn anything more about it than that. Casual users on the internet are presently walking through the worst parts of town with $100 bills sticking out of their pockets, and until they can figure out that this isn't smart and why and what to do better, they're going to continue to get themselves in trouble and drag down the community by feeding the predators that eat away at it.

Re:Buying a new computer won't help you (3, Insightful)

Anonymous Coward | more than 7 years ago | (#17493946)

Buying a new computer won't help you unless you know how to secure it and maintain it.

I'm guessing the poster thought that was the advice based on the closing anecdote. In it someone ran into trouble because their current PC was a botnet client. They weren't running the security software provided by their ISP because it overwhelmed their PC, and were buying a new one that was powerful enough to run all of the anti-virus/firewall/etc. protection they need.

You don't need to be a security guru, but you can't get by thinking you can just use a computer and never have to learn anything more about it than that.

You ever see the show To Catch a Thief? A household locks all the doors and then lets a reformed burgler with a videocam attempt to break in. They show them the videotape, help them install required security, and then try and break in again at a random time to see if the family learned anything. The first time is always pitifully easy, and most of the time the burgler's able to make it in the 2nd time as well.

Now, if most people can't secure their home where all most of them have to learn is to close & lock the door when they leave, what chance to we have a mass education campaign about TCP/IP or NAT or anything else related to computer security will work?

Computer security is broken, and I don't think anyone has a workable solution. Why can trying a new screensaver wreak this much havoc?

Re:Buying a new computer won't help you (1)

pelo8280 (1030292) | more than 7 years ago | (#17493994)

A new PC certainly won't help you. The first thing you should do when you get a proprietary computer is reformat and reinstall the operating system. Really, the only important stuff that comes on a new PC (besides the OS, obviously), are your drivers, which your manufacturer should have on a CD somewhere or available free for download. Everything else that they put on there, no matter how useful or convenient, is only on there because some company paid top dollar for prime PC real estate. If you need or want a program functionality, you're better off finding a program that you like; not the one that they're trying to shove down your throat.

Also, the security industry is way overplaying the virus issue. If you're careful about where you go and what you do, getting a virus is very rare even without virus scanning software. Everyone is making it sound like you need virus scanners, but the bigger problem is (you guessed it), adware/spyware. 9999999 out of 10000000, if you do get a virus, it will be from the internet. But since adware and spyware are not illegal (don't inhibit the operation of your PC, yeah right), companies can integrate it into they're software, like Sony was doing with their CD's, and can prevent you from removing that functionality in the End User License Agreement (but who reads those, anyhow?). In my opinion, the best Spyware scanner is Spybot: Searh and Destroy from Safer Networking (http://www.safer-networking.org/ [safer-networking.org] ), which allows you to immunize, removing the harmful portions of programs containing Adware or Spyware.

Anyway, nothing beats a good Spyware Scanner, a good firewall (think the Windows on protects you? Keep in mind it's made by Micro$oft; my favorite firewall is ZoneAlarm), a Virus Scanner if you're paranoid, and an education in computer security. As Junior J. Junior III said above, learn what you're doing. Nothing can beat that.

Re:Buying a new computer won't help you (0)

Anonymous Coward | more than 7 years ago | (#17494004)

I'm a Joe six pack idiot as usually described by the gods of the Slashdot community and this is what I'm doing:
-read slashdotters' comments and other forums + security news
-wipe off windows xp sp2 professional OEM editon, xp home pre-installed + m$ Office Professional edition an investment of about US$720.00
-Suse Linux 10.2 installed for work, Mepis and other GNU/Linux distros for internet surfing and kid's play
-run Knoppix searching for rootkits
-do re-installations whenever I do suspect something is not right with the present F/OSS
-it takes long %%%ng hours of my life and productivity time trying to be on the safe side
    and sometimes I consider to be on the darkside with the winners and not w/lossers like microsofties and /dotters
-trying to set up IPCOP a 2007 proyect

Now geekdom citizens -all m$ suckers and GNU/Linux freedom fighters- deliver top of the notch software for the end user to use safely; and stop insulting the normal user who has to be productive with their respective corporations.

Re:Buying a new computer won't help you (1)

liquidpele (663430) | more than 7 years ago | (#17494126)

WTF?
Joe sixpack indeed.

There are 3 options for a secure computer: 1) Buy windows, install a firewall like zonealarm, install antivirus and keep it up to date, and don't install anything off the internet unless you are 100% certain you could sue someone over it breaking your computer.

2) Install Fedora or Ubuntu, keep it up to date with free updates via apt-get/Yum/synaptic/whatever.

3) Buy a Mac

Security add extra steps and requires you to not be stupid, it doesn't mean you don't have to be productive.

Re:Buying a new computer won't help you (0)

Anonymous Coward | more than 7 years ago | (#17494398)

moron -i'm doing more than that. i will never buy a mac stupid.

Not quite.... (5, Insightful)

Dcnjoe60 (682885) | more than 7 years ago | (#17494648)

Being proficient with a computer is not optional if you want to own and use a computer. Learn about TCP/IP. Learn about NAT. Learn about not trusting everything. Learn about understanding how things work at least a little bit before you try to run. You don't need to be a security guru, but you can't get by thinking you can just use a computer and never have to learn anything more about it than that.

Ummm, most Mac OS X users don't have to know anything about TCP/IP or NAT, etc. Of course, they have an OS that has security built in at a very low level, not tacked on as an after thought. Windows, at least through XP, is still based on the notion that it wants to make it easy to connect to everything and everyone. As such, it's pretty open and malware takes advantage of that. OS X and the various *nix distros start at the other end of the spectrum where things are locked down unless you open them up (although OS X has more opened up than, say Ubuntu and various other linii).

As others have posted, if Windows shipped with all ports closed except those that were really needed, then the user wouldn't need to worry about all these things. They wouldn't be opening a port until they needed it for some specific application and then that application could explain the dangers, if any to having the port open. It's basically a compromise between ease of use and security. Microsoft chose to maintain it's ease of use model from the pre-internet days, when everything was local and has tried to add security on top. It just doesn't work that well.

So, the real choice is, it seems, that if you want a Windows pc, then you need to learn about TCP/IP, NAT, firewalls, etc. On the otherhand, if you just want to use your computer, either buy a Mac or put a secure Linux, like Ubuntu, on your pc. (I just use Ubuntu as an example, there are others, too)

An easy answer (4, Insightful)

Overzeetop (214511) | more than 7 years ago | (#17493536)

So all we need is a widget on the desktop that allows you to turn on and off the internet connection, and logs all information that goes in and out, along with denying any redirection of data to other than the specific target request (if you send a request to www.google.com, only www.google.com may respond).

Any traffic that isn't specifically requested by the user is blocked. You manually open and close ports as you need them.

Oh, right, that would break most authenticity checks to combat "piracy", and totally botch most advertising on the net, and set us back to the early 90s. BTW - sign me up.

Re:An easy answer (1)

theturtlemoves (932428) | more than 7 years ago | (#17493662)

You mean a firewall, right?

New PC (4, Insightful)

NitsujTPU (19263) | more than 7 years ago | (#17493546)

Getting a new PC doesn't make any sense at all. It just gives the bot more resources to munch on.

Re:New PC (1)

zCyl (14362) | more than 7 years ago | (#17493576)

Getting a new PC doesn't make any sense at all. It just gives the bot more resources to munch on.

This story brought to you via the botnet which tookover the NYT. :)

Skynet!!! (0)

Anonymous Coward | more than 7 years ago | (#17493936)

Thats just what skynet wants you to do!!!

The root of the problem is responsibility (5, Insightful)

Todd Knarr (15451) | more than 7 years ago | (#17493604)

The core of the problem is responsibility, or a lack thereof.

Vendors aren't responsible for the results of the flaws in their programs. Worse, they aren't responsible for deliberate design decisions that make it impossible to secure systems. I make an analogy to automobiles. Auto makers aren't generally liable for defects in cars, unless the source of the defect goes beyond a simple mistake or defective part, but they are responsible for repairing those defects and can be sued if they refuse to do so. And they're liable for design decisions they make. Witness the Ford Pinto. The current state of software liability is akin to Ford claiming that, because they had a valid business reason for building the gas tank on the Pinto the way they did (it was cheaper, thus let them price the car cheaper), they cannot be held liable for the fires that happened as a direct result of their decision. The courts slapped Ford around for making that claim, why are software vendors not treated the same? I can live without strict liability for software flaws, but lack of liability for design decisions that directly lead to security problems is probably the biggest reason we still have problems.

And users aren't held responsible for their use of a computer. They treat it as some sort of plug-and-play device like a television or a radio: plug it in, turn it on and stop thinking about it. A computer isn't an appliance, you can't just ignore it after initial set-up. Again, cars make a good analogy. You can't just ignore a car's maintenance after you buy it, you need to put new tires, new brakes and such on it regularly. And car owners get held liable if they don't. If you wore your brakes out so they don't work anymore and didn't get them serviced, when you rear-end someone because you don't have any brakes you will be held responsible by the courts and the insurance. If you're running on bald tires because you don't think you should have to check and change anything, you're going to get ticketed by the cops at some point for unsafe mechanical condition and the car's registration will get suspended until you fix the problem. Sure it's a hassle and expense to keep maintaining all those things about a car that need maintained, but we don't accept that as an excuse for someone not maintaining them and causing damage or injury to others as a result. So why do we let computer users off the hook when they say "But I don't know anything about computers!".

Software vendors and computer users need to grow up. They've been both acting like spoiled 5-year-olds who were running in the house after being told not to, knocked over the china cabinet and broke everything in it, and now that Mom and Dad are standing there they're whining that they shouldn't have to own up to it and take their punishment. No dice.

Re:The root of the problem is responsibility (1)

tftp (111690) | more than 7 years ago | (#17493706)

So why do we let computer users off the hook

Because the "damage" they cause is very small, and virtual in nature (an annoyance at most.)

when they say "But I don't know anything about computers!"

Because 100% of the lawmakers are firmly in this category?

Re:The root of the problem is responsibility (1)

mistralol (987952) | more than 7 years ago | (#17494336)


Yes however there are some simple problems with that.

a) All countries have limited coroperation with each other for things like ground space. I would like to see them try to agree of laws for the internet for this sort of things in the real world. As a race peopel generally need to grow up.

b) The internet is a free open place between all courners of the world. If your computer is spreading crap all over the place you are perfectly intitled todo so. Just as much as 1 country is perfectly allowed to turn you off from its self again.

c) Basic education needs to be placed into end users. I work for an IT Support company somebody phoned me up gave off to me on the end of the phone that outlook wasnt working correclty and the email was bigger than the screen. What she really meant was that when viewing an email the toolbar had been switched off (by her). How we deal with that in a support contract is take note of it and pass on the cost to the company so they have their own chance to deal with the training of their users and they are welcomed to ask us for advice on anything todo with training. However most of them never do. Like most places people come in and are just dumped in front of a computer and told to get on with it because its cheaper that way. This normally happoens because people lie a bit in interviews / job applications.

Re:The root of the problem is responsibility (1)

bjs555 (889176) | more than 7 years ago | (#17494830)

In a car analogy, you say you can't ignore maintenance such as new tires, checking brakes, etc. How is this enforced? Most states have annual inspection laws and require you to display a sticker on your car certifying that it has passed inspection. How about an inspection law for computers? That is, they must be inspected by someone certifed to find security problems at periodic intervals and must have a "sticker" (that can be read by an ISP) in order to be allowed on the net. ISPs would be paid a bounty (by who? I dunno) to find uncertified machines on the net.

Of course, I hate my idea because it restricts freedom but the situation has become so bad for non-technical people that I'm afraid they will give up using the net. That would be bad. The net is a wonderful thing.

Re:The root of the problem is responsibility (1)

Jerf (17166) | more than 7 years ago | (#17494894)

I make an analogy to automobiles.
Yeah, sorry... I sort of stopped reading right there.

Computers aren't cars, webpages aren't newspapers, and the Internet is not a highway.

The closest real-world analogy to a botnet would be an engineered real-world virus, and even that isn't a good enough analogy to come to any conclusions with. (For one thing, nobody is a "manufacturer" of human bodies, so the blame situation would be entirely different.)

Friends don't let friends make car analogies. Do your part to put a stop to this hideous menace to clear thought on Slashdot.

Read-0nly update (0)

Anonymous Coward | more than 7 years ago | (#17493640)

...an 'updated' PC with an Ubuntu live CD.

Yes! Buy a new PC... (2, Insightful)

jlarocco (851450) | more than 7 years ago | (#17493658)

and sell your old one cheap.

Just the other day I bought an older Dell that "wouldn't boot" for $15, sans hard drive. An hour of hacking around inside, and I was able to get it going. It's a little old, but it'll make a nice LiveCD tester.

Consumers are getting raped by MS and Dell, but they're not going to learn, so might as well take advantage.

Re:Yes! Buy a new PC... (3, Interesting)

sjwest (948274) | more than 7 years ago | (#17493836)

Waiter Rant (some blog) covered this recently http://waiterrant.net/wordpress2/?p=400 [waiterrant.net]

"Same old," Arthur says. "How's the writing thing going?"
"Harder than I expected," I say. "But thank God for computers. I can't imagine typing this all out on a typewriter."
"Computers are great," Arthur says. "Until they go wrong."
"Ain't that the truth."
"My old computer was so infested with porn I had to throw it out," Arthur says.
"No way," I reply, taking a sip from my martini.
"I'm not kidding."
"Couldn't you reformat the hard drive?"
"My ex brother-in-law tried to fix it," Arthur says, wiping down the bar with his towel. "He's a computer geek and even he couldn't do it."
"What the hell were you looking at?" I ask.
"Nothing illegal," the bartender says, suddenly defensive.
"Sure."
"I swear," Arthur says. "I'm surfing the net, minding my own business...."
"Looking at naked women."
"Perusing all the wonderful smut the internet has to offer," Arthur continues, "When a porn demon possesses my laptop."
"Porn demon?"
"Yeah," Arthur says, throwing up his hands. "A million pop-ups start exploding on the screen."
"Oh no," I mutter. .....
"So," Arthur says, pulling a frosted glass out of the freezer, "I had a millions pop ups. It took me forever to close them. My ex-wife saw them."
"I'm not gonna even ask what she was doing there."
Arthur just smiles. "So the computer's completely fucked," he says. "Ran slow, acted weird - the works."
"Didn't you run a virus scan?"
"This isn't a virus," Arthur cautions. "It's a porn demon. Virus scans are powerless against it."
"I don't think the church exorcises computers," I say.
"You sure?"
I chuckle to myself. Every Catholic diocese has an official exorcist. I used to know the one from mine. It's a secret, mostly ceremonial post. Despite what you see in the movies, Linda Blair scenes are few and far between. Something tells me the Church isn't gonna whip out the bell, book, and candle to save a Duo-Core processor.
"I'm sure," I say.
"That's too bad," Arthur says. "My brother-in-law gave up. I had to throw the damn thing in the trash."
"I don't know what's worse," I say. "You buying a new computer or your ex brother-in- law trying to fix it."
"I learned my lesson," Arthur says, pouring my drink into the frosted glass. "I had to spend a grand on a new computer. No more internet porn for me." .....

Seems drastic but it did solve the problem. - i make no comment about the tech but thats a user for you.

Doesn't advise getting a new PC for everyone (1)

CheeseTroll (696413) | more than 7 years ago | (#17493782)

The summary is a little misleading. The NYT doesn't recommend that getting a new PC is the solution. They simply quote a woman running an old machine with Win98, which wasn't capable of running the security software provided by her ISP without slowing to an unusable crawl. I think most of us have seen our share of computers in that state to sympathize.

Did anyone really expect a middle-aged, non-techie to think "Gosh, I should finally install Linux with a lightweight window manager!"

Re:Doesn't advise getting a new PC for everyone (1)

khristian (1009227) | more than 7 years ago | (#17494182)

If she had been taught since the beginning about how to use linux, it would be easier. But there are a lot of relatives who know how to open Word and play Solitaire, so they taught her how to use Windows.
I know a lot of people who can`t even use a mouse, and it wouldn`t be harder to teach them to use linux (nowadays, at least) than it would be to teach them to use windows. They probably won`t use more than a word processor and web browser, so no need to say anything about recompiling kernels and the such.
Culture and tradition aren`t easy to change.

Re:Doesn't advise getting a new PC for everyone (1)

SpaceLifeForm (228190) | more than 7 years ago | (#17494204)

If the 'security software' provided by her ISP made
the computer slow to a crawl, I'd say that the
'security software' was actually malware/spyware.

Re:Doesn't advise getting a new PC for everyone (1)

TerranFury (726743) | more than 7 years ago | (#17494848)

I am offended every time an ISP tries to install software on my computer. When we go to the gas station, do the attendants try to glue widgets to our upholstery or steering wheels?

It's damned AOL, convincing people wrongly since the beginning that "The Internet" is a piece of software on their computer. It is not. It is a utility, and an ethernet cable is just like a power cord.

(This small rant after a Verizon FIOS install put shedloads of crap on my parents' PC. I had to explain to them that this changed nothing about how they were to use the computer, that they were to ignore the new icons until I got around to uninstalling the crap, and that Firefox and Thunderbird would continue to work as usual. Unfortunately, you HAD to install the software, as the installer also contacts servers at Verizon et al to confirm your account...)

New PC isn't going to help... (2, Insightful)

JayTech (935793) | more than 7 years ago | (#17493784)

Purchasing a new, "updated" PC is going to give you about as much protection as purchasing a new "updated" vehicle. Sure, you're going to find plenty more safety features to make your drive easier, but bottom line is the vehicle isn't going to be immune to crashes; it's still your duty to drive responsibly. The same goes for your PC - it's your responsibility to secure you PC against the latest threats. As far as the propagation of malware goes, I predict it's only going to get worse. Let's face it - as long as people remain uneducated to the dangers of malware, and haven't really been affected by it firsthand, they aren't going to make an effort to protect themselves. They'll keep paying Norton $20+ a year for non-existent protection, as long as it makes them feel safe.

Use Macs (1, Insightful)

Delifisek (190943) | more than 7 years ago | (#17493904)

Or Linux
Case Closed

Re:Use Macs (0)

Anonymous Coward | more than 7 years ago | (#17494076)

Lol. That sounds like Howard Roark from The Fountainhead. "Here are the pictures. The defence rests".

Re:Use Macs (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17494158)

As I was recently talking to some of my friends, the biggest mistake of Microsoft is being so popular. That is, the reason why nobody hacks Windows 98 machines, is because there are few (Reason why I left my parents computer with Windows 98 for what they need, and I don't need to worry that much).

I would believe that if users start using more and more whatever you propose here, they will find flaws that lazy users fall on.

I mean, linux can be a pretty secure OS, but make it the most popular, and every hacker will be aiming to hack regular user systems. That hasn't been a problem, since linux users are experimented so far. I'm certainly waiting for linux to be the most popular OS!

Re:Use Macs (0)

Anonymous Coward | more than 7 years ago | (#17494392)

Also, what do you think "antivirus" companies will do? I bet they are in their best interest of maintaining their customers, aren't they?

Retail Youngsters (1)

Joebert (946227) | more than 7 years ago | (#17493976)

I'm still wary of the young people that pester you to let them do the "free" setup when you buy a new computer at places like Besy Buy.

Ubuntu (1)

bigattichouse (527527) | more than 7 years ago | (#17494036)

I have already handed an Ubuntu disk to one "lost cause"... perhaps the wave of the future? Then, over beers, you help install thunderbird and get most of their stuff up and running. What a shiney new machine they have!

Push for Windows CDs (4, Insightful)

astrashe (7452) | more than 7 years ago | (#17494084)

The problem is exacerbated by the reluctance of MS and PC vendors to give out Windows CDs that can be used to wipe and reinstall systems. They should build pockets into the sides of cases for the CDs so people don't lose them, and slipstream all the drivers in, and put instructions to boot the restore disk on the CD label itself.

Heck, a 700MB USB flash drive isn't expensive now. They should build read only flash drives with windows into the box, and put an option to run a reinstall in the bios. Solder it in so no one will steal it.

It's the least they could do, considering. I mean, Windows compes preinstalled on almost every PC sold, and there are a zillion pirate copies of Windows floating around on the net, so hardly anyone needs to steal it, and anyone who wants to steal it can. But legitimate users are screwed when they have problems because they don't get CDs, because giving them CDs would encourage piracy. And, I suspect, because it's good for business if people trapped in a monopoly have to buy extra computers to solve this problem.

A new PC will help for what, a month? (1)

fromvap (995894) | more than 7 years ago | (#17494428)

It is too bad that only millionaires can afford Apple. If you could buy a decent Mac for the same cost as a Dell, the 50% of users who don't care about gaming would probably do so, instantly solving half the botnet problem. When PC gaming finishes dying out in the next few years, even more people could switch. Too bad that with their insane prices Apple will never break 15% market share.

A Simple Solution: power off when not using a PC (1, Interesting)

Anonymous Coward | more than 7 years ago | (#17494436)

I don't know why the botnet hunters don't tell the reporters that they could lessen the impact if everyone would just turn their computers off when they are not using them. Disrupt the botnets as much as possible. It wouldn't affect any but memory resident bots, but a PC that is infected and off won't be sending out spam. Once word got out "do you turn your PC off" then you could educate the masses to patch and practice safer computing.

I work with a Cisco VPN concentrator at a Medical/Dental/Nursing school, and every day a co-worker comes in early and forces off the users that have been connected all night and more. Usually it is 30-40 people but over weekends and holidays the number climbs to 70-80. Why stay connected, why leave your computer on all the time?

I'll leave the M$ bashing to others, the "open any email you get" bashing to others. I run an OpenBSD firewall on an old Dell at home, and I tell my kids to turn off the computer when they are done. I'm doing my part.

Printed Article (1)

antdude (79039) | more than 7 years ago | (#17494562)

NYT Generator is down so time to use copy and paste from the print page:

January 7, 2007
Attack of the Zombie Computers Is Growing Threat
By JOHN MARKOFF

In their persistent quest to breach the Internet's defenses, the bad guys are honing their weapons and increasing their firepower.

With growing sophistication, they are taking advantage of programs that secretly install themselves on thousands or even millions of personal computers, band these computers together into an unwitting army of zombies, and use the collective power of the dragooned network to commit Internet crimes.

These systems, called botnets, are being blamed for the huge spike in spam that bedeviled the Internet in recent months, as well as fraud and data theft.

Security researchers have been concerned about botnets for some time because they automate and amplify the effects of viruses and other malicious programs.

What is new is the vastly escalating scale of the problem -- and the precision with which some of the programs can scan computers for specific information, like corporate and personal data, to drain money from online bank accounts and stock brokerages.

"It's the perfect crime, both low-risk and high-profit," said Gadi Evron, a computer security researcher for an Israeli-based firm, Beyond Security, who coordinates an international volunteer effort to fight botnets. "The war to make the Internet safe was lost long ago, and we need to figure out what to do now."

Last spring, a program was discovered at a foreign coast guard agency that systematically searched for documents that had shipping schedules, then forwarded them to an e-mail address in China, according to David Rand, chief technology officer of Trend Micro, a Tokyo-based computer security firm. He declined to identify the agency because it is a customer.

Although there is a wide range of estimates of the overall infection rate, the scale and the power of the botnet programs have clearly become immense. David Dagon, a Georgia Institute of Technology researcher who is a co-founder of Damballa, a start-up company focusing on controlling botnets, said the consensus among scientists is that botnet programs are present on about 11 percent of the more than 650 million computers attached to the Internet.

Plagues of viruses and other malicious programs have periodically swept through the Internet since 1988, when there were only 60,000 computers online. Each time, computer security managers and users have cleaned up the damage and patched holes in systems.

In recent years, however, such attacks have increasingly become endemic, forcing increasingly stringent security responses. And the emergence of botnets has alarmed not just computer security experts, but also specialists who created the early Internet infrastructure.

"It represents a threat but it's one that is hard to explain," said David J. Farber, a Carnegie Mellon computer scientist who was an Internet pioneer. "It's an insidious threat, and what worries me is that the scope of the problem is still not clear to most people." Referring to Windows computers, he added, "The popular machines are so easy to penetrate, and that's scary."

So far botnets have predominantly infected Windows-based computers, although there have been scattered reports of botnet-related attacks on computers running the Linux and Macintosh operating systems. The programs are often created by small groups of code writers in Eastern Europe and elsewhere and distributed in a variety of ways, including e-mail attachments and downloads by users who do not know they are getting something malicious. They can even be present in pirated software sold on online auction sites. Once installed on Internet-connected PCs, they can be controlled using a widely available communications system called Internet Relay Chat, or I.R.C.

ShadowServer, a voluntary organization of computer security experts that monitors botnet activity, is now tracking more than 400,000 infected machines and about 1,450 separate I.R.C. control systems, which are called Command & Control servers.

The financial danger can be seen in a technical report presented last summer by a security researcher who analyzed the information contained in a 200-megabyte file that he had intercepted. The file had been generated by a botnet that was systematically harvesting stolen information and then hiding it in a secret location where the data could be retrieved by the botnet master.

The data in the file had been collected during a 30-day period, according to Rick Wesson, chief executive of Support Intelligence, a San Francisco-based company that sells information on computer security threats to corporations and federal agencies. The data came from 793 infected computers and it generated 54,926 log-in credentials and 281 credit-card numbers. The stolen information affected 1,239 companies, he said, including 35 stock brokerages, 86 bank accounts, 174 e-commerce accounts and 245 e-mail accounts.

Sensor information collected by his company is now able to identify more than 250,000 new botnet infections daily, Mr. Wesson said.

"We are losing this war badly," he said. "Even the vendors understand that we are losing the war."

According to the annual intelligence report of MessageLabs, a New York-based computer security firm, more than 80 percent of all spam now originates from botnets. Last month, for the first time ever, a single Internet service provider generated more than one billion spam e-mail messages in a 24-hour period, according to a ranking system maintained by Trend Micro, the computer security firm. That indicated that machines of the service providers' customers had been woven into a giant network, with a single control point using them to pump out spam.

The extent of the botnet threat was underscored in recent months by the emergence of a version of the stealthy program that adds computers to the botnet. The recent version of the program, which security researchers are calling "rustock," infected several hundred thousand Internet-connected computers and then began generating vast quantities of spam e-mail messages as part of a "pump and dump" stock scheme.

The author of the program, who is active on Internet technical discussion groups and claims to live in Zimbabwe, has found a way to hide the infecting agent in such a way that it leaves none of the traditional digital fingerprints that have been used to detect such programs.

Moreover, although rustock is currently being used for distributing spam, it is a more general tool that can be used with many other forms of illegal Internet activity.

"It could be used for other types of malware as well," said Joe Stewart, a researcher at SecureWorks, an Atlanta-based computer security firm. "It's just a payload delivery system with extra stealth."

Last month Mr. Stewart tracked trading around a penny stock being touted in a spam campaign. The Diamant Art Corporation was trading for 8 cents on Dec. 15 when a series of small transactions involving 11,532,726 shares raised the price of the stock to 11 cents. After the close of business that day, a Friday, a botnet began spewing out millions of spam messages, he said.

On the following Monday, the stock went first to 19 cents per share and then ultimately to 25 cents a share. He estimated that if the spammer then sold the shares purchased at the peak on Monday he would realize a $20,000 profit. (By Dec. 20, it was down to 12 cents.)

Computer security experts warn that botnet programs are evolving faster than security firms can respond and have now come to represent a fundamental threat to the viability of the commercial Internet. The problem is being compounded, they say, because many Internet service providers are either ignoring or minimizing the problem.

"It's a huge scientific, policy, and ultimately social crisis, and no one is taking any responsibility for addressing it," said K. C. Claffy , a veteran Internet researcher at the San Diego Supercomputer Center.

The $6 billion computer security industry offers a growing array of products and services that are targeted at network operators, corporations and individual computer users. Yet the industry has a poor track record so far in combating the plague, according to computer security researchers.

"This is a little bit like airlines advertising how infrequently they crash into mountains," said Mr. Dagon, the Georgia Tech researcher.

The malicious software is continually being refined by "black hat" programmers to defeat software that detects the malicious programs by tracking digital fingerprints.

Some botnet-installed programs have been identified that exploit features of the Windows operating system, like the ability to recognize recently viewed documents. Botnet authors assume that any personal document that a computer owner has used recently will also be of interest to a data thief, Mr. Dagon said.

Serry Winkler, a sales representative in Denver, said that she had turned off the network-security software provided by her Internet service provider because it slowed performance to a crawl on her PC, which was running Windows 98. A few months ago four sheriff's deputies pounded on her apartment door to confiscate the PC, which they said was being used to order goods from Sears with a stolen credit card. The computer, it turned out, had been commandeered by an intruder who was using it remotely.

"I'm a middle-aged single woman living here for six years," she said. "Do I sound like a terrorist?"

She is now planning to buy a more up-to-date PC, she said.

faked article image (0)

Anonymous Coward | more than 7 years ago | (#17494720)

there is no way that screen would be that out of focus unless it was like 5" big and 2 foot from the camera. The bald bloke is a good couple of feet behind the other guy and he is in focus.

and I think the whiteboard background is slotted in as well. would be difficult to get their right sides in a different colour without some leakage onto the background. And if they have such a large difference in contrast (bright one side, shadow the other), how come the background is one uniform colour?

defintately something wrong in between the blokes and and the monitor...

What about the ISP? (1)

davmoo (63521) | more than 7 years ago | (#17494756)

Everyone seems to be blaiming either Microsoft or the ignorant user. Let's not leave out the ISP. ISPs should cut off anyone who's connection is showing suspicious activity like spewing out hundreds of emails over a short period of time, etc.

Re:What about Legit mass mailing? (0)

Anonymous Coward | more than 7 years ago | (#17494852)

ISP's cannot distunguish legit mailing from spam, granted the billion message mark is quite noticeable.. maybe just a cap, a million mails a day etc?

Bullshit: Just turn off services. (3, Informative)

TerranFury (726743) | more than 7 years ago | (#17494792)

I really, really don't get it. It's not that hard to keep a Windows box safe. I do understand how grandma can screw up, but I just do not buy the rubbish that every Windows machine gets compromised in five minutes.

People talk about "open ports." To me, that's right up there with "oh no! My IP address is visible!" paranoia. It's just not how computers work! Worms don't somehow jump into your computer through magic holes called "ports:" They exploit bugs in services.

So, disable all the services you don't need. Get rid of the blasted Windows filesharing cruft. Shoot the scripting host. Turn off the remote desktop crap. Look through all the services, and just clean all that junk out. If you don't have idiot programs running that worms can fool into executing arbitrary code or otherwise misbehaving, you're ok! Then connect to the 'net and install the latest updates. In the time it takes you to do that, nobody will jump up through your NIC and give your computer gonorrea.

A firewall is a safety net, and it makes perfect sense in, say, a production IT department to have as many safety nets and backups as you can. But a properly-configured machine, without exploitable crap running, shouldn't strictly need it, and I really think that a competent personal user can easily stay safe.

As for the "security software" the article speaks of: Though an up-to-date antivirus is a decent idea, most software firewalls and other pieces of security software really just operate something like modern-day politicians, keeping users alarmed so as to justify their own existance. "Someone is trying to HACK you!" they scream, as an innocent ICMP ping request arrives at your computer. Pfft. Save your CPU cycles and just don't be a fool!

And without a single use of "hacker" (2, Insightful)

rrohbeck (944847) | more than 7 years ago | (#17494952)

Kudos.

Consumerism (0)

Anonymous Coward | more than 7 years ago | (#17495004)

Thats a great suggestion from 'security researchers'. "Buy new".
I bet we can solve all problems related to IT Security through that. "buy new".

"Security Researchers" the media interview are about as knowledgeable in the field as Cab Drivers are when interviewed by the BBC.

It's not the PC's being targeted... (1)

whoppo (218875) | more than 7 years ago | (#17495008)

... It's the negligent PC owners. As long as the general Internet-connected public is dumb enough to let this kind of crap continue the bad guys will prevail. The average user just can't be convinced to keep their PC patched, their antivirus def's current or sweep for malware regularly. The average user just can't resist reading those oh-so-friggin-cute, malware laden eGreetingCards, launching email attachments promising a fun new game or nekkid pics of Brittany, or spending countless hours surfing infected porn sites (and you thought we didn't know.. right?). The average user buys a computer, gets the neighbor's kid to get them on the net and calls it good. See where I'm goin' here? The average computer user needs to be a bit more educated in the ways of safe computing. They need to know that most of the content they encounter is malicious and when they ignore the threats they make it worse for everyone... not just themselves. It's not about Windows vs. Linux vs. Mac (even though Linux rules baby!) it's about bad, but clever people vs. nice, but stupid people... IMHO

IRC control (1)

HardYakka (265884) | more than 7 years ago | (#17495064)

I may be missing something, but every time I hear about a botnet they seem to control it through an IRC channel.

Couldn't the OS block access to IRC by default?

It seems to me anyone naive enough to install a trojan would not be using IRC anyway, and conversely, anyone who uses IRC would probably be computer savvy enough to avoid trojans.

how come no mention of DDOS? (2, Insightful)

circletimessquare (444983) | more than 7 years ago | (#17495088)

i thought holding a website for ransom or unleashing a botnet DDOS to shut them down was a problem, but the topic was never touched on in the NYT article

is it because the issue is outside the scope of the article or am i hopelessly behind the times and that's not really a problem anymore for some reason i'm not aware of?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?