
The Enemy Within - kareemm
http://www.theatlantic.com/magazine/archive/2010/06/the-enemy-within/8098/
======
autarch
"If the right order were given, and all these computers worked together in one
concerted effort, a botnet with that much computing power could crack many
codes, break into and plunder just about any protected database in the world"

Uh, no, it couldn't. A big botnet does not magically give you access to well-
protected computers or networks. See
<http://en.wikipedia.org/wiki/Brute_force_attack> for some perspective.

I don't care how big Conficker is, it's not going to break AES-256 any time
soon (or really any large key based on an algorithm without a weakness).

Similarly, Conficker isn't going to be able to get into protected internal
networks with a good firewall simply by virtue of having lots of machines.

~~~
joe_the_user
Naturally, it wouldn't necessarily be able to enter _any given_ secure
network, database or machine.

But it quite possibly could enter _quite a lot of them_ ... if the conficker
masters are indeed as cryptographically sophisticated as the article
describes.

Just imagine the attack on Google supplemented by a botnet. Modern attackers
already have many vectors with which to attack private networks. Having a
botnet can only give an attacker more opportunities.

So I think it's entirely correct to say the virus is worrisome at the least.

~~~
Gormo
Are the Conficker masters really as cryptographically sophisticated as the
article describes? They implemented an encryption algorithm that had been
submitted as a SHA-3 candidate, _complete with its flaws_ , then updated it to
patch the flaw only after the author of the algorithm corrected his own work.

Similarly, they exploited a flaw in Windows only after Microsoft released a
security update describing the bug.

The Conficker creators are certainly paying attention and taking advantage of
the right opportunities, but they're not quite the super-genius polymaths that
the article is making them out to be.

------
brown9-2
Previous HN discussion of the same article:
<http://news.ycombinator.com/item?id=1350320>

~~~
roundsquare
Thanks for this. I went through @tptacek's comment, but I don't see any of the
quotes in the article. Am I missing something?

~~~
brown9-2
They're all there, check the print version:
[http://www.theatlantic.com/magazine/print/2010/06/the-
enemy-...](http://www.theatlantic.com/magazine/print/2010/06/the-enemy-
within/8098/)

------
danbmil99
Anyone know a good, friendly, easy-to-deploy conficker killer? I think I have
it on an old windows machine, and all the AV products are so fucking STOOPID
that they do shit like refuse to install in safe mode.

------
CaptainZapp
Just a nitpick:

"Ficker" is not "motherfucker" in german, it would loosely translate to
"fucker", but probably wouldn't be used as a word.

There's no sensible translation for "motherfucker" in German. Literally it
would translate to "Mutterficker", but would never be used as a word.

Else then that small nitpick: Interesting read.

------
CapitalistCartr
If I seriously wanted to crack something difficult, I wouldn't recruit more
computers; I'd recruit more great people. A concerted effort by a small group
of talented people, joined by the Internet is more effective than brute force
will be, especially if the first plan is to brute force current encryption.

~~~
16s
Millions of cores would be useful to a handful of "bright" people. It would
not hinder them at least.

------
rmathew
See also: <http://mtc.sri.com/Conficker/>
<http://mtc.sri.com/Conficker/addendumC/>

------
bbwharris
That was a very engaging read.

~~~
dasil003
Yeah nice layman's description of the technical stuff without too many drastic
oversimplifications or misrepresentations.

