A self-describer "law-abiding citizen" has posted attack plans against the Sality botnet on the Full Disclosure security mailing list, along with a tongue-in-cheek warning not to enact them since that would be illegal. "It has come to my attention that it is not only possible but easy to seize control of version three of the …
over a fifth of the infected PCs that form the botnet are in Romania, with Brazil and India the next most common
Hmm - that's most of the nations with pirated Office 2007 isn't it?
I do believe it is.
I always knew the Ribbon was a massive conspiracy.
breaking the law.. how so?
Forgive my ignorance, but can someone explain why it would be illegal ("breaking the law") to use these tools to kill the botnet?
I can understand the authors irony if indeed there's some weird law protecting a botnet?
Re: breaking the law.. how so?
Its still technically breaking into a computer system, it is of no consequence whether the computer system is perceived to be for illegal purposes. The best you would hope for is that if that if you were caught and charged that a judge would go lightly on you, the other issue with taking it down yourself is you could compromise any investigation in progress (not very likely considering law enforcements past history with bot nets).
Oh the Irony
At the bottom of the article is an offer as follows
"WIN - A free one year, 25 user licence of Microsoft Office 365!"
Would that be the version with or without the Sality Botnet included ?
if you shoot me, tough, but I could never shoot you
I think it's time to legalize taking down infected zombie machines with "sanitizing" attacks. If that makes owner of the zombie machine suffer, I don't give a shit. They should have taken precautions to avoid infection in the first place or just don't use the technology they can't understand.
Re: if you shoot me, tough, but I could never shoot you
You mean forcibly install software on somebody elses computer, that has already been compromised by somebody else?
Ah, two wrongs. Yes that would make a right.
On the other hand. I kind of agree with you. If granny's machine is spewing out spam, then it needs to be stopped. Presumably in the real world you can force farmers to slaughter animals if they become infected with certain viruses by law. Would it not be possible to construct such a law to force owners to clean up computers infected by certain viruses, or force cleanup software on them remotely. Presumably you would need some sort of compensation fund in case of data loss or something.
You can't imagine the damage doing so would incur. I often get friends and family asking me to clean their machines up and at least half of the time, "fixing" it requires a full reinstall to remove the various rootkits that have been installed. This means I have to pull the drive and transfer all their precious photos, music, etc. off their drive onto a temporary storage, wipe the drive then restore the data. I think the perceived damage of you wiping out all of Granny's photos would be pretty unforgivable. I think the solution here is software vendors need to have a better grasp of software exploits and update 0-day (you hear me M$?)
- Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
- 14 antivirus apps found to have security problems
- Feature Scotland's BIG question: Will independence cost me my broadband?
- FTC to mobile carriers: If you could stop text scammers being jerks that'd be just great
- Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro