Botnet takedowns 'don't hurt crooks enough' The takedowns of the Mariposa and Waladec botnets last week were victories for the good guys, but security experts warn that although cybercrooks suffered a bloody nose they collectively retain the upper hand in their ongoing conflict with law enforcement and its security industry allies. "We have had significant victories …
"countries where it isn't illegal to engage in online criminal activities"
If it isn't illegal, then how is it a crimanal activity? I suppose i know what he ment, but still, isnt there a common "stop trying to force your laws on us, US" meme? Isn't whats good for the goose, good for the gander?
It take more than an anti virus package to keep a computer clean. How can the little guy who has little resources and inadequate knowledge fight viruses when it is obvious that large corporations, with unlimited resources and a high level of technical skill, cannot fight these viruses and bot-nets.
donno.
"it is obvious that large corporations, with unlimited resources and a high level of technical skill, cannot fight these viruses and bot-nets."
What's more, one of these companies makes an operating system so bad that a 3-year old is almost capable of writing a botnet for it...
So the rewards for building a huge botnet are potentially in the millions and the risk is "having to go to all that effort again if it's taken down".
Losing the battle? Not even bloody fighting it might be more accurate. IIRC the only reason they caught the bloke behind Mariposa was 'cos he was too greedy to just walk away when it went obviously pear-shaped on him.
In parts you are right, yes, greed caught the "butterfly" botnet admin, but you are so wron, or lack so little knowledge of Bots or how their networks operate it's beyond belief or comment.
It isn't for the networks to wipe your arse, try buying some toilet paper for yourself, or at least research some of the Bots, at least the technological side of them, learn the files they use/manipulate, learn the command prompt and it's instructions and get yourself cleansed. It ain't hard and only needs maybe 30 mins of active participation to cleanse yourself.
People like you, are their own worst enemies. I feel sure you have at least a nuance of computer savvy, or are you just punch (card) drunk.
I have turned a good 30 million + boxes into "bots" over the past 12 years (netbios kid) and it's easy as pie ;-) Eventually I did of course get caught and I am still awaiting some court cases over the matter.
If you infect 1 million PC's and lose contact, which does happen, you go and infect another 1 million PC's and through organising the hosts you soon notice that many are THE SAME idiots getting infected over and over.
By disabling ANY botnet all you are doing is temp stopping access whilst the botnet owner spends a week reinfecting the same bunch as they infected before.
The ONLY way to stop people like me, is to prosecute. This brings the realities of what you are doing home, fast. There is always a route, botnet admins are lazy and do not always proxy into everything and even when they do they often use the same proxies over and over, meaning if you monitor the proxy then you can find the source.
My advice is to never do takedowns but to monitor the nets until a way is found of identifying the owner. If more owners are prosecuted the realities soon drive home that a jail sentence is VERY possible and we would soon see a sharp drop in infections which will see a corresponding drop in SPAM. Bad news for AV and Anti-spam companies but good news for the average internet user.
The majority of the people who get infected refuse to understand/read anything about their pc/operating system, they just click on buttons till something happens, they disable/uninstall anti-virus programs if they cannot get access to their infected documents or external devices.
Those will never, AND I REPEAT NEVER, accept anything that changes they way they (mis)use their pc out, of free will.
Maybe the only solution is to confiscate the infected pc's (will be difficult in companies) till the user(s) went to school/training after paying a fine for the cost of their unwillingness to be a "good" computeruser.
Till than , bringing down botnets is just bringing water to the sea.
And the source of all of this is the stupid idea of some software companies to create software that does everything automatically by default, because that is a better computer experience.
And YES it will be difficult to sent "Granny" to school, but than the only solution is to hold the makers of the software she is running , responsible (as well) for all the nasty effects that their programs create. (and than the price of vista 2013 will be around U$8000 or more to cover all the costs :) )
All and All it will be a very difficult path to follow and with the trend of today it will take a very long time before there is a real solution.
"And YES it will be difficult to sent "Granny" to school, but than the only solution is to hold the makers of the software she is running , responsible (as well) for all the nasty effects that their programs create. (and than the price of vista 2013 will be around U$8000 or more to cover all the costs :) )"
It's obvious which computer company you're talking about. What mystifies me is this: why are people still buying thier crap? OK, switching to the pengiun is free, switching to OSX is a pleasant experience - but staying with Windows just because you're boss ordered it for the office...?!?
It's like wearing a suit and tie in bed just because you're "used to it" because you one at work every day!
Countries that fail to enforce anti hacking laws get disconnected from the internet. Someone should have disconnected China about 5 years ago. They are already disconnected from my piece of the net, along with .ru, .pl and a few others. Of course when I do it, its a soft disconnect. They need a hard disconnect, as in snipping undersea cables and breaking satellite links.
As to comments on the same PCs getting infected over and over how about fining them $10 for every spam mail they send. I'll give them a pass the first time, when they use the ignorance defense, but after that its just negligence.
The bot net scourge (spam and ddos attacks) won't stop until the zombie clients are dealt with.
The simplest way to do this is with no law enforcement at all - just corporations working with each other - the ISPs.
If ISPs in 1st world countries got together and decided to enforce a code of practise to shut down zombies spewing rubbish - and to block incoming traffic from ISPs that are not doing their bit - then it would be impossible to raise an effective botnet.
Of course ISPs don't care that much - ignoring the problem costs them less than dealing with it (in equipment, time and lost customers).
So maybe there is one law we need - the law to make ISPs responsible for criminal activity originating from their networks.
Exactly - the crims (by definition) look for most reward for least effort. There is such a glut of Win installations out there, and a glut of naive/uneducated/carefree users sat in front of them that writing malware for it is easy money.
If we had a glut of penguin installations with a glut of naive/uneducated/carefree users sat in front of them you'd have the same problem, only with better net APIs.
Win can easily be made much more resilient to attacks. Users can be taught to pick a random browser that ain't IE and use that. Routers (and ISPs) can block known low-value/high risk net addrs/subnets. None of this is default though and therein lies the issue.
To be fair it's ppl like el Reg readers that should take it upon themselves to teach ma/pa, the kiddies etc :
1. If you need to install software right-click, Run as...
2. Don't use IE
3. Don't download tat from the web
4. Ignore emails asking for any info at all.
Teach 3 ppl, get them to pass it on...
To fix this for good we need to stop computers joining botnets. That means stopping them getting infected by malicious code. That means either scrapping mobile code (not really likely) or providing a functional security environment for it to operate in (not that likely either). But we don't even seem to be trying - instead we rely on mobile code more and more, even where it is completely unnecessary, and continue to apply plasters after the fact to gaping wounds in the protocols and code we use. We need people who can think and people who pay attention creating our Internet environment. What we have is dumb people instead. It's a myth that software is so complicated it's impossible to get it right. It's only impossible if you're not competent, and the results of our incompetence are all too apparent.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
