
Good Guys Bring Down the Mega-D Botnet - wglb
http://www.pcworld.com/article/185122/good_guys_bring_down_the_megad_botnet.html
======
javery
It seems like the major email providers could justify paying security experts
to take down other botnets. 11% drop in spam has to have a positive impact on
their bottom line. If you are MS, Google, or Yahoo with millions of accounts
all that spam must represent a chunk of bandwidth, storage, and processing
power.

~~~
zimbu668
It would probably be worth it for the other bot-net operators to pay for that
service as well. Unless there's some sort of honor among bot-net operators.

------
NathanKP
That is pretty fascinating. It reminds me of an article I read some months
back about one security specialist who got a sample of a bot, hacked into it,
figured out how it communicated with the server via an IRC chat link and then
created a "fake bot" which allowed him to spy on what the spammers were using
the bots for (in this case to launch DDOS attacks). Eventually he made contact
with the owner of the bot net and threatened him into shutting it down. It was
some 13 year old kid.

~~~
pronoiac
Maybe Steve Gibson? This article was linked here two weeks ago:

<http://news.ycombinator.com/item?id=992830>

~~~
NathanKP
That's it. Thanks for finding it! I'm going to bookmark this for the future.

------
chrischen
Can virus scanners prevent computers from being infected from this stuff? If
so, the government should provide free virus scan for all computers. Increase
taxes if necessary, but this will secure the capitalistic infrastructure that
make jobs, specifically in the tech industry, better by saving money for those
companies that would otherwise be spent on futile individually divided
attempts at securing the internet.

We spend money on local law enforcement and the military to secure us from
physical threats, but digital attacks can probably have the potential to
damage our infrastructure (especially as we move more towards a digital
dependency) just as much as a physical attack. So I think it makes sense that
computer security should become a right for the country as a whole.

At the very least a distributed "virus scan" that's present on all US
computers, and controlled by the good guys can be used to undermine the bad
guys who have illegitimately infected people's computers.

~~~
jerf
In addition to the good concerns about exactly who has the power to run
privileged code on your computer, I will also point out that:

A: If you are serious about 'mandating', you just toasted alternative
operating systems, and have grotesquely complicated server operators lives,
among others; the world is full of more situations than could even begin to be
covered by such a policy.

B: What you want won't work anyhow, as your first premise is false: "virus
scanners prevent computers from being infected from this stuff". They aren't
perfect. Mandating a monoculture of security software simply means that people
have to use hacks that work against the current software. (Or a de facto
monoculture brought on by a small set of legal choices, or a de facto
monoculture brought on by a wide array of choices but one "default" choice.
Note that "allowing people to opt out" is simply recreating the current
situation, only with a lot more government for no apparent reason.)

Of course, quite a lot of those hacks will involve forging the presence of the
software, making it look like the anti-virus is still running when it actually
isn't. A task that is very difficult today, you made easy by "mandating" which
software it needs to be, which is whatever the gov provides by default.

Even beyond the legitimate concerns expressed by the other posters, your idea
is worthless from a security point of view. Security problems go well beyond
"not everybody is running a virus scanner", or any other set of defined
software, and you would actually make things worse, not better.

Of course you will disagree, because in your head security software is perfect
and you can't perceive the massive problems that would result from your
suggestion, since you're working with mental ideation primitives that don't
correspond to anything that exists in the real world. There isn't much I can
do about that, other than point it out.

~~~
chrischen
Perhaps "mandating" is too strong a word. Simply subsidizing or allowing
security software to be obtained free would achieve the same effect. I meant
"to make into law" when I said "mandate."

When I say "opt out", I simply mean that the security software is freely
available, but not forced onto your computer. I'm not proposing some sort of
communistic action plan. I'm simply suggesting that if the the government
provided security software for free, more people would have access to it, and
the effect of viruses on businesses can be curtailed.

> Of course you will disagree, because in your head security software is
> perfect and you can't perceive the massive problems that would result from
> your suggestion, since you're working with mental ideation primitives that
> don't correspond to anything that exists in the real world.

You're absolutely right. My suggestion is predicated upon the idealization of
antivirus software. _Which is exactly why I started out my suggestion with a
question about whether or not virus scans can detect this stuff that cause
botnets._ And then I followed with an _if this is true_ ... then take my
suggestion seriously. I never meant to imply that I know much about the
efficacy of a virus scanner. In fact, I use a mac, so my exposure to them has
been limited.

I don't know how you got a look inside my head, but you clearly need glasses.

Second of all I think you, and a lot of other people who down-modded me may
have jumped to conclusions when I used the words "mandate" and suggested the
government do something for the greater good. I'm not suggesting something
akin to the communist green dam software. My suggestion is probably less
controversial than the healthcare plan, since it would be cheaper to
implement. It's more like the government digital converter box subsidy program
if anything.

So assuming if everyone had virus scan, would it help? If it doesn't, then why
did I waste money on Norton antivirus on my PC? Surely virus scan must be able
to do something. Definitions can be easily updated across the installed base
to counter the latest zombie virus. If you have evidence that this would all
be futile, then I retract all my statements about giving this supposedly
useless product out to everyone. You probably know more about virus scanners
than I do, and I'm not here to argue with you about their efficacy. So unlike
what you thought I wiould do, I am not going to disagree with you about their
efficacy.

~~~
thwarted
Doesn't Windows already come with a virus scanner, provided for free by
Microsoft? I don't know for sure, since I only boot XP to play games, but it
keeps nagging me about having all their security things enabled.

~~~
chrischen
I'm pretty sure xp doesn't have one. But if windows 7 has one then that would
be a nice group who can receive virus definitions to root out botnets right? I
mean this potentially larger pool of virus scan enabled computers can be used
to push updates to. Otherwise they'll be stuck to blocking out dns right?

