digg

Facebook Connect Join Digg About

Researchers seize huge Spam Botnet - Face Ethics Dilemma

eweek.com — "Kraken Botnet Infiltration Triggers Ethics Debate ...Researchers seize control of one of the world's largest spam-spewing botnets, but there is disagreement about what should happen next."

Who dugg this? Made popular May 6, 2008

Add a friend

submitted by

profvegas May 5, 2008

550 diggs
digg

144 Comments

DeathJux, on 05/06/2008, -2/+48Also, thanks profvegas for submitting one of the most interesting Tech-related stories I've read in a few days. It's a much-appreciated break in the relentless flood of Politics 2008 nonsense.
SteelyDuran, on 05/06/2008, -1/+44We've gone from "we won't solve the problem" (ISPs harboring spammers) to "we can't solve the problem" (because it became too huge) to "we shouldn't solve the problem" (because the system might be performing some other important function). It took 30 years to make this painful journey, and there are no clear answers in sight.

The thing is a huge, sticky mess.
GeorgeStone2, on 05/06/2008, -2/+40"We make the best rice"
jury, on 05/06/2008, -2/+38from the article
"It's a very tricky situation. What if that end-user system is performing a critical function? What if that target system is responsible for someone's life support? Who is to say what is more beneficial?"

hmm someone let me know which hospitals use life support systems that surf the web and pick up malware so i can stay far far away from them.
ee52ck, on 05/06/2008, -1/+34'BotNet clensing'... sounds like software genocide
JMSantos, on 05/06/2008, -0/+25The machine that goes "PING!" is especially susceptible to malware.
DeathJux, on 05/06/2008, -0/+23Wow, such brilliance on both sides of the equation. I can't even imagine how much work has gone into creating such insane self-sustaining bot-nets such as Kraken. It makes me sad when programmers use their knowledge for evil. To quote ol' Uncle Ben:

"With great power comes great responsibility."
GeorgeStone2, on 05/06/2008, -5/+22It only took me 14 years to make sticky messes.
Barackalypse, on 05/06/2008, -2/+19The real ethical dilemma isn't about shutting the botnet down or not, it is about whether or not to torture the botnet operators that we should be able to track down using the infiltrated network.
GramarNatzi, on 05/06/2008, -1/+18Botnet owners have access to immense computing power over a huge distributed network. And the best they can come up with is trying to sell viagra and knock-off Rolex's. I don't respect them, I ***** hate them.
jjb123, on 05/06/2008, -0/+16Kill it.
ubuwalker31, on 05/06/2008, -0/+15I think that the dilemma here is overblown. I think it is apparent that the researchers can't cleanse an infected zombie computer because it is a violation of various unauthorized computer access laws and ethics rules. However, the government has the power to destroy criminal infrastructure. So, the solution to the dilemma is to contact the FBI or other agency (perhaps INTERPOL), and have them get the required warrants and legal approval, and then attack the botnet. This situation is akin to a community organization finding a drug den - they don't have the power or the right to shut it down, but the police do.
jkmerr, on 05/06/2008, -0/+12I'm afraid you would be shocked. I can't get specific because it has to do with my work, but I've seen lots of hospital networks where you have some life-safety app (e.g. telemetry data which tells the nurses out at the nurses' station when a patient dies or stops breathing) living on the same network that the unit clerk uses to surf www.freesmileiesifyouletmeinfectyourbox.com. Worse, there are such critical applications out there which are running under windows. (Intellivue Information Center, for example, made by Philips.)
LeRenard, on 05/06/2008, -1/+13One objection people seem to have is the "what if its running on a life support machine" argument.. but, in turn, what if the bot cripples that same machine and they could have stopped it? (Besides, who would have their life support on a windows machine on the internet?)
mithrasinvictus, on 05/06/2008, -0/+11they would soon take control of it again. there's too much money involved. better shut down the network connection and leave a note about security.
mijelh, on 05/06/2008, -2/+13C'mon, Is there going to be the day when I can read all of the comments of a digg tech story without having to see a bunch of ***** references to politics????
DamnMan, on 05/06/2008, -1/+12I Sorta understand the logic of it being unethical but it still seems kind of bunk. Like arguing that because a doctor should "Do no harm" performing surgery is the same thing as a stabbing.

Also the life support system argument seems weak. They aren't taking about shutting machines down. they are talking about using the Trojan's own capabilities to remove itself from the system. Their "attack" would be targeted at only known processes. Something MITE go wrong. But chances are a lot higher if you just leave the machine infected at the whim of the botnet owner.
aqzman, on 05/06/2008, -1/+11That was a great story, lots of interesting points brought up. Although the vast majority of systems infected are sure to be home computers, it's impossible to tell what other systems were infected.
poidh, on 05/06/2008, -1/+11Becoming an affiliate for a penis pills distributor would be the most obvious plan of action.
DeathJux, on 05/06/2008, -1/+11That's the problem, it is a huge mess. It seems the only way the "good guys" can legitimately take these bot-nets out is to employ "black hat" or otherwise unethical techniques, which, obviously, they have serious qualms over doing, and rightfully so.

I have an idea: let's do drugs and stop caring.
mithrasinvictus, on 05/06/2008, -0/+10I hope you would also have learned a valuable lesson.
lamiaconfitor, on 05/06/2008, -1/+10I have to say that if anyone has their life support on Windows they were doomed at the latest update.
fkr3, on 05/06/2008, -4/+13Interesting read. If they were able to identify and register some of the domains the trojan was looking for why don't they just enlist ICANN and get all of the domains locked?
lamiaconfitor, on 05/06/2008, -0/+9anyone who brings up Goodwins' Law is a ***** Nazi.
GeorgeStone2, on 05/06/2008, -4/+13Malware facinates me.
The complexity of the task at hand is nothing like anything I could even imagine.
You have to first get it installed on the system, then you have to keep it installed on the system, then you have to make sure you can't be traced back to it. Yet you have to be able to control it. A near impossible task on its own.

Then to cap it all off you have to make sure no one but you can use it.

All while being specifically targeted by companies that want to destroy your software.

It's way more impressive than any other kind of software IMHO, and I actually have great respect for the Malware writers.
masterm1nd, on 05/06/2008, -1/+10You have to stab it in the heart and burn it.
mithrasinvictus, on 05/06/2008, -0/+9Apparently those people running those critical operations have no idea they are part of a botnet. Being taken over again is more risky than shutting the infected machine's network connection down and showing the user a message.
blergle, on 05/06/2008, -1/+9Do you think the people with the infected machines care either way?
GeorgeStone2, on 05/06/2008, -1/+9Hell, if I had malware on my PC and someone decided to remove it and ***** up my non critical task performing PC.. I would still be pissed as hell.
LokitheComplex, on 05/06/2008, -0/+7But you have also been partly responsible for infecting other people's machines.
jvangurp, on 05/06/2008, -0/+7I'm sure the old skool sci-fi writers grappled with concepts like this probably before any pcs even exited.
arjie, on 05/06/2008, -2/+9Cut its connections to the command-and-control server alone. And then ask it to stop spamming. There, my simplistic explanation based on little real world knowledge of how these things work.
Zippo, on 05/06/2008, -1/+8I say kill it with fire. Cleanse the Interwebs.
Ryvenn, on 05/06/2008, -1/+8Huh? What dilemma? They're not destroying the infected PCs, they're just telling them to stop sending spam messages...
Assuming a life support system was actually connected to the net and infected by malware... sure... right... anyway, stopping sending spam would hardly cause it to explode in flames...
"Oh noes! I cloosed notepad and my PC detonatorted!!!1!1"
A highly likely scenario, I'm sure...
GeorgeStone2, on 05/06/2008, -1/+8We're now about 20 posts away from goodwins law.
BGog, on 05/06/2008, -7/+14I really think you overstate. There is no organized pro-Obama movement on Digg. Digg just happens to be a community who are fairly like-minded and a majority tend to like Obama because he sucks a little less than the other politician running for president. There isn't a conspiricy. Just a majority. There IS a difference.
sfacets, on 05/06/2008, -0/+7Hello, and welcome to the enrichment centre - proceed to Android hell?
Drahkar, on 05/06/2008, -3/+9I think both of you need to get off your high horses and realize there are bigger issues at stake here in this specific instance than personal bickering and personal politics. Spam is estimated (Conservatively) to make up almost 60% of all traffic on the Internet. That is a massive effect on performance on a technological level, not even considering the time lost constantly working on ways of filtering it out and having to manually delete them.

I happen to agree with the original researchers. This epidemic of botnets is growing to epic proportions and while there are those of us who can keep ourselves protected through knowledge and practice, it doesn't slow the growth of these botnets. They not have an effective means of completely crippling one of the largest ones. I'd say burn it and hope for the best.
tokyoturnip, on 05/06/2008, -0/+6Screw the moral crap. If the end user is not responsible enough to see that they not get infected they should not be on the internet. "Oh maybe the computer is running a life support machine" my ass, no life support machine should be connected to the internet, if it is they deserve to die. I will agree they uninstalling can cause lots of unitended problems for the end user, but tough *****. Linux fanatics chime in now and say they should script a Ubuntu install using Wubi.
ee52ck, on 05/06/2008, -0/+6True or not, Stop making everything about politics!
mtekk, on 05/06/2008, -0/+6They really aren't owners, more like robbers. They steal CPU cycles from the hosts that they infect but do not own to do their own bidding.
tomis, on 05/06/2008, -1/+6Inform the ISPs, have them severe the person's internet. Redirect all web requests to a page informing them they have been infected and they need to call their ISP to be reconnected, and provide a link to download a free malware removal program. ISPs should only restore access once their machine can pass a remote vulnerability test.
nicheplayer, on 05/06/2008, -1/+6I say we take off and nuke the entire site from orbit. It's the only way to be sure.
JMSantos, on 05/06/2008, -2/+7You can run critical information / systems off windows as long as you don't have a moron running the setup, installation and maintenance on the machines & their security. With current squeezing of hospital budgets, though, that's not necessarily guaranteed (as well as the pervasiveness of idiots in the industry in general).
lamiaconfitor, on 05/06/2008, -0/+5Robert A. Heinleins' masterpeice. "Botnet Legal Nightmare." is a great read.
coyote1284, on 05/06/2008, -0/+5They may accidently create SkyNet.
sdsoloist, on 05/06/2008, -0/+5With fire.
DeathJux, on 05/06/2008, -0/+5Well, I don't know if you've seen the small glimpse afforded by websites like thedailywtf.com, but the vast majority of contractors, consultants, and general computer techs are ***** retarded.

Think about how many people are actually good at their jobs versus how many people are simply passable. It's a sorry state of affairs, but there's far too much demand for technology and far too few skilled technicians out there.
pencilneck, on 05/06/2008, -1/+5Are there really life support systems running unsecured versions of Windows? I say kill the bot.... if there are problems, them maybe those who do have problems will take action to keep this from happening again.
Myztry, on 05/06/2008, -0/+4Someone should seek a court order. Right and wrong, from a legal perspective is deemed. Hopefully within that process, are all the considerations of balances, morale agenda, best interest, legal requirements, etc. Judges have the job of, well Judging...
It's not something to merely meditate on...
Show 51 - 100 of 144 discussions
Add a Comment

Login or register to comment!
Or, sign-in super fast with your Facebook account ...

Site Links: Home; Take a Tour; Search Digg; Digg Mobile; RSS Feeds; Popular Archive

Help: Frequent Questions; How Digg Works; Report a Website Bug

All About Digg: About Us; Contact Us; Community Guidelines; The Digg Blog; Digg Townhalls & Meetups; Jobs at Digg; Advertise on Digg; Diggnation Podcast

Digg Store: Get hats, shirts, hoodies, stickers, and more at the Digg Store.

Digg Tools & API: All Digg Tools; DiggBar Tools; Firefox Toolbar; Twitter Feeds; Add Digg to Google; Netvibes Widget; Integrate Digg Buttons; Digg Badges; Make a Digg Widget; API for Developers

Digg Dialogg!: Digg Dialogg lets you choose the questions.

Digg Labs: Get a real-time view beneath the surface of Digg.; Digg Labs Home; Arc, Swarm, Stack, Bigspy, Pics

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.