Ethical treatment of Kracken
May. 6th, 2008 08:19 amcontent.internets, content.quotes
lj-userpic: pl4y with 3vil
Here's an article on an ethical dillema some security researchers are
having: they've infiltrated the largest SPAM botnet in the world, dubbed
Kracken, but they're not sure if it's right for them to 'fix' the infected
computers.
The way this works is that the botnet is composed of thousands upon
thousands of personal computers which have been infected by the Kracken
software/virus/bot/whatever. These infected hosts are called zombies
because the virus/bot sits and listens for commands from some remote server
and then makes the computer do whatever's asked. I'll repeat that:
thousands and thousands of regular home computers are getting instructions
from hackers and performing work for them. It's kind of like Seti-at-home
turned to evil.
These researchers have managed to 'infiltrate' the botnet; presumably
they've found the virus/bot code and were able to learns things about how it
works -- most probably they've learned how to talk to the zombies. If so,
then they have as much control over these machines as the Kracken hackers
do, and they claim to know (vaguely?) 'where' on the Internet these machines
are. So now the question is: do they inject their own code into the botnet
to *fix* it?
On the one hand, killing Kracken would be a good thing. Having that
botnet out there -- thousands and thousands of computers that can be
controlled remotely -- is a rather danegerous thing. And, unless Kracken is
a jealous god who patches his zombie servants, these machines probably have
other vulnerabilities and host other infections. (There are some neat
strories about viruses and rival botnets eating each other, though, which is
a rather fascinating concept; I mean, who wants to share, right?) The
trouble is, patching software isn't really an easy thing to do, and if
you've ever run WindowsUpdate you know that patches can break things, too.
The researchers don't own the infected machines and, strictly speaking,
don't have any right to meddle with them. They also don't know what these
machines are USED for, and it's possibly that some of them coming down from
being patched could be a bad thing. The article goes into it better
than I can here.
I'm linking you through the Digg post mostly because a dozen or so posts
down someone talks about how crazy-smart the Kracken developers much be and
how it makes him sad when programmers use their powers for evil; then he
says, "to quote ol' Uncle Ben, 'with great power comes great
responsibility'" to which someone else says, "We make the best rice." I'm
going to be chuckling about that all day.
(In the end, the real point of this post is just an excuse to say, "they've
learned how to talk to the zombies.")
lj-userpic: pl4y with 3vil
Here's an article on an ethical dillema some security researchers are
having: they've infiltrated the largest SPAM botnet in the world, dubbed
Kracken, but they're not sure if it's right for them to 'fix' the infected
computers.
The way this works is that the botnet is composed of thousands upon
thousands of personal computers which have been infected by the Kracken
software/virus/bot/whatever. These infected hosts are called zombies
because the virus/bot sits and listens for commands from some remote server
and then makes the computer do whatever's asked. I'll repeat that:
thousands and thousands of regular home computers are getting instructions
from hackers and performing work for them. It's kind of like Seti-at-home
turned to evil.
These researchers have managed to 'infiltrate' the botnet; presumably
they've found the virus/bot code and were able to learns things about how it
works -- most probably they've learned how to talk to the zombies. If so,
then they have as much control over these machines as the Kracken hackers
do, and they claim to know (vaguely?) 'where' on the Internet these machines
are. So now the question is: do they inject their own code into the botnet
to *fix* it?
On the one hand, killing Kracken would be a good thing. Having that
botnet out there -- thousands and thousands of computers that can be
controlled remotely -- is a rather danegerous thing. And, unless Kracken is
a jealous god who patches his zombie servants, these machines probably have
other vulnerabilities and host other infections. (There are some neat
strories about viruses and rival botnets eating each other, though, which is
a rather fascinating concept; I mean, who wants to share, right?) The
trouble is, patching software isn't really an easy thing to do, and if
you've ever run WindowsUpdate you know that patches can break things, too.
The researchers don't own the infected machines and, strictly speaking,
don't have any right to meddle with them. They also don't know what these
machines are USED for, and it's possibly that some of them coming down from
being patched could be a bad thing. The article goes into it better
than I can here.
I'm linking you through the Digg post mostly because a dozen or so posts
down someone talks about how crazy-smart the Kracken developers much be and
how it makes him sad when programmers use their powers for evil; then he
says, "to quote ol' Uncle Ben, 'with great power comes great
responsibility'" to which someone else says, "We make the best rice." I'm
going to be chuckling about that all day.
(In the end, the real point of this post is just an excuse to say, "they've
learned how to talk to the zombies.")