Suggestions For Cleaning Up Botnets: Internet Licenses, Credit Scores, Money And Gov't Cleanup Clinics
from the take-your-pick dept
By now it's pretty clear that the "bad guys" have been fairly successful in carving out quite a portion of the internet for their own uses through viruses, trojans and botnets. But what to do about it? Well, at a "Counter e-Crime Operations Summit" there was no shortage of ideas -- though plenty of skepticism over whether or not any of them would work. The old idea of internet "driver's licenses" was suggested, though that's been discussed for years without any evidence that it would actually help matters. Some of the other ideas included offering ISPs monetary rewards for cleaning up botnets hosted by subscribers' computers and government-backed cleanup clinics. The clinics would supposedly help users get rid of botnets on their machines, with the inspectors instructed to ignore things like unauthorized software and music, so as not to scare people off from bringing in the machines. Of course, that ignores the fact that there's really no incentive for people to bring their computers to such clinic in the first place. One of the more creative suggestions would be to assign every computer a "credit score" based on the security of the system in place, and then any data sent from that computer would be transmitted with the score attached. That way, other systems could decide whether or not they accept packets from a low-scoring system. That's interesting, but actually implementing such a system would be quite difficult, and it would probably be only a matter of days before scammers figured out how to spoof high scores, rendering the whole system useless. It sure would be nice to clean up the internet a bit, but are there any suggestions out there that actually have a chance of working?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Answer.
Yeah, teach people how to use a computer.
[ link to this | view in chronology ]
Re: Answer.
[ link to this | view in chronology ]
Operating Systems
[ link to this | view in chronology ]
Answer2
I use freeware that works and when I see that they DO work, I donate. I'm not pushing anyone's stuff, but if you get freeware from reputable sources, there are NO problems.
[ link to this | view in chronology ]
RE:Operating Systems
[ link to this | view in chronology ]
Re: RE:Operating Systems
[ link to this | view in chronology ]
Re: Re: RE:Operating Systems
Everything would be exactly the same. The only reason viruses are targeted towards windows system is because its something like 80% of all PCs, so why would they engineer a virus that only works on 10% of all PCs in the world.
[ link to this | view in chronology ]
Re: Re: Re: RE:Operating Systems
[ link to this | view in chronology ]
Re: Re: Re: RE:Operating Systems
[ link to this | view in chronology ]
Re: Re: Re: Re: RE:Operating Systems
[ link to this | view in chronology ]
Re: Re: RE:Operating Systems
So my point is that if you want security on your PC then buy a generator, a faraday cage, cancel your internet subscription. that is the only TRUE security you can get.
[ link to this | view in chronology ]
Re: RE:Operating Systems
[ link to this | view in chronology ]
Re: Re: RE:Operating Systems
Sure, Windows OS's have more vulnerabilities then other OS's, but think of it this way, how many people are looking for them in lets say, XP, as opposed to Ubuntu? whats the point of having an exploit for a system that no one uses?
[ link to this | view in chronology ]
Re: Re: Re: RE:Operating Systems
[ link to this | view in chronology ]
Mac malady.
[ link to this | view in chronology ]
Internet Drivers License
It doesn't take long on the Driver's License metaphor to run into problems.
Will registration be easier or harder than getting a Driver's License?
Do you take it away if someone is "Computing Under the Influence" or "Typing While Intoxicated?"
[ link to this | view in chronology ]
It's like gun control
"The United States is a nation of laws: badly written and randomly enforced."
- Frank Zappa
[ link to this | view in chronology ]
Re: It's like gun control
[ link to this | view in chronology ]
Re: It's like gun control
And I personally think it's a great idea, it would prevent the dumbing down of the internet, and we would no longer be allowing just anyone to do as they please here. Lowering standards helps no one!
This would also reduce the costs of ISPs since they wouldn't have to hire such a large tech support company to teach all the dumb users how to use their computers, clean viruses, configure their wireless router, etc. All that adds up to a LOT.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
As Mike said above, why write these exploits for a OS that only 10% or less of the billions of machines on the internet run?
[ link to this | view in chronology ]
Re: Get a Mac
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I need to consume more.
The fact is, making a virus for something not main-stream isn't profitable by any definition of the word. It's cold, hard logic-- not opinion. If I wanted to infect as many people as possible, I'd write a virus for the OS that the majority of people have. How does that *not* make sense?
Who knows, maybe I *am* retarded. :P
I'd like to point out that I never said there was anything wrong with any OS. It's just personal preference-- like I care what OS anyone but I am using. Seriously, why do you care what OS I run? I really want to know.
[ link to this | view in chronology ]
Re: I need to consume more.
[ link to this | view in chronology ]
Re: Re: I need to consume more.
You have to look at mainframe OSes to get truly secure environments -- and that is because installs are done by the central admin team of system programmers.
If the Internet users were an eclectic mix, with no OS having more than 10% to 15% market share, then the virus writers would have a huge challenge. Unfortunately, the money is enough that the organized groups will still attack and take over individual PCs.
We have to figure out how to choke off the money flow to get these criminals to go away.
[ link to this | view in chronology ]
Re: Re: I need to consume more.
If you think Mac OS is safe, try a google search on "safari browser vulnerabilities", I get "Results 1 - 10 of about 911,000" on the returned page (yes, IE is worse, not my point).
[ link to this | view in chronology ]
Linux more secure than windows?
So, you still think linux. errr. unix is more secure than windows? OS X is built of unix too, eh?
[ link to this | view in chronology ]
Never use extremes. They're always bad.
Do you think someone writes a virus for money, or for malicious intent? Not to mention that the bounty you speak of was quickly retracted, as most bad ideas should be. :P
OSX may be 'safer' but where there's a will, there's a way. Just enjoy the good thing you'd got while it lasts.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
No, A Virus is not your big problem, it is
It is the trojan that really infects systems.
Virus or vulnerabilities on Windows pale in comparison to a group of clickhappy users willing an able to launch any application that washs up in their email box.
There is only so much you can to to guard rail a user.
It doesn't stop them from driving off the road.
Never underestimate the stoopidity of the masses.
There will always be trojan/spammers
As long as there are clickhappy users.
Applicable Murphy Law:
Make it idiot proof and nature will design a better idiot.
[ link to this | view in chronology ]
Re: No, A Virus is not your big problem, it is
[ link to this | view in chronology ]
Every time you use it, you are exposing not only that you are ignorant (I'm using this term in the literal sense, not the derogatory sense) about the subject, but that you are lazy (now That statement is derogatory :) with regards to researching subjects in which you espouse certainty. Please, do at least a minimal amount of research before posting on subjects in which you would not consider yourself an industry expert (and would thus be the one documenting the research itself).
There are thousands upon thousands of virus propagating in the wild for Microsoft Windows. There are approximately 8 known virus for Linux and none of them have successfully propagated in the wild. The statistics do not add up for your hypothesis. Your hypothesis has been debunked with evidence and math repeatedly over the years. Please stop spreading a myth.
One of the reasons there are so few virus for the Linux operating system is the design of the OS and the fairly strict adherence to using a normal User account instead of the Root/Admin account for daily interactions.
[ link to this | view in chronology ]
Billions and Billions (Ok, I'm making this up.)
That's simply untrue. I collect them like some people
collect stamps. There aren't even thousands and thousands
let alone one tenth of that many in the wild and I'm
allowing for derivatives.
I have many more than eight Linux viruses not including
their derivatives.
"Please, do at least a minimal amount of research before
posting on subjects in which you would not consider
yourself an industry expert (and would thus be the one
documenting the research itself)."
Yes, good advice.
The non-technical user wants everything to work without
intervention. That puts additional burdens on people
trying to make it secure as well.
Frankly, freeBSD or openBSD is my choice but my grandmother
would get XPpro if I was setting up a machine for her.
Windows is not bad, it's different and it's aimed at
a different user group. Please try to curtail your
contempt of the masses and stop being an OS snob.
Especially when you're woefully uninformed.
[ link to this | view in chronology ]
The Great White South Number 7
Now, maybe I am ignorant, but doesn't that prove the market share theory?
At the very least, that smart guy who wrote the first comment knows what's up. I don't have any viruses on my system, and I'm ignorant! Just imagine how much less than none I'd have if I knew what I was doing! :)
[ link to this | view in chronology ]
If you want to stop identity theft, make the bank or credit card company that gives an account to the thief pay huge fines and responsible for cleaning up the credit damage done to the victim.
[ link to this | view in chronology ]
Re: Antarctica7
sorry to burst your bubble, but the majority of viruses for windows is due mostly to its rather large market share. so please, don't be offended that nobody uses your os of choice. it's still a fine os i'm sure. but, please, don't try to bring in your illogical ramblings here.
[ link to this | view in chronology ]
Re: Re: Antarctica7
Well, in a way you're kind of right. Propagation does depend upon having "available" hosts. "Available" as in being "easily infected", not just being present. Most of the other computers that windows computers connect to on the Internet are not other windows computers. Rather, they are various flavors of Unix-type systems. Yet these Unix-type systems seem to remain largely uninfected. Imagine that.
I'm beginning to wonder if you know the difference between a virus and other types of malware. If one looks at the many computer viruses that have been created it is easy to see that very few of them were created for profit. If one even bothers to look before speaking, that is.
Don't worry, the only bubble bursting you've done has been in your own imagination.
That market being "easily infected" computers on the Internet which, admittedly, windows pretty much owns.
That almost sounds like you were writing a note to yourself. But in any case, if you really want people to believe that you have at least a modicum of intelligence you should at least learn how to capitalize. It isn't that difficult, really.
[ link to this | view in chronology ]
Oh yes, OS.
It still seems, despite all contrary arguments, that simple market share is at the root of it. Sure, most people on Linux are techno-savvy, it is required for the OS, for the most part-- hence why my grandmother doesn't run a Linux machine. OSX is making a valiant charge at becoming mainstream, but from the admittedly scant research I have done in the matter, the software I want isn't always available on OSX-- so it doesn't suit *my* needs-- and it seems it doesn't suit the needs of a lot of 'average' users. And there is the point-- read again if you missed it, I'll wait. Done? Sweet.
The average person on the internet is looking for an OS that works (haha) out of the box.. usually something that they would use at work, something 'easy'. Sure sure, OSX is easy, but it's not mainstream-- it's *way* easier to find a PC to buy than a Mac walking around the mall-- grandma doesn't like to wait for things to come in the mail. Grandma, bless her old bones, also likes to install any ol' thing on her PC-- I mean, it's just two clicks and a few "Next" buttons and Presto! It's done. Also, any link emailed to dear old grandma gets clicked-- the little man took the time to crawl in the monitor to put it there, she might as well click it!
So, now that you have background on my grandmother, if you were in the business of writing some type of malware that would send infected email to the entire bridge club-- what platform would *you* write it for? Linux? Pfft, those guys know what they're doing. OSX? Why? So I might infect a couple of college kids and a few 'enlightened' others? Or Windows.. the haven for those who just want it to [presumably] work?
That's right, Windows wins again. (Or loses, depending on how you look at it.) You get a lion's share of the market, and the highest probability that your 'software' will make it to a box being run by someone with no more than very basic skill. (And thus, little to no 'good internet habits')
Also, I highly doubt that proper capitalization is a judge of intelligence any more than using rare words is... only a fool would think otherwise, if you ask me. ;)
[ link to this | view in chronology ]
Re: Oh yes, OS.
While an apparent inability to capitalize properly may call one's intelligence into question, the ability to do so doesn't necessarily prove anything beyond a subnormal level of intelligence either. You are yourself the perfect example of this.
[ link to this | view in chronology ]
Re: Oh yes, OS.
[ link to this | view in chronology ]
Windows not bad? Your kidding right?
a different user group."
What "different" user group are you talking about and how is OSX and Ubuntu not targeted at this same market?
"Please try to curtail your contempt of the masses and stop being an OS snob."
It is kinda hard when we have people outright lying and saying crap like Windows isn't bad. This is pure BS. Windows is horrible and everyone who has used it on regular basis comes to understand it.
I constantly curse the bugs and errors that crop up in Windows with little or no workaround and don't even try to run some legacy software unless you have a evening to get it working. Not to mention that MS invented spyware because of their deliberate back doors throughout their code. Malware wasn't a "accident" is was planned from the beginning.
"Especially when you're woefully uninformed"
I guess uninformed is in the eye of the beholder.
[ link to this | view in chronology ]
[ link to this | view in chronology ]