User: Password:
Subscribe / Log in / New account

Whitehat botnets (ha ha only serious)

Whitehat botnets (ha ha only serious)

Posted Feb 15, 2009 17:49 UTC (Sun) by mmarsh (subscriber, #17029)
In reply to: Whitehat botnets (ha ha only serious) by JesseW
Parent article: Forcing updates

The problem with "whitehat" botnets is that you have all of the problems of vendor-pushed automatic updates plus a lack of quality assurance. An ostensibly protective worm has no idea what's running on a system, what's essential, and how much of a calculated risk went into the configuration. A patch could well break essential functionality, and clearly such a worm wouldn't be released by the distros themselves (who could potentially mitigate possible breakage, but see the bug reports for well-supported distros), for legal and practical purposes. Besides, distros have an easier avenue for distributing updates, by the suggested forced-update mechanism.

(Log in to post comments)

Whitehat botnets (ha ha only serious)

Posted Feb 15, 2009 20:17 UTC (Sun) by JesseW (guest, #41816) [Link]

Certainly such involuntary patching would be more likely to lead to breakage than QAed, thoughtfully applied patches -- but the sort of non-technical users whose computers currently get drafted into botnets don't voluntarily accept *any* patches. And a *nix-only solution wouldn't help until/unless World Domination happens -- for now, we need something that can force patches on Windows users. And I don't see any other alternative than a botnet/worm.

Whitehat botnets (ha ha only serious)

Posted Feb 16, 2009 20:51 UTC (Mon) by BackSeat (guest, #1886) [Link]

for now, we need something that can force patches on Windows users

Open Source is about freedom. Forcing updates to a subset of users, even those that use closed source software, is about as far from freedom as it's possible to get.

Whitehat botnets (ha ha only serious)

Posted Feb 16, 2009 21:22 UTC (Mon) by JesseW (guest, #41816) [Link]

Certainly, but keeping criminals and terrorists from taking over computers for their own nefarious ends is not about Open Source (although it may, or may not, involve the use of FOSS). So, the distance between freedom and forcing patches on Windows users isn't relevant.

In any case, after further thought, I've partially changed my mind. While I still think criminal botnets would be less successful if the "good guys" were willing to act without the permission of non-technical lusers, I think there is a better way.

That better way is two fold: first, massive marketing campaigns to convince non-technical users that they should pay someone (probably antivirus vendors, they're already best placed to do this) to "take care of their computers", for a small monthly fee. Second, an optional add-on to this service, whereby subscribers could permit their unused computer power to be rented, thereby covering their monthly fee, and maybe making them a little money. Also, enlisting ISPs to pro-actively test (i.e. try to break into) their customers computers and cut off those who have vulnerable computers. This would work better than the vigilante solution, because these folks would have a positive economic incentive to keep their customers computers under their control, rather than letting them be used by criminals. Your thoughts?

Whitehat botnets (ha ha only serious)

Posted Feb 16, 2009 23:50 UTC (Mon) by mmarsh (subscriber, #17029) [Link]

I think home-user-level security "maintenance" contracts are a good idea, and some ISPs provide something along these lines (I think -- I wasn't much interested in Verizon's security plan, since it's for Windows). Most people don't maintain their own cars; some do, but they're more technically knowledgeable. People also install alarm systems in their houses. I think there's definitely a way to market this to the general public. The only real hitch is how the liability is handled if a compromise does occur.

Whitehat botnets (ha ha only serious)

Posted Feb 20, 2009 5:31 UTC (Fri) by Drone (guest, #56757) [Link]

> Your thoughts?
When you're driving a car you're agree to obey some rules targeted to overall safety. And you must learn these rules, etc. Only then you're allowed to travel by car. And you will be held liable if you kill or harm someone due to your bad driving. Same should be with computers: before connecting to public network certain customer, ISPs have to ensure that this user really haves certain level of knowledge of rules similar to car driving rules. So, they have to avoid viruses and held liable if infected and inflicted damage to others.

However, there is no service-mans sneaking into my garage to fix my car. Even if it needs fixing in their opinition, it is up to me to go to service. Furthermore, such service-man will be shoot on sight by me for breaking into my private property, if anyone will risk to do so. I do not see why this should not apply to silent attempts to break-in into my computer. Even if this was intended to fix it. My PC is my private property. You are not allowed to enter without my permission.

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds