NYT Coverage of Botnets

Not surprisingly, the emphasis of the NYT coverage is on the impact on the commercial aspects of the internet. Secondarily, they bemoan the failure of security vendors to solve the problem.

I am glad they are covering such an important issue but I am afraid it doesn’t do a good enough job informing those it most needs to, end user, on how they’re habits and actions may be enhancing if not outright enabling the problem.

I also prefer to see constructive criticism to hand wringing and hair pulling. How about recommending users with always on broadband connections consider physically turning off their machines when not used? Or concentrating on the better security products rather than moaning about the industry as a whole?

Look, as long as crime pays, criminal techniques, online and off, will evolve and advance. We may, at some point, make botnets extinct but they will just be replaced by a smaller, fuzzie, smarter alternative. Unfortunately, I believe there is always at least a small degreed of self interest on the part of security companies to lag a bit behind these problems. After all, if they solve it perfectly, what would they sell?

Regardless, why aren’t we seeing people suggesting and exploring alternatives to signature based systems? It seems to me that botnet software will always have qualities that can be exploited to attack it. If it did not communicate with a command-and-control channel it would be valueless. Isn’t there something we can more effectively latch onto, there?

Really, though, I am just exasperated at the missed opportunity to preach to someone other than the converted.

2 Replies to “NYT Coverage of Botnets”

  1. First, I must freely admit to being an ignorant paranoid extremist.

    Next, I would like to suggest that “botnets,” while currently a nuisance, may eventually be the great hope of free public intercommunication.

    Granted, this is just wild speculation. I think it less speculative, however, to suggest that “net neutrality” initiatives will fail. It’s difficult to define net neutrality in a fashion simple enough for legislators to understand, more difficult still to write/pass legislation to accomplish useful net neutrality, and perhaps impractical altogether to enforce net neutrality. As such, I suspect that we are rapidly moving towards a non-neutral net, which will in effect be a net captured, held, and straitjacketed by Big Business.

    I believe other situations hint at this direction, such as the unjustified DRM-based approach of M$ Vista; the U.S. entertainment industry’s drive to pervert copyright and lock down entertainment business models; and the rise of business in general as the world’s controlling force (as opposed to conventional government and politics). For the United States, at least, I strongly suspect that the Internet is devolving into a relatively passive content-delivery system controlled by a very few large corporations.

    As such, bots might represent one (though not the only) hope of the sort of open Internet we now enjoy. When freedom becomes illicit, illicit systems like botnets may work in our favor.

    Is it unrealistic to think that a dark network created by a scattered army of rogue hackers might work to the benefit of the relatively poor and unenfranchised?

    Why? Hackers are frequently poor and unenfranchised. Further, hackers work for whatever quirky reasons they wish to work: perversity, the perception of power, revenge, money, etc. All we need are a few smart individualists to wedge open the remaining doors of intercommunication, and the rest of us will take advantage of them. That’s essentially what happpened with our original Internet.

    But of course, a useful Bot-Internet would only occur when the desperate need arose. We’re not there yet, and I’m hoping that our current Internet will never reach the dire domesticated extremes that the exigencies of a stable business model might demand.

    But you never know.

  2. This actually reminds me of a notion for Gibson’s Idoru, where a bunch of net geeks “turn a kill file inside out” to create a private, cyber hidey hole.

    Freenet and TOR already aim at some of what you suggest with very de-centralized architectures and encryption. But I have to admit the idea appeals. Embrace the unkillable bots, run your network through them rather than despite of them. It has a sort of perverse logic.

    Thanks for the idea!


Leave a Reply

Your email address will not be published. Required fields are marked *