digg

Join DiggAbout

Call for questions
Submit and vote up questions you'd like to see answered by Kevin & Jay at the next Digg Townhall on 11/18.

Researchers seize huge Spam Botnet - Face Ethics Dilemma

eweek.com — "Kraken Botnet Infiltration Triggers Ethics Debate ...Researchers seize control of one of the world's largest spam-spewing botnets, but there is disagreement about what should happen next."

show profanity settings
expand all
  • Rotzooi, on 05/06/2008, -38/+8Looking at Digg, it is already being used by the pro-Obama movement.
    • cypriss9, on 05/06/2008, -18/+5I think you have it backwards. I think the qualities that resonate with diggers -- openness, transparency, and, essentially, being OWNED by the community instead of by The Man, are emboddied in Obama.

      So it's not that Obama people have hijacked Digg. It's that they're the same people anyway.
      • Drahkar, on 05/06/2008, -3/+9I think both of you need to get off your high horses and realize there are bigger issues at stake here in this specific instance than personal bickering and personal politics. Spam is estimated (Conservatively) to make up almost 60% of all traffic on the Internet. That is a massive effect on performance on a technological level, not even considering the time lost constantly working on ways of filtering it out and having to manually delete them.

        I happen to agree with the original researchers. This epidemic of botnets is growing to epic proportions and while there are those of us who can keep ourselves protected through knowledge and practice, it doesn't slow the growth of these botnets. They not have an effective means of completely crippling one of the largest ones. I'd say burn it and hope for the best.
        • bitcloud, on 05/07/2008, -0/+1well I think the desire to not be oppressed by the corporations (through spam) is the same desire as that which makes us want to not be oppressed by the corporations (through lobbyists)
    • BGog, on 05/06/2008, -7/+14I really think you overstate. There is no organized pro-Obama movement on Digg. Digg just happens to be a community who are fairly like-minded and a majority tend to like Obama because he sucks a little less than the other politician running for president. There isn't a conspiricy. Just a majority. There IS a difference.
      • Rotzooi, on 05/06/2008, -7/+4Every article from eyesonobama dot com appears here on Digg - starting with over 50 diggs, in the first minutes. That is organized spamming.
        • flashback99, on 05/06/2008, -4/+6Or, people here actually give a ***** about someone who could potentially be a great president?!
    • mijelh, on 05/06/2008, -2/+13C'mon, Is there going to be the day when I can read all of the comments of a digg tech story without having to see a bunch of ***** references to politics????
  • vpshockwave, on 05/06/2008, -14/+9Umm... dismantle it? Make it inoperable? Seems like a no-brainer to me...
    • SteelyDuran, on 05/06/2008, -4/+5It's not that simple, as Andrew Hay points out. You reduce collateral damage, but in the process, you trade one type of intrusion for another.
      • blergle, on 05/06/2008, -1/+9Do you think the people with the infected machines care either way?
      • Myztry, on 05/06/2008, -0/+4Someone should seek a court order. Right and wrong, from a legal perspective is deemed. Hopefully within that process, are all the considerations of balances, morale agenda, best interest, legal requirements, etc. Judges have the job of, well Judging...
        It's not something to merely meditate on...
    • nuural, on 05/06/2008, -8/+3think about it though, what if the computer is performing critical operations? When you dismantle it, you're performing a risky operation without having neither the certainty of success nor the confidence that you could recover things if anything goes awry. This could jeopardize whatever important task that box might be performing, and this makes it a lot less of a no-brainer IMHO, unless you're willing to accept whatever moral AND legal consequences might be involved.
      • GeorgeStone2, on 05/06/2008, -1/+9Hell, if I had malware on my PC and someone decided to remove it and ***** up my non critical task performing PC.. I would still be pissed as hell.
        • mithrasinvictus, on 05/06/2008, -0/+10I hope you would also have learned a valuable lesson.
        • LokitheComplex, on 05/06/2008, -0/+7But you have also been partly responsible for infecting other people's machines.
      • mithrasinvictus, on 05/06/2008, -0/+9Apparently those people running those critical operations have no idea they are part of a botnet. Being taken over again is more risky than shutting the infected machine's network connection down and showing the user a message.
      • coyote1284, on 05/06/2008, -0/+5They may accidently create SkyNet.
    • masterm1nd, on 05/06/2008, -1/+10You have to stab it in the heart and burn it.
    • coyote1284, on 05/06/2008, -2/+5Do the police have to ask everyone on the road before they chase a speeding, erratic driver?
      • tenchi71, on 05/06/2008, -0/+4No, police have that right under certain circumstances. TrippingPoint technologies does not.
  • fkr3, on 05/06/2008, -4/+13Interesting read. If they were able to identify and register some of the domains the trojan was looking for why don't they just enlist ICANN and get all of the domains locked?
    • AlbinoRaven, on 05/06/2008, -1/+3It probably because one the researchers are thinking something really really stupid. In a committee of IT pros there is always one asswipe that plays the devils advocate.

      "HOw can we use this to "help""?
  • SteelyDuran, on 05/06/2008, -1/+44We've gone from "we won't solve the problem" (ISPs harboring spammers) to "we can't solve the problem" (because it became too huge) to "we shouldn't solve the problem" (because the system might be performing some other important function). It took 30 years to make this painful journey, and there are no clear answers in sight.

    The thing is a huge, sticky mess.
    • GeorgeStone2, on 05/06/2008, -5/+22It only took me 14 years to make sticky messes.
      • JMSantos, on 05/06/2008, -5/+8Really? Only takes me about 30 seconds.
      • lamiaconfitor, on 05/06/2008, -7/+1I did at 13. Now, that's what I call a sticky situation.
    • DeathJux, on 05/06/2008, -1/+11That's the problem, it is a huge mess. It seems the only way the "good guys" can legitimately take these bot-nets out is to employ "black hat" or otherwise unethical techniques, which, obviously, they have serious qualms over doing, and rightfully so.

      I have an idea: let's do drugs and stop caring.
  • ee52ck, on 05/06/2008, -1/+34'BotNet clensing'... sounds like software genocide
    • GeorgeStone2, on 05/06/2008, -1/+8We're now about 20 posts away from goodwins law.
      • lamiaconfitor, on 05/06/2008, -0/+9anyone who brings up Goodwins' Law is a ***** Nazi.
        • ee52ck, on 05/06/2008, -0/+3I see what you did there! Not to be a grammar nazi but its Godwins law not Goodwin!
          • lamiaconfitor, on 05/07/2008, -0/+1sorry, I forgot. as it is otherwise irrelevant as anyone who decides that all their enemies are Nazis are idiots, and don't deserve a "law" to explain them.
        • MewtwoReturns, on 05/06/2008, -0/+4Deliberately bringing up Godwin's Law is classified as "Quark's Exception". You can't forcibly end a thread by bringing up Nazis; the person has to actually be making an analogy to Nazis without the intent of shutting down the thread, otherwise Godwin's Law doesn't work.
          • lamiaconfitor, on 05/07/2008, -0/+1and bringing up Quarks' Exception is called 'Davids' Foible.' bringing up arguments that have names because they have been established in previous diatribes proves that you do not have an original thought, and should shut up. /jk
    • sfacets, on 05/06/2008, -0/+7Hello, and welcome to the enrichment centre - proceed to Android hell?
    • jackalsclaw, on 05/06/2008, -0/+1the final solution to spam?
    • theYevvin, on 05/06/2008, -0/+1mein comp.
  • arjie, on 05/06/2008, -2/+9Cut its connections to the command-and-control server alone. And then ask it to stop spamming. There, my simplistic explanation based on little real world knowledge of how these things work.
    • mithrasinvictus, on 05/06/2008, -0/+11they would soon take control of it again. there's too much money involved. better shut down the network connection and leave a note about security.
    • jackalsclaw, on 05/06/2008, -0/+1can't the track the control server to the owners, and arrest them? or push then into a wood chiper, ether is cool
  • DeathJux, on 05/06/2008, -0/+23Wow, such brilliance on both sides of the equation. I can't even imagine how much work has gone into creating such insane self-sustaining bot-nets such as Kraken. It makes me sad when programmers use their knowledge for evil. To quote ol' Uncle Ben:

    "With great power comes great responsibility."
    • GeorgeStone2, on 05/06/2008, -2/+40"We make the best rice"
    • ubuwalker31, on 05/06/2008, -0/+15I think that the dilemma here is overblown. I think it is apparent that the researchers can't cleanse an infected zombie computer because it is a violation of various unauthorized computer access laws and ethics rules. However, the government has the power to destroy criminal infrastructure. So, the solution to the dilemma is to contact the FBI or other agency (perhaps INTERPOL), and have them get the required warrants and legal approval, and then attack the botnet. This situation is akin to a community organization finding a drug den - they don't have the power or the right to shut it down, but the police do.
    • rickcarson, on 05/06/2008, -3/+2Given the state of Windows, it is probably a lot harder to figure out how to patch it to fix it, than it is to break it.
    • cannabrain, on 05/07/2008, -0/+1Uhm not to be that guy, but Im pretty sure Stan Lee, the comic book artist, coined that term.
  • jury, on 05/06/2008, -2/+38from the article
    "It's a very tricky situation. What if that end-user system is performing a critical function? What if that target system is responsible for someone's life support? Who is to say what is more beneficial?"

    hmm someone let me know which hospitals use life support systems that surf the web and pick up malware so i can stay far far away from them.
    • JMSantos, on 05/06/2008, -0/+25The machine that goes "PING!" is especially susceptible to malware.
    • jellygraph, on 05/06/2008, -8/+2the problem has more to do with that they are running Windows
    • jkmerr, on 05/06/2008, -0/+12I'm afraid you would be shocked. I can't get specific because it has to do with my work, but I've seen lots of hospital networks where you have some life-safety app (e.g. telemetry data which tells the nurses out at the nurses' station when a patient dies or stops breathing) living on the same network that the unit clerk uses to surf www.freesmileiesifyouletmeinfectyourbox.com. Worse, there are such critical applications out there which are running under windows. (Intellivue Information Center, for example, made by Philips.)
      • JMSantos, on 05/06/2008, -2/+7You can run critical information / systems off windows as long as you don't have a moron running the setup, installation and maintenance on the machines & their security. With current squeezing of hospital budgets, though, that's not necessarily guaranteed (as well as the pervasiveness of idiots in the industry in general).
        • DeathJux, on 05/06/2008, -0/+5Well, I don't know if you've seen the small glimpse afforded by websites like thedailywtf.com, but the vast majority of contractors, consultants, and general computer techs are ***** retarded.

          Think about how many people are actually good at their jobs versus how many people are simply passable. It's a sorry state of affairs, but there's far too much demand for technology and far too few skilled technicians out there.
        • MikeSD34, on 05/06/2008, -0/+1You can, but it's not a good idea. Say there's some undisclosed zero day exploit that lets a worm into the network, your critical functions aren't protected and could go down. Perhaps a couple of computers get infected and start a packet storm which takes down a section of the network with life support systems on it. At the very least they should be isolated with some sort of firewall between the two networks. Critical and non-critical systems should always be separated, it's just good design.
          • JMSantos, on 05/06/2008, -0/+0How is this not under the category "not a moron running the show"? You can have zero-day exploits with any operating system and software in use.
          • MikeSD34, on 05/06/2008, -0/+1Yes you can have zero day exploits why any operating system/software (never said you couldn't), but this is why you prepare for them by protecting and isolating your essential systems from your nonessential systems.
    • mijelh, on 05/06/2008, -1/+2Probably not even one, but there is no way to know.
    • crownedgriffin, on 05/06/2008, -0/+4I know people who do and have worked at Symantec. Hospitols are overrun with machines filled with viruses and spyware, but are too old to update their virus software/definitions. They also have this horrible program called Norton on them as well.
  • Barackalypse, on 05/06/2008, -2/+19The real ethical dilemma isn't about shutting the botnet down or not, it is about whether or not to torture the botnet operators that we should be able to track down using the infiltrated network.
    • decet, on 05/06/2008, -3/+1Torture is unethical. Waterboarding, though...
    • rickcarson, on 05/06/2008, -0/+4Torture them, and then send them to the hospitals running computers and life support systems which are bot infested.
  • DeathJux, on 05/06/2008, -2/+48Also, thanks profvegas for submitting one of the most interesting Tech-related stories I've read in a few days. It's a much-appreciated break in the relentless flood of Politics 2008 nonsense.
    • Ninjapope, on 05/06/2008, -1/+4Don't forget cat pictures.
      • DeathJux, on 05/06/2008, -1/+1I'll take a cat picture over Political ***** any day of the week.

        I'm voting Ceiling Cat for President 2008, and I hope you do too. Ron Paul? Ha, he got all his knowledge by eavesdropping on the watchful feline. There's a gold mine of knowledge to be gained through the observance of masturbation, though that is but the tip of the iceburg for the great CC.
    • Matteos, on 05/06/2008, -1/+2And GTA.
    • ifknot, on 05/06/2008, -2/+1leave digg alone
      digg != slashdot
      When I want /. i use /. when i want digg i use digg
      i like digg
      i like /.
      stop moaning
      moaning asshats
  • jaydoj, on 05/06/2008, -4/+3hmmm, what to do....

    shoooooooot her!!!!! shoooooooot her!!!!
  • sharjeelsayed, on 05/06/2008, -12/+2Hand it over to Mr. Bush..He wouldn't face any dilemma...Ethics?? What's that?
    • ee52ck, on 05/06/2008, -0/+6True or not, Stop making everything about politics!
  • poidh, on 05/06/2008, -1/+11Becoming an affiliate for a penis pills distributor would be the most obvious plan of action.
  • aqzman, on 05/06/2008, -1/+11That was a great story, lots of interesting points brought up. Although the vast majority of systems infected are sure to be home computers, it's impossible to tell what other systems were infected.
  • Gonasadude, on 05/06/2008, -7/+8I think that if someone is lazy enough to let their box turn into part of a botnet, they probably aren't doing anything 'critical'. Chances are, it's a computer at grandma's house, or at some 10 year old's house.
    • GeorgeStone2, on 05/06/2008, -3/+4They still have no right to run any commands on someone elses PC.
      No matter how much good it would do. That's just how it works.
      • mithrasinvictus, on 05/06/2008, -0/+4the machine is already broken into and set up to retrieve instructions.
        all they would have to do is place the new instructions where they know the bots will be looking next. They never have to access the machines, the machines will access their server.
        • GeorgeStone2, on 05/06/2008, -2/+1You are still running a command on the target machines.
          Just by reverse connection.
          • mithrasinvictus, on 05/06/2008, -0/+1my point was that the machines are never "targeted".
          • GeorgeStone2, on 05/06/2008, -1/+2My point is that they are.
            What are you on.
          • mithrasinvictus, on 05/06/2008, -2/+2coffee, right now.
            I'll try again with an analogy:
            The microsoft update server does not access target machines to run commands on them. The server merely makes software available, the software already in place on the clients decides to download and run that code.
          • SteveMax, on 05/06/2008, -1/+2The users have a choice of using Microsoft's updates. They explicitly trust Microsoft to send them patches and etc. In this case, the users wouldn't have a say about what would happen.
            What if the patch they distribute to disable the botnet has a bug that makes Windows unable to boot again? They'd actively have broken a fully working computer into a brick without the owner's consent. Even if someone isn't doing something "critical", they could be doing something important to them, such as writing a final paper/thesis/work report; this could be lost by an unplanned restart. This is not only a moral question, they could be in legal trouble for it.
        • TFGeditor, on 05/06/2008, -0/+3You just hit on an answer that is both legal and ethical, you just need to take it to the next level.

          1. Researchers enlist Microsoft's aide and point the botnet to the MS update server.
          2. Infected machines access MS server and downloads/executes "cleansing" code (which the machine's owner has already tacitly approved)
          3. Problem solved.
          4. Profit!
    • NiceGuyVan, on 05/06/2008, -0/+2So what if they are running a command? They are turning off malware and preventing others from running actually harmful commands that could lead to their ISP blocking them
  • betacmag4u, on 05/06/2008, -1/+5I want to see a tactical team going into the botnet controllers house. Then they can do another raid on the spyware guys house.
    • arjie, on 05/06/2008, -0/+1The spyware guy? I can see it. "Every 2 seconds, a computer somewhere in the world sends out spam email. We must find it and stop it."
  • GeorgeStone2, on 05/06/2008, -4/+13Malware facinates me.
    The complexity of the task at hand is nothing like anything I could even imagine.
    You have to first get it installed on the system, then you have to keep it installed on the system, then you have to make sure you can't be traced back to it. Yet you have to be able to control it. A near impossible task on its own.

    Then to cap it all off you have to make sure no one but you can use it.

    All while being specifically targeted by companies that want to destroy your software.

    It's way more impressive than any other kind of software IMHO, and I actually have great respect for the Malware writers.
    • GramarNatzi, on 05/06/2008, -1/+18Botnet owners have access to immense computing power over a huge distributed network. And the best they can come up with is trying to sell viagra and knock-off Rolex's. I don't respect them, I ***** hate them.
      • mtekk, on 05/06/2008, -0/+6They really aren't owners, more like robbers. They steal CPU cycles from the hosts that they infect but do not own to do their own bidding.
    • rickcarson, on 05/06/2008, -5/+3Dude... its Windows. Don't respect them, pity them. See also: Candy from a baby.

      Now if they were doing this to Linux or BSD that would be impressive.
      • irgeorge, on 05/06/2008, -1/+1The essential operation of the botnet wouldn't change that much if they were infecting Linux or BSD... just the initial attack vector. Just because it's on Windows doesn't make the infrastructure any less complex to conceive...
  • jjb123, on 05/06/2008, -0/+16Kill it.
  • HexiumVII, on 05/06/2008, -3/+4Dilemma? What dilemma? An ethics dilemma is if we should put someone on death row for doing something wrong. This is a nuke it now.
  • sfacets, on 05/06/2008, -12/+2Simple - send every infected computer a message that they need to get rid of their Windows Operating system. Give them a week, and then do it for them. Install linux. Problem solved. If only it were technically doable and ethically possible.
    • rickcarson, on 05/06/2008, -0/+1There are versions of Linux small enough to deploy in a virus. Just saying...
  • decet, on 05/06/2008, -2/+2I agree with poidh - they are probably working on a shoestring and ought to draw some profit from the botnet while they're able to... no, just kidding.
    If I were in their place, I'd devise a command that terminally disables the trojan's internet connectivity, thoroughly test it for side effects, and then go through the media and announce the existence of the remedy, downloadable from www.blahblah.org. This would put the load of the decision on the rightful owner's shoulders.
    • Foamator, on 05/06/2008, -0/+1Except most people don't know when they're part of a botnet.
  • sfacets, on 05/06/2008, -2/+1Couldn't they turn the C&C into a bot?
    • Kronos6948, on 05/06/2008, -0/+3Didn't they already turn it into a music factory?
    • lamiaconfitor, on 05/06/2008, -0/+1no, but they can turn it into a music factory. (sorry, had to.)
    • KolorKode, on 05/06/2008, -0/+0This is a P2P botnet with no one fixed C&C
  • jvangurp, on 05/06/2008, -0/+7I'm sure the old skool sci-fi writers grappled with concepts like this probably before any pcs even exited.
    • lamiaconfitor, on 05/06/2008, -0/+5Robert A. Heinleins' masterpeice. "Botnet Legal Nightmare." is a great read.
  • DamnMan, on 05/06/2008, -1/+12I Sorta understand the logic of it being unethical but it still seems kind of bunk. Like arguing that because a doctor should "Do no harm" performing surgery is the same thing as a stabbing.

    Also the life support system argument seems weak. They aren't taking about shutting machines down. they are talking about using the Trojan's own capabilities to remove itself from the system. Their "attack" would be targeted at only known processes. Something MITE go wrong. But chances are a lot higher if you just leave the machine infected at the whim of the botnet owner.
  • blergle, on 05/06/2008, -4/+3Instruct all the infected machines to download and install a hardened version of Linux that does basic email and web browsing loaded up with bookmarks to legit porn sites that don't contain malware.

    What's the problem?
    • lamiaconfitor, on 05/06/2008, -1/+1Wow, I am stuck between my own personal Linux fanboyism and my hatred for Hijackers at the same time.
  • pencilneck, on 05/06/2008, -1/+5Are there really life support systems running unsecured versions of Windows? I say kill the bot.... if there are problems, them maybe those who do have problems will take action to keep this from happening again.
    • xerox, on 05/06/2008, -1/+1By suing you, because you broke their malware-infested computer while trying to fix it for them.
  • haniam, on 05/06/2008, -0/+2They haven't seized anything. They were able to hijack one of the backup domains and redirect some of the bots for a short time, but the rest of the botnet is alive and kicking, connecting to the bad guy's C&C and sending spam.
  • lamiaconfitor, on 05/06/2008, -1/+10I have to say that if anyone has their life support on Windows they were doomed at the latest update.
  • Ryvenn, on 05/06/2008, -1/+8Huh? What dilemma? They're not destroying the infected PCs, they're just telling them to stop sending spam messages...
    Assuming a life support system was actually connected to the net and infected by malware... sure... right... anyway, stopping sending spam would hardly cause it to explode in flames...
    "Oh noes! I cloosed notepad and my PC detonatorted!!!1!1"
    A highly likely scenario, I'm sure...
  • tomis, on 05/06/2008, -1/+6Inform the ISPs, have them severe the person's internet. Redirect all web requests to a page informing them they have been infected and they need to call their ISP to be reconnected, and provide a link to download a free malware removal program. ISPs should only restore access once their machine can pass a remote vulnerability test.
    • jamesglanville, on 05/10/2008, -0/+0Providing a link might not be entirely useful if they have no internet...
  • nicheplayer, on 05/06/2008, -1/+6I say we take off and nuke the entire site from orbit. It's the only way to be sure.
  • pinchduck, on 05/06/2008, -1/+1Profit!!!
  • Zippo, on 05/06/2008, -1/+8I say kill it with fire. Cleanse the Interwebs.
  • rmxz, on 05/06/2008, -2/+1For all those saying "kill it", isn't it a small slippery slope to letting the RIAA kill all bittorrent nodes if they can find a way to do it? In both cases some nodes are involved in something illegal.
    • Buzzbean, on 05/06/2008, -0/+4Bittorrent isn't illegal last time I checked.
      • bitbytebit, on 05/07/2008, -0/+1if your going to be that obtuse then neither is emailing
  • LeRenard, on 05/06/2008, -1/+13One objection people seem to have is the "what if its running on a life support machine" argument.. but, in turn, what if the bot cripples that same machine and they could have stopped it? (Besides, who would have their life support on a windows machine on the internet?)
    • nuural, on 05/06/2008, -1/+2the life support argument is clearly an exaggeration. A more realistic example could be a Windows server managed by a careless admin. If, while killing the zombie, you also create problems to the legit services running on the server, who's to blame for that? And, who's to decide what's the lesser of the two evils?
      • wattersm, on 05/06/2008, -0/+2The system admin that let it get infected in the first place, of course. Seriously, it's not THAT hard to secure a windows server, we have a couple hundred where I work and we don't have any issues.
  • pcrow, on 05/06/2008, -1/+2Send a command to wipe the hard drives of all the infected computers. That's the only way to be sure that any other infections on the same systems get cleaned up. It would also get users to pay attention to security and the risks involved. Of course, now that we know who has taken control, it's too late to take this course. Well, too late this time.
  • MadN, on 05/06/2008, -1/+2Simple:
    Set all the infected PCs to send email to the Division of Homeland Security announcing that the PC owner is a terrorist, the infected PCs can then be confiscated when all the botnet PC owners who run Windows go to Guantanamo.
    Problem solved!
    Personally, I would make the botnet expire Microsoft Windows with a bad Windows license, so the owner must re-install.
  • DracoFlameus, on 05/06/2008, -0/+2I understand, that this is diffcult, but we must not sacrifice the internet.
    The danger of collateral damage vs. a hostage-held Internet by botnets.
    What is the lesser evil?
  • DestroyFascism, on 05/06/2008, -1/+1interesting site http://tiny.cc/3b6Xm
    I wonder if windows is a corporate conspiracy to suck blood from people until the party is over...

  • GumdoMike, on 05/06/2008, -0/+2Holy criminal analogous scenarios, Batman!
  • kadath44, on 05/06/2008, -0/+1Interesting article. The number of doubts is in inverse proportion to the size of the problem... Let's wait a few years, and then welcome botnet eradication squads.
  • tokyoturnip, on 05/06/2008, -0/+6Screw the moral crap. If the end user is not responsible enough to see that they not get infected they should not be on the internet. "Oh maybe the computer is running a life support machine" my ass, no life support machine should be connected to the internet, if it is they deserve to die. I will agree they uninstalling can cause lots of unitended problems for the end user, but tough *****. Linux fanatics chime in now and say they should script a Ubuntu install using Wubi.
  • KolorKode, on 05/06/2008, -0/+0More info:
    http://dvlabs.tippingpoint.com/blog/2008/04/28/kra ...
    http://dvlabs.tippingpoint.com/blog/2008/04/28/own ...
  • irgeorge, on 05/06/2008, -1/+2I'm all for kill it with fire, but only after giving my system a quick check first...
  • Dustin00, on 05/06/2008, -0/+1"What if that end-user system is performing a critical function? What if that target system is responsible for someone's life support?"

    What if the C&C sends a new program that hoses the end-user's critical function? Scrubbing the zombie systems is far less likely to cause a problem then allowing the botnet controller to continue twiddling with the machines.

    There is risk, but far less than in the botnet's hands.
  • ifknot, on 05/06/2008, -0/+2is it so hard to throw up a dialogue box for the (l)user? mind you think of the power mwha mMWHA MWHA-HA-HA!!!
  • devaspark, on 05/06/2008, -1/+1folding@home???
  • maz2331, on 05/06/2008, -0/+2Perhaps involving the ISPs with the date/time and IP of th zombies is the way to go. The ISP can notify their customer to clean their machine or be disconnected from the net.

    Plus, monkeying around with someone else's machine, even for noble purposes, is illegal.
    • jimchou, on 05/06/2008, -1/+0But really, they're not monkeying around with someone's machine. They're providing a server which someone's machine connects to in order to download code to run. I don't see that there's a moral issue with downloading code which popups a warning dialog and removes the bot code.
  • madwaxer, on 05/06/2008, -0/+1Wow, i'd install Folding@home software to run when the PCs are idle and some better antivirus software.
    then sey up a webpage they could go to for help with securing their machines. lastly i'd change their desktop to a link they can go to read the steps to take.
  • majordanger, on 05/06/2008, -0/+1Anyone running critical life-support functions on a Bot Infected Windows O.S. is long since dead............
    Push the switch or get out of the way and let ME!
  • Fetching more discussions...
    Show 51 - 53 of 53 discussions
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.