|
|
|
The British Botnet Corporation
By: Larry Seltzer
2009-03-14
Article Rating:  / 15
There are 12 user comments on this Network Security & Hardware story.
There are some things you just don't do in security research or you become part of the problem. Controlling and modifying other people's machines, even if they are "bots" in a botnet, is one of them. This is what the BBC did.Not many in the security community are impressed with the
BBC's cheap trick of buying a botnet and using it to demonstrate what botnets
can do. I'm as disappointed with Prevx, the security vendor who cooperated
with the stunt.
Despite the BBC's assertion that no laws were broken, I'm more impressed
with those who cite the
Computer Misuse Act to claim the contrary. To do what the BBC claims to
have done they must have violated this act. One can argue the merits of various
parts of the act, but as a general matter it's not good for vigilantes to go
about violating people's computers to make a self-serving point. The act is
clear that unauthorized actions on a computer (like sending e-mail from it or
changing the wallpaper) are violations, and of course they should be. They also
may have exposed themselves to civil liability by involving ISPs in their fake,
demonstrative DDOS.
What they did was wrong on a number of levels, not least of which is that it
seems they paid for the privilege of using a real botnet. Who did they pay? Is
it right to reward the herders of a botnet by giving them business? What will
those herders do with the money paid by the BBC?
How do responsible security researchers work? It's not exactly the same
field as botnet research, but I think you can get a good sense of good
principles from the
Fundamental Principles of Testing for the AMTSO (Anti-Malware Testing Standards
Organization): Never create new malware and protect the public networks
from the research at all times.
Alex Eckelberry, CEO of Sunbelt Software,
commenting on this in a post to
the funsec mailing list, says it well:
... malware researchers routinely deal with
botnets for analysis purposes. It would be considered a high crime
indeed to allow a spambot to actually send spam to the outside world,
even for "testing" purposes. And, shutting down a botnet yourself, even
with the best intentions, is simply not a good idea. You don't know
what accidental harm you may cause. You also don't really know what's
on the user's system that will simply restart the whole process.
In the end the BBC states that they notified the owners of the
systems involved that they were infected. They didn't provide details
on how they did this (I wonder why, he said sarcastically), but our reporting indicates
that they did this by modifying the user's wallpaper to include a note
about it. Well-intentioned as it may have been, this alone is a
violation of the Computer Misuse Act. It's also a common technique of
rogue anti-malware products; they use any avenue they can get to try to
get the user to "fix" their problem by buying the premium program.
This last analogy may seem cheap and unfair, but I think it
illustrates how close you tread to the dark side when you go down this
path. You end up using the tools that the bad guys use because they're
what's available. And like Eckelberry says, you never know what will
happen as a result, and it will be your fault. I hope the BBC stops
defending its actions and apologize as it should. This sets a terrible
example.
Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.
For insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's blog Cheap Hack
| | Reader Comments: The British Botnet Corporation | | >>> Post your comment now!
| | My two pence-worthAs a UK resident who has to pay the exorbitant (140) BBC annual license fee, I'm really, really annoyed that they used my money to pay cyber... Posted At: 03-17-09
By: Anonymous | | | | | | read the site1.) I did'nt say I would
2.) I said its a topic for research
3.) I said its possible to do so without harm (laying out the possibilities... Posted At: 03-17-09
By: dio | | | | | | but where?You have no business doing those things on other people's computers without their permission Posted At: 03-17-09
By: Larry Seltzer | | | | | | The great debateLarry,
I have written extensively about this subject. The premise that researchers and vendors cannot safely come up with a way to neuter malware... Posted At: 03-17-09
By: dio | | | | | | Old TimesTheir (BBC's) justification reminds me of the logic used by the original group of hackers who were showing corporations the vulnerability of their... Posted At: 03-17-09
By: John | | | | | | Just to prove a point?The media has become the worlds great untouchables.
How many of those who side with the BBC for violating laws and peoples computers to 'prove a... Posted At: 03-17-09
By: Earl | | | | | | BBC Should be prosecutedYou are absolutely correct in saying the BBC should face charges for their inept way of proving a point. Any legitimate researcher will do their... Posted At: 03-17-09
By: J Miller | | | | | | >>> Post your comment now! | | | | | |
|
 |
|
|
�������xr80�VӮc�]mT!rYST婎PP$$M�K;/qؗgL�BITϖ˖�0Ld&�D��?{{~$rH5g6%�E�}"I�~x��(~`\˩��IZN�ڶ?
�}�~mkr�u����{#|6�%?w *s=NN��K�VgMFھlM�e�#k_gp��,Fc�wM5d{9B �~5{�sr�!%2z,Z�wzD~V�hӯwm<&a}�C $a��D�Ba5w0NK>?"�5CU�VekVCl�v�y!rs�#�g߶�z$nRvGn(Gd`jI:@*"4����6S!p�55\`p�)jPX6tG,> H>!P;u�IV@��daS��/*! lpa+j)yp
Olˇ�;)O�E[#Uֶg5�]�q7ܙc�g��tZENX*�o�~�cn�k p==\'D=:/Gyӝfؖqwh �ݱJZUQ�bP)��;+����1�߶W�2w7;ּkR)(U:G��lݹ��жD^v�Cnt�|n^^�[�r -�+ NַRߙ�0QT�&*rp]sܶ:]r!gϭf�Y;��i
Of�ɷV�\vO^�S�&�:aZ+UCIͽGfsr$�tr:%9Io�|;#/ !=Ow|�nr*GrI/]o$n�KŗG)H7�3ǚ� �-md©�$|Ǻ�z�N���Y*�E`Kc7������I3뾖;�n�ZK=0�[-RFƺ�\
Д��a��לذ�1�"%�
hJ@{�e��$�}ВEtBAͨO��%ތ��E z%Ku}7�pe
sCzlNTVʒ0Wb{�(�E�ށ:yt<#Un S��3�G#��вnZ�KV)�Ʀc~+%Y��EPU�_p�-~~l2B��c�Lt ӯgA`�: ~'c|>5�$!|Бd��mxq�Z.�+ЍE��Xn`Vt��ha{4�ڭ�l=
K�pI}x�X�Ok9�LP#wC۠h&r=�kI�ׇ.[??�� {
G`p�\�&{�xk�=`DMWt��C`���V��<� �2/?>�a�xs݀�̧P�}-�jMu�
&��QsfPBN�(~9-WR��;C/0��z"�"D%� T
h��4�A'�E�ENNAw�w$]I+TbD8�JnO�u$]#J_KEs㙰TL٣XB�Y�X/_��23CCɴa���X�9�{DM�f�T`B[ụDKa�k`F^rA+ŲMCA�IiB�Z9,)��Cz�dEgm6ŝ|ˁ)�3#ϖ�̠�Gx�}lj7˄���87C˰`�x�h�yIu!c�@3~�~6ۇ�-|��Ц_-dk6q�}b�0&{b6c��{A3u�OP#'Կ����;3u9\Ow,{t?�Gc�NEi[Jι/7�O)j�`~-�n^ßf�1�d��_w\ճ&VAB
�glCC�2{�ޡ[Y3R;=��Mrʳ"�#��C_7�X>ťHN(m�t'�й+>q^v.iC@ӬXK�uooE[�1(�ĿKúJ�jp -�H�o`��koռE_x�ue8HiK-#�rB`}.�E�6GQ4�lJ
�&Ϳ�]�ϞZC>c�+�UV�ᏡLYV<[)ZX�bY;wl�� �ʸnJiriz68u>N)�MKϵ("ݩ?�v�l>s�G�lS�p1hBJmH�w:v�g�J�[Y�*,b3)4j+zF
���o�f`�׆ �K ؈|ȁUraҝŅeriQ=o.);UC]JZa6oM �V!0\(|pT30`�-e�O��)]&ٰ\R
�~��j"�yd\s˰e0�B�
SL@rE\
�~1��~1UŠP=I
]�gw`u0$߰��VT!rB�3�]?w�2_!�挮~��x!VB�L�qQT*8+
:?CUQ@HSj�}w8�8>x�}ˬ5?�_>k�{]w+\s~g^Ol^��cv"O`��V$O-p2HU>X�}`/�cҧ8@�zU0�UESUG�+;+]>�F����]h���!.��~1�X@�P A6+8SӞ,jXX�RO�-x[zGc�gԿC���XsE-~ʮO1"Q�e�ڟs;d跸�@^5o8`Ȍ�)Ĩ�5U�V�*~mZg5^�ߜ]hDA��`��
Н;#ؐCKA;cVS,o�t렀6RaMxތ�9"yea@WIl��J�hLh^.Qm(}�g<4�*�o�ᔻ,q{S+)~�%XD4W��atx/ N$8У4�Hs�̳)AD)&�
/��j�h_��xUM+%P}2�YhSIpg#HٚIu�LلY�2R�L5sݿy�j�=z{'q7g@d�+_�?L]�[L4�zɖ0g`OO-�� �v�uhՂrO��'(3_[b3�⇇a9kٝNC7E$�9Pܘ��G�wDF$۽>�R�d��sa7pTJJ\�
$J+A:erN-×ɴv8�^gUU�My�Uf̐,*C�j]K>a51r�Y�i&!l|l'�We7M�#3*pZ��J�p9փ�`
뼂RUFWӛM`�U!7TQԀO>MGnR�HrX%7:�iv=$c��e�Tg
FBR%%^퓨萫YAɂ]A�ӀM\r8Okhs%p}�/O&PFzMʇ��q4I#⩬yF0.Ɨ��s�k'�G̦:z�fS6{%]M茻l\!�L#̞úe$i`�\&LX�u �Z:L_�tS6dU��sVB 'I; #�&8=.�_Ewe2qyh7(jMi@h#
&w}}�Fr@*�5�]�*{ s�e#g��D�)_�1<ʢ'r�]N6.�_-J�vq�*�s>P�9��۷BlpH75),8{Je�%[
yr2���=�QZ��aǰ�^P(k��㘘�o_?؇^ժ�%����b�n}+ ��=��|YtW�%p:]�;W=n]~9?&L�8;~xmZ# {L.��(E@?^-Mgq O4
}Uj]5uDJ�V%�?t>]IvC�[�qoU�h3 J@��#�$bw}|ɾ3zQ^7ZW���6|v<���2�4H"�r:m�ݸк�_>\vn)crٺjJ^zk �7�e�BV�ç7oSo2MD�Yk�NEl�=O[�?G(��ch�Ga�(��1GT�$�z`eanKl�x4a�RL锐'.ϓp��|Nhk'I^VR6T$��4%!44QLNbC]F+Cg�ҽn\mOpV�H�p._xvIa%yx�2kI�85(^q�N�H�IJiIw�3DJ^KjpVKu^N,�~xRr�'Tz�@+G"�=tӨaEbӝca��i9F]<��;�{��WQ
=d�Z�nW8Zt]ta|c|w�sF�G5\{�>'#塺1&��5�
\:`Q��Sup7߁�؉�?O.yr�or78Jn-sD�ܩV3]vYf��?yxX�D�D1C:#^4.@
&̯�>w��H-@^���=oQ��p]9Qz AC~ot3r~jהŞ`4�}Jpڗ{qO�n<�]1nglL'#I"ɫ:�w7}\8%++Tx|1��1�@7YM
�d3Do�Ӽ4hAp�l�3�O7�C]j~d_s1T�7?_gpKw�
�z�7>+-R!EkE��wW�UK��O7ʢ�E�'%:�mחF�}V5BĬh�w4hTɁo
?5'|ȞF8^jDɼe鼳~��2�/>
�AY�؞qbL�p��#Pf�p~n
֔I�3�q#ĠH[rMs ��_5D��N��
�X��W+i�_B�c+YT^?�1�;l�V6֊ v)[ W��2� |kM-�9&p$~��M{fr+��(?���ܻ'Vx�e�[b[0| LcK��ֈe�Za32ϦΒYfM-�+/>,0eRK˝Q^�'�\/_z�!j[̧�"j�bT|"F��;�E,��
�
k mk~k�łQ����\o~D>xx@7v='e5*�k|>
(�F�PepPAġ^CO&oazHL][J@=�?K Xp1�,Otʔ�b�phX-F5`�eݦ^зSg�' ,V&�\�$�%�z�\x�g��^�fyu@E Ofd'PBb3P��@lU�RJ$RR@�R|oV=TTLk.U�S!��x?Ӑu9E#J0C��%q�OT�,Q�?Z��De�&��//%D?)1єL16Ȇxn[}s��WEߠHJAR�o'2A{vfY�$&#�!x+-ie2�'q�$@>?湁a.��-o#S�n�beNX^\�SvQ�VҥϬ@�Bڟ4@?o*U�aI���BD�V�Ыc�"�u�&m٤캣9k�H�8Aԙ���:�� q�D@ ���<& .�-!"Y߲�-G.f�aX}iz$<
���C�`Xhe`HH un��
Nw2Z(�T~v�j�#|&oT@Ru�7|hJקYÀ A8�Pf%B�]����w�P>m"��BH3��k>��;3��&�Ƹ3:KҡZU7,�`���v@�d��L80z
yGQ7�ZY|Ny�uQ���cŭ����XVj�X_=ߑe"EKw:㷯�;=o�Mbu8%^�:��.q0]aJ[X`k�-bx#1<�R[?�0�QLH�u�I_ݒ��ĽgI�}�cGlN'WO_=lC�N�Ug\\_V\jT0!x�Q�s ='nUt0h5"Ϸ�'�?t+�Z~��L)}a#f�1k~�|[7�[S���;6K8W(-x@&{(��F"��a1W"%@<\ߩ�<1)�SR)�S`FF�Xa)����IAN�Ώ̼�]jo
攋#�%v�HN�#S �<
fs�JWx���H�oWo7쇤;�~}}}rءvX*nX(ೲ/5<*]�7p'(h@*O>]]~]�K�ZHhUCf?}fZ`�m79ma}z5�]�(}UݙmJ`�\N: &u1%Fuaڰ�DӰ(b/e�<_��?�ªJ�`]ߦַLq``M�>�>��A֏9J6I*�W_̀m�`�*/�>^�ikݰ9�PAgXt~DY~SG4�R\0k�[��긯�7~.FK�N�J�YXCJ:*ǽ
�5^;{% 0����_۠�"
�����~���Vq4��-c�'�|k㞈�0e�k('>?�E7���:\g���DŢW܄�gz@R(kj��
f&��>d! �t��^^ TmSO^t g�]�C
u`�$�0mǀؕĠ�AI��B4ҕ��ĸW܂n"�I☐P�VW�kG+� ,�k3"��Y�"�'"�KIE�/]^|cxl?��Q�X2!Ď�m���/-Iyp\oK6�qN"F dr;mB.]�sI
o�*ʡZr^�:XuZ.˘x<�V@THk̘xf4�vlNz� ytJu��*Z!Ѥ�%�^OŨ�'5̈
ZOk�a�f�ZOkݗ�s3�?i<1E�7�Zzڝ�Z<�hfUj"f?unH
1h
7p�K9��ci MG6Dj� ?�r+G�N$(�b��az�T�g|[2@O�
`ʖC/0Ÿm54�ȱ��r
tP��
B�])Le��_`w��ᷭ��L(c,23'�['gth&n*16J)tof|LI��-g::~1~$jsa
s)ʒ2;8@��lfmmIU+ ַ�g%.04%n�1�tN.tGw,�@8�(����pXHґu
�`�<$z�战̥7d?= /M�8}�]ǃ�"Ba=X *>Io��RG���P5�6W1�:7o͏�%jv/^��V�<;C}m!����y;&�}` >�Sc�}Fs�6$�EuE)�d><)X�-l
� \Z��s4aq;ּxsU��1"[W�'p�`�\pr@KdK*2&�B�s�8���or~�vtf,!"�&L�s6@@P0H��7cc�n#BLk8�3D�kXa،6SD�a�
ŋ���Ӻfb��WoP$P`��+wdc�||�9k�$G_$�F�KE���T��&}�nAm??'~��e�ML)awSa/xs�` 3��l :\ݝ<�epX<>��12ɀx��db�~�,ywJ7`C'[�j�E9�Y|ob{�LgA~,P.us�x\jH��@�cPB<_�D�1�ka]?�[/#}|AaP�Z
��+z+U'I]Ui_)9CȮ�KDU8l|.OUY,f/c�oa[iB�R.
��?$-G쌆�xɾe�$͈ɵ7֝��4/
ift?tOoZV犜4/;x Zѷptԝs9rڹrj^ߴz G_K}e |Q)Xt�5UdvʌPN6uF\�«�.Y.3U94dG0=4��y�]3�{�J*Q^e5DM@*8� �DF!~jԊkm9�ޗ
g5^L˒W�S�ZOmj�6^���V
�Ck-W܄Ii �@1@C|m^6O{sCx_m\�;^f�B�7P~�(@y'�9�hp(?@�|OPi}E+Wh/oꭳr_+i]eC[�?v3ʿ@�2�>vv�v�m�mgз
igЧ
3o�3
Oѫ�>C�((�#
r�߫�ʐ+�@;�d�N~�kx:����7��_/z/�)>Crs�~~3w�Y�{�f�wɹN2!(odY��NOoT�8'�\$_Je�YW@a uuQ~��@y�J2,c3\.�f{�%;[?[O;gu
CFWT=k ϼdmNt^k8VҮ�/��h}0�^ZE�/ޤQ��VD=VbM�dG,DlG\%�Yn3'=��U͉(c#h�3.Ñpۿ{剹?|�[2��xq0>ۓ{��\�pۭ⦠ϻ]OƖ-~k�O�[��&7Sw-"�ţ;ZʈP}v�dm�oCd
x^$��O>�{�P�[Йq%�ޢD�)�F�yk@�Ë��{�zY)W8#~y�^
Ud�٤V`l}�Tq8 j5&pN!3J8?0�
H-M�ԳpNuJq`�FP[t+2�+
7\xoc
Dǽ�;a[�@R#l VT+[-WJr=��f��DD��"&Q5YUdJ.'�jeT�L��3BA�zG�
�l]{ۦJ�̾ZCO�3CX)x}̺l5�@ P��1�=:ZǬ*Y�ۼx�`T�;i��@18�L�o��9X�-.#R�箋Q׳�+x;Ϩ�^oc¥��6&�Klɜ]k'b�B']sL;�O,O�~�f+g�
�ԛ/�hlգ{h9đPr
O�?g�)bJ>�7֧�B΄[4�п#
s%(uLw)m؋���XC�,['l�ybb)m+�H|gr�[���;$}9�F(r!>p��^��E�`iB�O^sE�ë�sD`a\m�8ʦI�(�q�0r�H730���4.^�k,�`wa5c,[��$|6��bZ�řr֠}փ��D#iZ#Xnƀ_h_n=,N7"f/ܝ0n6u�[��~]@8ʹ�Ï }Cqzvtsʱ
En]ݸ3EK~+x\
��Hn2_go`5��vԦ:D�`/&�o�.;4m>F2�Ox}T.q
5sE�Eב�E,&JhӄZ�{J�fBZ�s�PF˯�9ao5RFXk;MA5c�t:h}v[פ3����ւ!نI��f;��1,���ԟ1@
EY/�v�����Y{N6� )4�Mϫ�R�{jS鱻�$0\d�~\g;-�n 3R�,���`'/2^�;'��'���ϷϒezLU"z̴�៶:�Dl3%Yz'Oޒ{־(� ;CpM&2QTD
�Q)Yb���d휙gMr�xgs
c@NDqD'Px
6s6�N`^|ۺ+AѮY�mwl`[x%k^F:HM`WH{�XiW��e1RpCV)�tO�ދ��BNt3C+W5`/��=H�^s(�n)ZF��1�t��VB\
(a��t!L/Qa˟]�lׁP#nH[T�FM�®":v`x^];=�k{!**kWЅn�T�x囤9mAU �
�=[=�܋;ɾ!��^f+Ss�-�ɤ{%̅Ada��gZ-*?҂o/�Q\�F$30(�y��lH�K9��m5'0X�1'(���R9(t�&0 '�Ɣ
ϰO"�� s�k9)��,�Sw:gy/�|[z0�XjPw\vnb3u㎗4N?~|:6Ҝ%!tnΚi��B"E�w8;k]}HVz�C_%ȕ/g�2F#-<��#@5̚J"<&o�)FҢpL\岞�*jaKm9n�~;�1{l~r[)�Us̥D/4^JB\qrh6
|
Network Security & Hardware 
