Kraken Botnet Infiltration Triggers Ethics Debate - The Good Samaritan's Dilemma (
Page 2 of 2 )
The ability to infiltrate and seize control of Kraken's C&C mechanism
left the company with an ethical dilemma that has prompted a discussion of
whether infected computers used in denial-of-service attacks and spam runs
should be cleansed without the owners' consent.
"On the technical side, we have proven that it can be done. From our
proof-of-concept, it would have been one more click of a button to shut down
the communication between the people sending commands to these [infected]
computers," Pierce said.
Essentially, the infected system would be connecting to TippingPoint's fake
Kraken server and receive a command to kill the target process handing the
communication.
"We never hear from the infected system again and neither can the
actual botnet owner's command-and-control servers," Amini said, arguing
that cleansing should be used to help slow the botnet epidemic. "We have
the ability to successfully redirect infected systems. We have the ability to
provide an 'update' through the existing Kraken protocol that can simply remove
the Kraken zombie."
Pierce agreed. "If you have a wild person driving on the street,
putting everyone else at risk, you don't just turn the other way," he
said, calling for industrywide discussion about a more proactive,
vigilante-type approach to fighting botnets.
David Endler, director of security research at TippingPoint, is on the other
side of the fence. "The reality is that you really don't know what you're
modifying," Endler said in an interview. "It's a very tricky
situation. What if that end-user system is performing a critical function? What
if that target system is responsible for someone's life support? Who is to say
what is more beneficial? It really is a moral and a legal quandary."
He cited liability issues as one of the key reasons TippingPoint opted to
leave the compromised computers untouched within the Kraken botnet.
"There could be life-threatening repercussions [so] you have to walk
away and err on the side of caution," Endler said. "If you see
someone breaking a window to go into someone's house, that really doesn't give
you the right to break another window and go in after them."
Pierce said he sees it another way: "If you see someone mugging someone
across the street, you just don't watch and walk away."
Andrew Hay, product manager at Q1 Labs, a network security management
company, said the concept of tampering with a user's machine without consent,
even if it's to remove malicious software, is "ethically
questionable."
"I couldn't in good conscience send any command
to a machine without the user's knowledge and approval," Hay said.
"Ethically speaking, we just can't make that decision regardless of if
it's right or whether it's the best thing to do for the good of the
Internet."
| | Discuss Kraken Botnet Infiltration Triggers Ethics Debate | | | | | | | For heaven's sake, at least send a pop-up message to the owner/user of the PC to let... | | | | | | just like every other spam pop-up that says you need to clean your computer? great... | | | | | | Cleansing should be the second step. The first step is to nab and imprison the... | | | | | | of the botnet and at least stop the bad guys from continuing to use it? Deal with... | | | | | | I understand what you are saying to some extent but treat it like it's a human. A... | | | | | | Why not just give PC owners notice of a legitimate site on which they check to see... | | | | | | if you can hurt them in the pocketbook, that will shut down the operations. You... | | | | | | As another commenter pointed out, just sending a scary pop-up won't do any good. ... | | | | | | If it me, I would like to know that my computer was compromised. If it were my... | | | | | | Turn them off. What if Kraken's owner upon reading this changes his system commands... | | | | | | The ethics of controlling the system have already been compromised by the original... | | | | | | After reading about several oppinions on how to deal with this, it seems the issue... | | | | | | Bob has the right solution - put this on the ISPs. The only reason botnets are so... | | | | | | My $.02.
Like any offender, the legal process should prevail. Starting at the... | | | | | | The botnets never asked any of the owners of the "slave" computers if they wanted... | | | | | | Ok, so they tell the ISP. What would you have the ISP do? I'm not sure all the ISPs... | | | | | | As much as I am interested in this discussion of moral responsibility, I also... | | | | | | First principle is "Do NO harm." If you cannot determine what the computer is doing,... | | | | | | Brett - Believe me, I'm leery of heavy-handed ISPs too. However, most of the... | | | | | | Or in this case, a parent who will take action, even though his game-playing and... | | | | | | So, what are our current standards of dealing with problem users in other ubiquitous... | | | | | | Although I am ALL for cleaning the bot-net out, I cannot say I agree with doing it... | | | | | | 1. I like combining the ideas of restricting the domains that the botnets are... | | | | | | Give it to Microsoft and they will get into every ones system and make the changes.... | | | | | | I think there is an easy solution that still gives the infected a choice.They... | | | | | | Let's be a little realistic here. Who is ultimately responsible? The botnet... | | | | | | IMHO, the dumb bastards weren't smart enough to keep their systems clean on their... | | | | | | One thing it seems most people are forgetting is that these botnets are... | | | | | | I would have thought the ideal was when you get inside one of these botnets, you do... | | | | | | So we have a bunch of PCs so uncontrolled that their owners let them be part of a... | | | | | | By definition, half of the population is below average in intelligence. They're... | | | | | | I'll have to agree with the comment that the people who are infected probably don't... | | | | | | Let's look at this from another angle.
A. This is an international problem. . .... | | | | | | I am one of the dumb bastards you mention, even though my intelligence has been... | | | | | | As far as I'm concerned, even an unexpected notice would cause me concern. Is it... | | | | | | The article quotes someone as saying
>>What if that target system is responsible... | | | | | | Let's say you are one of these botnet masters who is reading all of this. You're... | | | | | | It may not be ethical for you to cleanse the systems. However, it *IS* ethical, in... | | | | | | Precisely. Medical organizations (hospitals) would have to be insane to have a life... | | | | | | >>> Post your comment now! | | | | | |
|
 |
