Even the inventor of the world wide web isn't immune from online crime. Sir Tim Berners-Lee, who developed the idea for today's interwebs two decades ago, has told The Telegraph he was recently hoodwinked by a fraudulent website when he went online to buy a Christmas present. "The moment I called the 0800 number listed on the …
"I personally feel that if you have systems that allow you to isolate the infected systems and cut them off until they have been disinfected, it would be a way of preserving service for everyone else," he said. "It would reduce the amount of spam by a huge amount and making the internet a place where viruses don't thrive."
The uni I work at is testing a commercial backend that does just this in a new building. We are expecting to have the last bugs ironed out in another quarter for cross-campus deployment.
now there is an idea.
some of the nasties out there use specific communication messages to call home.
how hard would it be for a provider to close the downstream port when such a packt is detected. you would get a fixed page that your machine is infected with some nasty. the only pages accessible would be virus scan sites...
"But despite frequent calls for ISPs to rein in abuse on their networks, there's little evidence most providers bother to take such actions."
So were not counting P2P as abuse this time? I'm never sure where el Reg is on that one...
Yes, it would be nice...
If cops, ISP's and so on protected us from all the bad people, in the world. Now, back to reality: they never have and they never will. Whether on the 'net or off, each of us is responsible for our own safety.
My advice, to Berners-Lee or anyone else who'd prefer not to be "ripped off", is: do your "due diligence"; assuming everything is what it appears to be, on the 'net or off, isn't too bright and can be dangerous.
Oh yah, and if you don't like receiving "spam", use a web-based service, such as G-mail, with filters and forwarding, employ temporary re-directors, such as TrashMail, and, if you must post a permanent e-mail address, do so in such a way as it's not "machine readable".
"Sometimes we need new laws, but in other cases we need to realise that old laws can still be applied to the web."
Sadly the old laws are pretty toothless if your criminal and victim live in different countries. If IP addresses (and DNS) were a reliable indicator of the legal jurisdiction of the originator, then life would be very different. 99% of home users (and a whacking proportion of business users) could block email from all "foreign" addresses without affecting their social or business lives at all and if web browsers had some technical means to "put all foreign web sites in the untrusted zone" then that probably wouldn't hurt many users either.
Think of it as a really simply authentication scheme for network packets, that requires only the co-operation of a relatively small number of routers at international junctions, but gives all end-users the power to filter according to a really useful criterion -- "If this turns out to be a scam, can I trace and sue the bastard at the other end?".
Of course, this would require a considerable amount of network renumbering, so it is probably too late for IPv4. It probably isn't too late for IPv6, though. Not only have most countries not deployed much of this yet, IPv6 has a large enough address space to make it work and (as I understand it) rather easier to renumber en masse.
What TBL describes is Network Access Control...
... And there are products out there already. It's just a question of implementing hardware solutions that will allow you to do this via Radius or similar - To quarantine consumers who are affected into a walled garden that will allow them to fix their PCs, be checked for that, and then be let out into the wild again.
Any HTTP requests could be redirected to the ISP's own page that explains why they are walled in. It's just that NAC is generally a software solution, not a hardware one.
ISPs do protect us
from those nasty people who ruin it for the rest of us by using the service.
"Oh yah, and if you don't like receiving "spam", use a web-based service, such as G-mail, with filters and forwarding, employ temporary re-directors, such as TrashMail, and, if you must post a permanent e-mail address, do so in such a way as it's not "machine readable"."
The problem with using web-based services is that any remotely sane spam filter will rate your messages as "99%-definite spam" as soon as they see that address. *You* may be using that address so that you can dump it as soon as it starts to attract spam. *Others* are using that address so that they can dump it as soon as it gets blocked. G-mail is part of the problem.
It just goes to show you can't be too careful.
Is Ol"Tim losing it?
I don't like receiving spam, so, guess what, I have a good spam filter. And I don't give my e-mail address away (I have a dedicated spam-trap. Two actually).
I don't like to be scammed, so I don't buy from websites which offer CHe AP GENIUNE ROLex IMpress Ur fRIEnds FOr aFaRCTion oF tHe PRIce. But again, I don't buy Rolexes or, erm, "shades" from the guys in long black coats in the street, either.
And if I really really *HAVE* to buy something from an online retailer which has no physical outlet and which I do not know -that's just asking for trouble, but let's imagine-, I do a bit of research first. Checking the contact information, the physical address and the registration of the company is the _bare_ _minimum_. Guess what, it works a charm. Anyone not doing that deserves everything they get, should they be the "inventor of the Internet" or something.
TBL is quite a bit influencial in some circles, so he might want to be careful before spouting nonsense like that. Especially as it's in direct contradiction with some of his other, more sane interventions (Phorm, anyone? It's for your safety after all...).
Not to mention that in this case the bad guys were not even really trying, were they? They could have redirected the number to a foreign "call centre" to at least have a tiny bit of credibility. You can make whatever law you wish, it's never going to prevent this kind of things if people are completely stupid. As TBL was, in this case.
I like the word, I really do, I even use it myself sometimes. But it seems inappropriate when referring to Sir Tim's great legacy, because it confuses the world wide web (his) with the internet (not his), and they are entirely different things.
Just to make myself clear: I'm all for the blocking of malware "on the wire", but the issue at hand is pure commercial scam, exactly the same as when you buy an used car from a Romanian reseller only to find that the gearbox is full of woodchip, the brakes are useless, the driving belt has been replaced with a piece of seatbelt and the reseller is nowhere to be found. Or when you buy an appartment on "architect's plans" only to find out that there is no architect, no plans, and the company's assets have disappeared. It's in no way specific to the internet, it's already illegal, no new law is going to change that, no new way to apply old laws is gonna change that either. A tiny tiny tiny bit of common sense might very well help though.
Disclaimer: no Romanian used car dealer was harmed in the making of this post.
"Anyone not doing that deserves everything they get, should they be the "inventor of the Internet" or something."
The thing is, if you want to grow the internet, increase it's value / importance to society / commerce, more needs to be done for the "average user".
T-B-L has proven to be a strategic thinker and I have no doubts that his remarks, although based in the present, have a strategic character.
@Pierre re. PS
"Disclaimer: no Romanian used car dealer was harmed in the making of this post."
I've contracted a Serbian hitman to deal with my Romanian used car dealer. All done by webmail via an anonymising site, 50% up front using Paypal and the rest when he e-mails a picture to prove successful contract completion. Modern technology is amazing, what will they think of next?
ad blocker dns tech
I would think that existing free ad blocker dns technology (like Hostsman) could easily block most of these dodgy sites. It's just a matter of who maintains them, how fast they update them, and how secure the download of the dns hosts file is.
"how hard would it be for a provider to close the downstream port when such a packt is detected"
For one specific piece of malware? Not hard. For every piece of malware... very, very difficult. And as soon as a significant number of ISPs start doing that, the bad guys change tactics.
"99% of home users (and a whacking proportion of business users) could block email from all "foreign" addresses without affecting their social or business lives at all"
Sure, just unplug yourself from the internet, won't you! I deal with email for a small business that manufactures resin kits in Hong Kong, a few times, I've had to deal with problems caused by stupid overseas ISPs assuming none of their customers could *possibly* want to get email from Hong Kong. Worse, I'm sure other messages are just getting dropped silently, loosing business. Multiply that by thousands of small businesses, what's the cost to the world economy? Maybe the financial tsunami wasn't caused by stupid ISPs, but they're making it worse.
Blocking bad packets, improving international legal cooperation, cutting off known bad-actors etc. will all be part of the solution, but don't expect it to be easy or quick to fix, and shortcuts will just make it worse.
So what actually happened here?
He found a phone number on the web and rang it. What has that got to do with infected systems?
Re: close the downstream port when such a packt is detected
You know, there's a market there somewhere. What you need is a bunch of high speed, powerful 'deep packet inspection' boxes which scan traffic for evidence of malware, and trigger some suitable countermeasures.
Only those sort of devices are remarkably expensive, so I reckon you could probably (part) fund them by using spare traffic-analysis capacity to track browsing habits and serve adverts...
just goes to show that you can't be too careful.
Deep packet inspection
Come on people! Do you really want your ISP inspecting the payload of every packet you send out to see if it's malware? That's what Phorm were doing and Reg Readers stood up as one and screamed blue murder - rightly IMHO.
@ Ken Hagan
"The problem with using web-based services is that any remotely sane spam filter will rate your messages as 99%-definite spam"
Er, no. Quite the opposite in fact. Gmail uses SPF, so it's easy to determine if mail claiming to be from gmail is forged (I think Yahoo and Hotmail do as well). Yes, it's possible to set up a gmail account and spam from it, but why bother? While ISPs allow outbound connections to port 25 this is much easier done from a zombie, which is in fact where 99% of your spam comes from.
@ Anomalous Cowherd About spam
"While ISPs allow outbound connections to port 25 this is much easier done from a zombie"
Careful with that kind of thinking mate. My ISP doesn't allow outbound connection to port 25 unless it's to their ill-configured SMTP proxy, and it's a pain in the arse*. It's the cheapo way, but it's stupid and doesn't help much against spam because their system is so very easily fooled.
* quite OK with most of my computers, though their proxy is crap, but it really annoys me to change my laptop's config everytime I change location. Especially as they just silently drop the stuff, so should you forget to make the change you'll never notice that your e-mails were blocked. I know, I could vpn, but seriously?
Surely the real news here is that Al Gore DIDN'T INVENT THE INTERNET as he claimed! You mean he was lying / stretching the truth / talking out of his rectum? Shocka - that's unusual for a politician, especially a Democrat. Sounds like an inconvenient truth to me..... I wonder if all that global warming malarky he made so much money out of was just as much complete and utter male bovine tecticles?