TimeWarner DNS Hijacking 339
Exstatica writes "It looks like TimeWarner is taking vigilante action on the botnet problem. They've hijacked DNS for a few IRC servers, the latest being irc.mzima.net and irc.nac.net — both part of EFNet. (irc.vel.net was hijacked earlier but has been restored.) Using ns1.sd.cox.net, the lookup returns an IP for what looks to be a script that forces the user into a channel and issues a set of commands to clean the drones. There have been different reports of other IRC networks being hijacked and other DNS servers involved. Is this the right way to handle the botnet problem? Is hijacking DNS legal?" Botnets are starting to move off of IRC for command and control, anyway.
Update: 07/24 00:01 GMT by KD : Updated and added more links; thanks to Drew Matthews at vel.net. 07/24 11:52 GMT by KD : Daniel Haskell wrote in to say that ircd.nac.net is seeing cox.net connections again, and that they are in discussion with the EFF over the matter.
Update: 07/24 00:01 GMT by KD : Updated and added more links; thanks to Drew Matthews at vel.net. 07/24 11:52 GMT by KD : Daniel Haskell wrote in to say that ircd.nac.net is seeing cox.net connections again, and that they are in discussion with the EFF over the matter.
New Update since i submited this yesterday (Score:5, Informative)
Re:New Update since i submited this yesterday (Score:4, Interesting)
Re:New Update since i submited this yesterday (Score:4, Insightful)
Next you'll argue that reverse engineering a virus is a violation of the DMCA.
Ill be the first to say it. Who the fuck cares. The problem is being delt with.
Re: (Score:2, Insightful)
Next you'll argue that reverse engineering a virus is a violation of the DMCA.
Bit exaggerated use of a slippery slope metaphor. IANAL but to my understanding, their actions were closer to breaking into somebody's house to steal back your remote control. Not to justify their actions- just clarifying.
Ill be the first to say it. Who the fuck cares. The problem is being delt with.
I'll be the first to ask: If you don't give a hoot about this issue, what are you doing in this topic, let alone in the /. community?
Re: (Score:3, Insightful)
Vigilante justice - the mark of the civilized man. String 'em up first, ask questions later. Your logic has been used to justify uncountable wrongs.
Re:New Update since i submited this yesterday (Score:5, Insightful)
Vigilante justice - the mark of the civilized man. String 'em up first, ask questions later. Your logic has been used to justify uncountable wrongs.
Re: (Score:3, Interesting)
Both options deal with the problem.
I'm surprised that bots aren't boobytrapped against this sort of action, but as the summary states using IRC for bots is yesterday's news.
Re: (Score:3, Insightful)
Kudos for calling him an asshole - with fucking stars.
Re:New Update since i submited this yesterday (Score:5, Funny)
I look forward to Cox meeting their lawyers.
Evil_lawyer_dude: You have exploited a vulnerability in my clients software
Cox Communications: Ooops, so we have, would you care to name your client
Evil_lawter_dude: I don't have to
Cox Communications: Well, without evidence of harm done to your client we can't be held liable for anything
Evil_lawyer_dude: My client has been unable to carry on his business using the resources of your customers
Cox Communications: Yes, and we have a list of customers who would be part of a counter suit, no go away or we will taunt you some more.
Re:New Update since i submited this yesterday (Score:5, Insightful)
The author of the software is irrelevant. It's my PC, if a company hacks into it and changes it then they're breaking the law.
That they're using previously installed malware to do so is completely irrelevant to this.
Can they even demonstrate that I don't know of the existance of that malware? Maybe I installed it myself, maybe I'm monitoring it.
It's illegal, and they should be prosecuted.
Re: (Score:3, Informative)
Then you violated your TOS and were on their network illegally.
It's your PC, but it's THEIR network. They have the right to defend their network and the obligation to protect other people using it. I'd even bet their TOS authorizes this kind of behavior.
Re: (Score:3, Interesting)
Please explain how shutting down a bot on your computer is damaging it.
Re: (Score:3, Informative)
Re: (Score:3, Insightful)
Perhaps they're simply unaware that you exist? I'm sure the people staffing abuse@ are a bit separated from the people making these types of decisions.
This is a DNS hijacking. (Score:5, Funny)
The criminal code calls it "Theft of Services" (Score:5, Interesting)
No, probably not (Score:5, Interesting)
Alternative DNS? (Score:2, Insightful)
208.67.220.220
I don't work for OpenDNS, but they've got some nice DNS servers out there for use. http://www.opendns.com/ [opendns.com]
Kind of sad, the first thing I thought about when I started reading about this was, "Wow... Who'd a thought you needed TOR to get proper DNS resolution?"
Re: (Score:2)
Re:Alternative DNS? (Score:5, Insightful)
I too agree that breaking NXDOMAIN is a bad thing, but OpenDNS at least does let you change this yourself. It just has the wrong default, so to speak.
I strongly urge you to signup for a free account, and look over their settings available, before you judge.
-- Jon
Re: (Score:3, Informative)
It turns out that when you're a telecommunications provider, there are a whole bunch of laws to the effect of "you can't divert or
It's not so much about DNS (Score:3, Insightful)
NO!! This goes far beyond DNS and is extremely irresponsible!!
A DNS response to a widespread bot infection, a worm attack, or other overwhelming threat would be to claim SOA for the offending domain on your network, and resolve the entire domain to 127.0.0.1. Even that's sketchy, but it's what we might call the internet equivalent of Generally Accepted Accounting Principles. I've seen registrars themselves nullroute a domain and in general ther
Re: (Score:3)
Indeed. It goes even farther -- I don't particularly like efnet, but I do imagine there are still legitimate chat and discussions going on between real human beings. So resolving it to localhost means legitimate connections that have nothing to do with the botnet are dropped in order to stop t
Re:The criminal code calls it "Theft of Services" (Score:4, Funny)
PA recently became the 50th state in the union [post-gazette.com] to put their laws online.
Yes, it is the right way (Score:2, Interesting)
If admins don't take it into their own hands, nobody is going to do anything.
IRC networks must police themselves (Score:2, Interesting)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re:IRC networks must police themselves (Score:5, Funny)
Re: (Score:2)
duh. (Score:2)
Botnets used to abuse IRC while launching spam and DNS.
That's supposed to be Botnets used to abuse IRC while launching spam and DoS (denial of service attacks).
Re: (Score:2)
Re: (Score:2)
you forgot the malicious hackers, they are also a part of the problem. Oh yeah, a police and legal system that TOTALLY doesn't know how to deal with them is another part of the problem.
Just adding on.
First they came for malware... (Score:2)
Re: (Score:2)
I use IRC, and if my ISP blocks it, it's a dealbreaker, even if I have to sue to cancel the contract.
Next level time, apt-get install bind.
TimeWarner != Cox (Score:3, Informative)
Is there an easier and more effective way?? (Score:5, Interesting)
Re:Is there an easier and more effective way?? (Score:5, Interesting)
A while back, I got a "your computer is infected" notice from them. I checked all my computers, the Windows ones with tools that weren't even available to the public at the time, and zero, zip, nada. Everything was clean, sniffs showed nothing out of place.
Finally talked with someone with a clue, and they classified my SpamAssassin install as a DOS on their name servers because they were caching the negative responses from the various blacklists.
What??? (Score:5, Interesting)
Re:What??? (Score:4, Informative)
The problem, of course, is that almost all users that call in don't need more than scripted hand-holding, and those of us that know what we're talking about call in and hit that wall, through which it can be very difficult to find an open window through which to crawl to find a knowledgeable person.
Comment removed (Score:4, Informative)
Re: (Score:2)
Re: (Score:2)
Maybe because this one was initiated by them and not me?
About time (Score:2, Insightful)
Re: "... all that we can to stop them." (Score:2)
No matter the collateral damage? Protecting freedom by restricting rights again, are we?
Re:About time (Score:5, Insightful)
I think this action is right-on. The parts of the equation missing are trust and accountability.
We don't trust vigilantes, not because we don't agree with them, but because we don't trust them to always act in the greater good. Their future actions and motivations are unknowns. Since their identities may even be secret, there's no way to hold them accountable.
Why are we ok with the police taking the same actions as a vigilante would take? Because of trust earned through accountability. To retask a familiar saying: "Put all your eggs in one basket and then watch that basket". That basket is the police, and we've put all our eggs in it. That means the public at large can watch the police, who are well-known and generally easy to spot. It means that internal controls can be set up, and rules of engagement can be put in place. We trust the police as much as we do because we know that, ultimately, they're under the control of the general public, who can exert pressure on them when they act badly. This is why we tend to put more trust in organizations, rather than individuals. Organizations are easier to censure.
Understanding that, it's easy to see what the course of action needs to be. As much as we here at /. tend to have a love/hate relationship with authorities, I think one needs to be set up specifically to deal with these problems. They need to be given what power is necessary to deal with the problems like spam, trojans, botnets, whatever, but at the same time, they need to be directly accountable to the public in a similar manner to police forces. Legitimize the vigilante action by coupling it with accountability.
I don't really know the specifics of setting up something like this, but I think using the police as a model would be the way to go. Rules and procedures, all the requisite bureaucracy, but also the ability to launch tactical "busts", "cyber" or otherwise. They'd need all the same approvals, warrants, etc. They'd have branches in all concerned countries, and would work through the legal systems in their home countries. In some countries, they might be a part of the police force, since much of the administrivia would be similar. Ultimately, I'd think CERT or something like it would be a good headquarters or parent organization for such a group.
The point is that we've already worked this out in the "Real World". Applying it to The Internet shouldn't be a patent-worthy exercise. While I wish we didn't need government involvement, much of the authority required is the type of authority that only government can legitimately grant, such as the ability to seize equipment.
I aplogize that this isn't as eloquently described as I'd have liked, but I think the general idea is there. You may now procede to flame me for advocating the Policing of the Intertubes but ultimately, I think that's where we're headed.
Re: (Score:2)
Re: (Score:2)
Oh, the humanity!!!
Pick another damn server to get your chat on. It's not like they're blocking port 80. I'd bet only a tiny percentage of users even still use IRC, and out of those only a few even use the servers affected.
Fair game (Score:2)
Re: (Score:3, Funny)
Re: (Score:3, Interesting)
Anything goes on the Eris Free Network.
OK, it's nice that you know what EF stands for in EFnet, but what you may have missed is that when the IRC network (it didn't have a name back then -- it was just `IRC') split, it split into AnarchyNet (or just Anet) and Efnet. There was no need for names before that, but after that, those are the names that were chosen.
Anet was the one where `anything goes', and yes, it did have a server called eris. The big thing that went on Anet that didn't go on Efnet was that new servers didn't need a password
Another vote for OpenDNS! (Score:5, Insightful)
Might make some systems a little more useful!
Is that you Eugene? (Score:2)
I remenber a fella named Kashpuereff tried this once...
About Time Someone Tried Something (Score:2, Insightful)
Botnets are used by organized crime for spam, stock scams and a host of other illegal activities. It's time someone did something...if only for the political effect.
The Right Way? (Score:5, Funny)
>Is this the right way to handle the botnet problem?
No. The right way involves castration with rusty linoleum knives, Turkish prisons, and rabid wolverines. If that doesn't work, we should quit being nice and get nasty with these folks. Seriously, this problem will not go away until people start doing some hard time, preferably with a cell mate who does not need Erct|le Member Help!
Re: (Score:2)
Maybe this explains... (Score:2)
Though I'm not sure what kind of explanation justifies doing that.
This will NOT raise awareness or work in any way. (Score:5, Interesting)
Wired found someone who approves of breaking the internet:
Right, because the kind of people who might actually use IRC know nothing about botnets and the kind of Windoze users who are part of the botnet care about IRC. This is just another attack on the free software community as outlined in the Haloween Documents.
Once again, the ISP has punished the good guys for problems crated by the bad guys. The root cause of the botnet is Windoze. Fixing it and raising awareness is as simple as cutting the problem computers off your network and telling their owners why. This is as it should be and pretending otherwise props up third rate software and threatens the stability of the net.
Re:This will NOT raise awareness or work in any wa (Score:5, Insightful)
Once again, the ISP has punished the good guys for problems crated by the bad guys. The root cause of the botnet is Windoze. Fixing it and raising awareness is as simple as cutting the problem computers off your network and telling their owners why. This is as it should be and pretending otherwise props up third rate software and threatens the stability of the net.
I wish I hadn't run out of mod points; this is gold.
That's a pretty cut and dried way of reducing the number of bots. Cutting the user off forces them to understand what is wrong and why they're cut off. If you just give them information most will just click past it and continue on their merry way. Users don't want information. They want the pr0nz as quick as possible. Didn't you know that?
I can think of one case where a (now ex) friend of mine would email To: every single person in her work address book with SPAM for her work. I started out telling her to use the Bcc: field at least and pointed her to a web page describing why you'd want to do that. she replied "I don't want to read all that technical garbage" then carried on the same. Then I asked her to remove me from her list. She replied "I am going to send you this stuff because I know you want it" (it really was SPAM for her work, it wasn't even jokes or chain mail). There ended our friendship as I reported them to their ISP. They were warned by their ISP and still continued doing what they did. They lost hosting pretty quick after that.
People don't want to learn. They are, by and large, idiots. Heavy handed measures are the only way to force them to realise that fact.
No "awareness" needed (Score:2)
I expect that the same people who neglect their PCs by downloading and opening random crap and not even bothering to leave automatic updates running will be as detrimental to OS X or Linux if
"awareness" is needed (Score:2, Troll)
Leet-man dedazo insultingly blames the users again:
The botnet's root cause is not "Windoze", it's the people who are ignorant or lazy enough to let their computers be taken over by trojans and worms. Since it's stupidly simple to avoid that, the problem lies squarely between keyboard and chair.
Both ignorance and apathy would be cured by kicking off infected computers. I'd be looking forward to "responsible user" dedazo being kicked off but I think the PR firm he works for uses a botnet to post all it's
Re: (Score:2)
Well, yes. That's one solution I guess.
Unfortunately for you, none of my "M$ Windoze" machines are in any botnets, have any malware or are otherwise compromised, much like many other hundreds of millions of other PCs running "Windoze" out there.
Jeepers, you are so cool.
Re: (Score:2)
Re: (Score:2)
Leet-man dedazo insultingly blames the users again
Well, look: it almost certainly is their fault that they got infected. You don't have to be a super genius to avoid getting infected, you just need enough self-control to not install every search toolbar or smiley-face cursors package that comes along.
That doesn't mean the OS is blameless, though - it can and should be more difficult for idiots to get themselves infected. But educating the users would be more effective. If they all switched to Linux, they'd just start clicking stuff like "Get 1000 free KDE
Re: (Score:2)
There is no substitute for educating the users.
Re: (Score:3, Insightful)
The problem is the assholes who take over people's computers to send spam and flood web sites.
The solution is a well funded police force to hunt them down.
Re: (Score:2)
Re: (Score:2)
How do you prove, even with a preponderance of the evidence, that person X was at the keyboard instead of person Y. Or it might have been Z out in the parking lot on an open access point. You can't prove it, so no prosecution is possible.
Same goes for the RIAA it would seem.
Re: (Score:2)
Re:No "awareness" needed (Score:5, Insightful)
Re: (Score:2)
Actualy they only modified their own DNS server. This is not breaking the Ineternet. This is breaking Cox/Time Warner walled garden ISP DNS.
If you don't like the faulty DNS, feel free to change to one of the other public DNS servers such as the public Verison DNS Server at 4.2.2.1. You don't have to use your ISP's DNS server. Go into your router setup and switch from dynamic DNS to Static and plug in 2 or 3
Their DNS Server... (Score:5, Insightful)
Re: (Score:3, Interesting)
I expect my ISP to provide me with correct DNS loopup results. If they don't then they would not be providing me with part of the service I understand I am paying them for. They would hear from me about it pretty quickly and more then likely loose my business over it. There ar
Re: (Score:2)
If the botnets/etc get wise to the fact that the ISPs are fucking with DNS, they'll just start dodging the ISPs DNS service, like the spambots dodged the ISPs smpt server.
The obvious ultimate outcome - the ISPs force you
It's not like the police are doing anything.. (Score:5, Interesting)
Personal freedom (Score:2)
In the long run, not a great idea (Score:5, Insightful)
I have mod points, but I'd like to collectively reply to a few of the comments I see here. for those of you that are commending this act of vigilantism, stop and think - is this the most effective way to tackle the problem? The way I see it is that being a vigilante is akin to being involved in a constant game of whack-a-mole. The only problem is that when you start taking down bots (or even whole botnets), the people running them begin to realise that their current generation of malware isn't effective enough, and create something that is harder to detect. As the summary notes, we've already seen [slashdot.org] them trying to improve their resources. There was another post I saw on here that put it more eloquently, essentially saying: vigilantism only helps the bad guys work out where they need to improve.
So how about instead of trying to fight a brushfire with an extinguisher, we get to the root of the problem and start educating users. Yes, that takes effort. I can't begin to count the hours I've spent trying to explain to folk why using an alternative browser (or OS or whatever) is a good idea, and what they should look for in a reputable site, and so on and so on ad nauseum. It's a slow process, but the more people that are aware of the risks - and more importantly, the reasons for the risks - the less there potential 'marks' there are for all the script kiddeez, rooters and organised criminals out there.
And for us on /. - less requests to fix the family computer when we visit at Christmas.
Re: (Score:2)
Re: (Score:2)
Actually, I haven't proffered my services like that, but I actually think it's a good idea. When I move into my next apartment (looking for a place at the moment) I think I'll give it a shot. As you say it may not have a great success rate but it is a good icebreaker.
I'd recommend other folk try this too - it can come in very handy to have a reputation as 'that helpful guy in the building / on the block'.
Re: (Score:2)
We need a dedicated police force to track botnets and their creators and run them to ground.
In fact, we need a specially trained police force in every country in the world with international co-operation between each of them.
I suggest that we fund it with an "Internet License" and that could include some education component (but don't get too excited, it won't be anything useful).
Re: (Score:3, Interesting)
When I first read your post I thought you were trying to make a dry joke, but I figure from your other posts that you are serious. If you really want a dedicated police force for this sort of thing why not show local politicians that it is feasible, important, and not a waste of money (the last one is the most important). If you can give them an example ("Here is a guy I tracked down in 5 hours. He controls 10,000 bots he can do $50,000 worth of damage an hour. He has probably misappropriated 1000 identitie
Not perfect, but (Score:4, Interesting)
There is simply **NO** excuse for a bot to be running on any ISP for more than the time it takes to detect it pumping out massive volumes of email. My solution, as I've stated several times, would be to disconnect the offending computer, and then fire them off a snailmail letter stating that they will not be permitted back until their computer is disinfected. But since that would cost them customers, no one will do that.
Can it scale? (Score:2)
So, all they'd have to do is to watch egress traffic, and if somebody was sending mail to, say, more than 20 different e-mail servers in the course of an hour (perhaps with a ramp-up capability), then suspect they're a spammer and either a) get them on a whitelist if they're not, or b) prevent them from sending more mail unless it's properly relayed.
Now, how do y
This has been going on for TWO years (Score:2, Informative)
Scroll down to the very bottom of that page. Notice the date.
about fucking time (Score:2)
Re: (Score:2)
I'm of two minds (Score:2)
I can easily understand the urge to disable as many bots as possible, particularly those that are making their network look bad.
At the same time, they're blocking legitimate accesses to legitimate services without even notifying their users.
I don't really mind that they're manipulating the machines given that they only affect owned machines.
This does seem to be a vigilante action, but it's not as if "legitimate" law enforcement seems to have any interest at all in catching cyber-criminals even when th
Re: (Score:2)
Tortious Interference (Score:3, Interesting)
"Tortious interference," is part of english common law roughly defined as the causing of harm by disrupting something that belongs to someone else. The original example was a guy who repeatedly drove ducks away from his neighbors' pond by firing a gun in the air on his own property.
So no, its not legal. But if you want to pursue it in court, you have only one of the weaker common-law torts to rely on.
Hijacking, and San Diego Cox Communications (Score:5, Interesting)
First, as a person who owns and operates many networks, I would be rather annoyed that someone has hijacked one of my domains, for any purpose.
To me, a domain name is the equivalent to a land deed, it's a peace of virtual real-estate. It's a representation and label identifying a group of IP addresses which may or may not be associated to a physical device or service. If I have a problem with some other network, I attempt to contact the powers-that-be of the offending network; in good faith, that they would be cooperative.
Now, I assume many offensive networks out there might not cooperate, or might think that what their network is doing is either legal, moral, or of no harm. Well... I do admit, I block all of APNIC to my mail servers, though, I do not service "customers" either. If I did, I would assume my customer demographic might include a need or desire for correspondence with those in APNIC, and permit the traffic. While I might, on case by case scenerios, filter a range of IPs known for SPAM or whatever, things I certainly wouldn't do is hi-jack a domain, and most disturbingly, attempt to execute code on a clients machine without direct consent for each instance, each time. Basically, what you're doing then is intentionally deceiving a computer system, breaking standards, breaking and entering said computer system, and influencing change which permanently alters HOW that computer operates. And, knowing the practices and the broad generalized sweeping tactics of Cox Communications (for example), I must say I do NOT trust what they MIGHT consider as "malicious" code to delete off my computer "at their whim".
If this becomes "legal", then what's to stop Cox Communications (for example), from considering my MP3s as "malicious or of questionable origin" and on behalf of RIAA, delete my mp3s? How are they going to know?
Now, on to San Diego Cox Communications. While I agree that if you are on someones network, you do what they say. However, as already implied above, if my intention is to provide "Internet Service", then I DO inherently forfeit some of that overall power. And Cox Cable, blocking incoming and outgoing ports is really not within their moral obligation to do so. Nothing illegal about them doing it, no doubt some here might agree with them. But, if I'm going to sell someone "Internet Service", as I have in the past, they get "Internet Service" in full. I don't want a parent above me, and most certainly, I should be allowed unaltered Internet Service from Cox Communications on request against the default safegaurds in-place for the sake of the laymen.
But, Cox Communications does NOT permit one to exercise all of the technologies available. They notoriously block ports, and muck with the traffic. Why? Who knows, and I don't mean to be elitist, but their explanations of some Windows worm really doesn't apply to my Linux box. Besides, if I was running Windows, I still wouldn't appreciate all the port blocking and crap. I'll handle that myself.
As a result, I refuse to use Cox Cable or Time Warners Road Runner services. (Aside from the fact I'm banned from San Diego Cox Cable's network for running VPN clouds on their network, among other things like DoS'ing everyone on my subnet to boost my download speeds...), I warmly welcome other high-speed services that do NOT play parenthood. Sadly, one practically has to purchase a "Business" line instead of a "Home" connection. So, that's in fact what I have so if I want to launch my own webserver/mailserver, SQL Server or whatever, it's simply a matter of just configuring and launching the daemon.
In short, I feel hi-jacking is wrong. And I feel that people should not use Cox Cable as they are the "AOL" of today anyways. Such actions are so typical of Cox Cable... it's truelly ridiculous.
Killing Fly with a Bazooka (Score:5, Interesting)
Transcript of IRC (Score:4, Informative)
irc.mzima.net. 300 IN A 70.168.70.4
Connecting to 70.168.70.4 (70.168.70.4) port 6667.
[JOIN] You are now talking on #martian_
[MODE] localhost.localdomain sets mode +n #martian_
[MODE] localhost.localdomain sets mode +t #martian_
[TOPIC] Topic for #martian_ is
[TOPIC] Topic for #martian_ set by Marvin_ at Tue Jul 24 09:48:56 2007
[TOPIC] Topic for #martian_ is
[TOPIC] Topic for #martian_ set by Marvin_ at Tue Jul 24 09:48:56 2007
[TOPIC] Topic for #martian_ is
[TOPIC] Topic for #martian_ set by Marvin_ at Tue Jul 24 09:48:56 2007
[TOPIC] Topic for #martian_ is !bot.remove
[TOPIC] Topic for #martian_ set by Marvin_ at Tue Jul 24 09:48:56 2007
[TOPIC] Topic for #martian_ is !remove
[TOPIC] Topic for #martian_ set by Marvin_ at Tue Jul 24 09:48:56 2007
[TOPIC] Topic for #martian_ is !uninstall
[TOPIC] Topic for #martian_ set by Marvin_ at Tue Jul 24 09:48:56 2007
!bot.remove
!remove
!uninstall
Thats it.
The Golden Rule (Score:3, Informative)
A good question. Let me check for you.... Hang on... looking up Time Warner's Bank Balance. Uh huh... HOLY COW!
In answer to your question, yes, DNS hijacking is most definitely legal.
This is the ISPs fault (Score:3, Informative)
Re: (Score:2)
This doesn't seem much different than blocking access to a mail server that is sending too much spam. Except they went one step further and redirected their customers to a site that fixed the problem.
The ISP hasn't done anything to the actual IRC site, just cut off communication with it because it is allowing itself (inadvertently) to assist in abusing the ISPs and it's customers.
Personally, blacklisting machines that have bots installed seems fine to me. Th
Re: (Score:2)
Re:AFT Defense/Offense Corporatist attack their en (Score:2)
Wow. That is one hell of a rant. Too bad it's just full of sticking points towards every group you hate. That adds nothing.
---If you want to win you must always be on the offense. Offense or Defense will always win a battle, but only offense can win the war.
Your key supposition is this.
What is winning to T
Re: (Score:3, Informative)
If you don't like the Cox DNS results, feel free to put another DNS server in your router or computer. Switch from dynamic DNS to static DNS and use some of the public DNS servers.
Here is a good place to start..
http://www.opennic.unrated.net/public_servers.htm
Treacherous Computing (Score:4, Interesting)
You've probably seen something similar when you have to install an ActiveX control in IE (for a bank, or Windows Update). It asks i) if you'd like to install it and ii) If you'd like to trust the publisher in the future.
The binary is cryptographically signed which assures the computer that it is a product of the authorised holder of a particular crypto key. MS already uses this scheme for device drivers on 64-bit versions of Vista - at present, it can be disabled by a technically oriented user, but there's no guarantee that ability will persist.
The downside is twofold - firstly, for this measure to have any teeth, you have to remove the ability of the user to ignore it. Secondly, it provokes ideas like Microsofts "Trusted Computing" initiative (aka "Palladium"), which hands over full control of your computer to a short list of people who know the secret keys embedded in your motherboard. The main motivator for requiring signed drivers in Vista is to prevent the loading of things like virtual devices which can be used to capture perfect digital copies of DRM protected media. A secondary consideration is quality assurance.
http://www.gnu.org/philosophy/can-you-trust.html [gnu.org]
At some point it is inevitable that MS operating systems will produce an API that permits calling programs to determine the presence of unsigned drivers or software, and refuse to perform certain functions (like playback of DRMed media). Heck, this shouldn't be hard to implement right now with a little effort. With TP, because the only trusted root certificates will be stored in inaccessible firmware, there will be no way for the user to sign drivers himself and mark them as trusted. Therefore MS (and anyone they care about pleasing) will be in control of what your computer can or cannot do.