Forgot your password?
typodupeerror
The Military The Internet

USAF Considers Creation of Military Botnet 440

Posted by CmdrTaco
from the all-to-steal-wow-gold dept.
sowjetarschbajazzo writes "Air Force Col. Charles W. Williamson III believes that the United States military should maintain its own botnet, both as a deterrent towards those who would attempt to DDoS government networks, and an offensive weapon to be used against the networks of unfriendly nations, criminal groups, or terrorist organizations. "Some people would fear the possibility of botnet attacks on innocent parties. If the botnet is used in a strictly offensive manner, civilian computers may be attacked, but only if the enemy compels us. The U.S. will perform the same target preparation as for traditional targets and respect the law of armed conflict as Defense Department policy requires by analyzing necessity, proportionality and distinction among military, dual-use or civilian targets. But neither the law of armed conflict nor common sense would allow belligerents to hide behind the skirts of its civilians. If the enemy is using civilian computers in his country so as to cause us harm, then we may attack them." What does Slashdot think of this proposal?"
This discussion has been archived. No new comments can be posted.

USAF Considers Creation of Military Botnet

Comments Filter:
  • by slackoon (997078) on Monday May 12, 2008 @12:31PM (#23379582)
    I'm all for the theory that if you attack us we will defend ourselves. The "you" in that sentence does not matter, in other words, if an ant bites us we step on it, if a dog bites us, we kick it and if an enemy country uses pereonnal computers to attack us, we use botnet.
    • by gnick (1211984) on Monday May 12, 2008 @12:57PM (#23380006) Homepage

      ...if an ant bites us we step on it, if a dog bites us, we kick it...
      I think you're over-simplifying. Your ant and dog are willing attackers. If civilians were volunteering their computers to participate in the attack, it's a no-brainer. In my opinion, civilians willingly participating in an attack are no longer civilians (military law and technical definition of "civilian" may differ - IANAL).

      However, most botnets are assembled from compromised computers belonging to people who lack the sophistication to properly secure them. That's a more complex issue - Maybe we go ahead and nuke their computers anyway, but it deserves more consideration than stomping on a hostile ant.
      • by Orange Crush (934731) * on Monday May 12, 2008 @01:43PM (#23380768)

        And most (real, not the jingoist xenophobic crap that passes for it now) threats to national security are surrounded by innocent civilians who lack the "sophistication" (or are just scared sh*tless) to overthrow an opressive regime themselves.

        Now, since we're not talking about injuring or killing people--just essentially jamming their net connection for a little while, and maybe messing up their computers--I'm much less concerned about "civilian casualties" of a botnet war. (That is, until the botnets send the robots to come kill us).

        A hostile ant isn't biting you because it's mean, it's instinct since you've been perceived as a threat to the colony. Hostile antbites also don't result in millions of dollars lost when mission critical infrastructure is brought down.

    • by boyfaceddog (788041) on Monday May 12, 2008 @01:05PM (#23380138) Journal
      Do you even know what a Botnet is?

      I can just hear the Pentagon tech-office now.

      TECH GUY 1: "Hey, we go this guy here who WANTS us to infect his PC with that Botnet thingy"
      TECH GUY 2: "Lemme check. [CLICKITY-CLICK] Nope, already got 'im"
  • I'm Suprised (Score:5, Interesting)

    by zehaeva (1136559) <zehaeva+slashdot&gmail,com> on Monday May 12, 2008 @12:31PM (#23379586)
    I'm Surprised that they are not doing this already. That begs the question, who's computers would host the bots? Patriotic Americans who allow the govt to install software on their machine to attack the enemy is all well and good but what happens when the alphabet soup figures out that the govt has software on most of America's PC's?
    • Re:I'm Suprised (Score:5, Insightful)

      by gunnk (463227) <gunnk@mailERDOS. ... u minus math_god> on Monday May 12, 2008 @12:34PM (#23379640) Homepage
      You hit the nail on the head!

      A botnet's great strength is that it is dispersed. House it only on military computers and you cripple it. Put it "out there" in some form, though, and you risk having the CNC reverse engineered and the botnet might suddenly "belong" to someone else.

      Bad idea.
      • Re:I'm Suprised (Score:5, Interesting)

        by OeLeWaPpErKe (412765) on Monday May 12, 2008 @12:44PM (#23379778) Homepage
        you risk having the CNC reverse engineered and the botnet might suddenly "belong" to someone else.

        Only if you're stupid and use symmetric encryption. Such a problem would most certainly not manifest with a distributed public-key encrypted network. Obviously this is an area where even good organizations and intellient people have been known to have made utterly stupid mistakes.

        But it is certainly possible to create an uncompromiseable botnet.

        Actually, to be honest, I'm really surprised such a botnet doesn't exist already. Oh well, perhaps it's just one of the better hidden ones.

        One thing bothers me about botnets though : they all seem to originate either in Russia or deep into China. Especially in China I find it very surprising that ip's closer to the command center of those botnets tend to trace deep inside China, and not to the coastal cities, where you'd expect the Chinese script kiddies to be.

        So aren't we just kidding ourselves that other nations don't already have these ? Storm might very well be Putin's botnet.
        • by Culture20 (968837)
          The thing about this proposed botnet though, is that its control nexus can be known. Part of the other botnets is that the controller wants to remain anonymous. The U.S. military won't care about anonymity. I'm not perfectly sure what this means in terms of security of the CNC, but my gut feeling is that it should make some part of the system easier to design.
        • Re: (Score:2, Insightful)

          But it is certainly possible to create an uncompromiseable botnet.
          <sarcasm type="heavy"> Right. Because there is such a thing as uncompriseable security.^lt;/sarcasm^gt;
        • by AndGodSed (968378) on Monday May 12, 2008 @01:27PM (#23380490) Homepage Journal
          and what will stop them from suddenly morphing and becoming an entity in and of itself? Did these people not watch the Matrix or Terminator???
        • Re: (Score:3, Funny)

          by dotancohen (1015143)

          Storm might very well be Putin's botnet.
          SELinux is the NSA's.

          OT: I no longer have the Ajax reply option, I'm back at loading a new page to reply. Does anybody else still have it?
        • Re:I'm Suprised (Score:4, Insightful)

          by RingDev (879105) on Monday May 12, 2008 @02:48PM (#23381824) Homepage Journal

          But it is certainly possible to create an uncompromiseable botnet.
          Sure, but for how long? An hour? A day? A week? A Month? A Year?

          Disregarding all political and ethical concerns about such a project, looking just at the technical:

          1) You have just made a military target for every would be hacker, script kiddie, federally funded cyber opp, etc... in the world to try to crack. Do you think China would just sit there and say "Eh, it's made by the US, it must be uncrackable, so we won't even bother". Of course not, they would set some serious resources aside to crack this thing.

          2) WHEN it gets cracked, and it will get cracked, you have just handed off control of your military owned botnet to the attacker. Depending on the nature of the botnet, and its deployment, you may have just handed over access to hardware on your networks.

          3) All security is vulnerable given a sufficient amount of time and money, and in this case it's not like people are going to be jumping up and down warning you that your security has been cracked (except perhaps a few MIT guys who are promptly arrested and shipped to GITMO as enemy cyber combatants). The only way to fight against this is constant development and deployment, continuous improvement and rotation ensuring minimal windows for any given attack vector. In addition to the pure strain on your development team such a challenge would present you also have the logistical nightmare of trying to keep all of your infected machines up to date, and the constant risk that every code change represents the opportunity for an untested bug to be released.

          This is one huge stinking pile of BAD IDEA. If the military really wants access to such a thing, their best option would be to find an existing bot-net operator out of Russia, or a disgruntled Chinese hacker and purchase attack time off of their bot-nets.

          Same reward, lower cost, lower risk, better option.

          -Rick
        • Re: (Score:3, Insightful)

          by nog_lorp (896553)
          For your botnet to be uncompromisable, you'd have to make it centralized, and that means you have a nexus point susceptible to DDOS attacks itself, which kind of defeats the purpose. If you want a formidable botnet, you are going to end up tracking hundreds of thousands of bots. AFAIK, the only botnets that have managed to grow to this size utilize P2P bots, which (I believe) will always be susceptible to malicious corruption.
      • Re:I'm Suprised (Score:5, Insightful)

        by CastrTroy (595695) on Monday May 12, 2008 @12:58PM (#23380008) Homepage
        The US military has bases all over the country, and even all over the world. Put 10-100 computers in at each military base to participate in the botnet, and you could probably have a pretty strong botnet.
      • Re: (Score:2, Troll)

        Two things: the government has so many computers it could have a fairly formidable botnet on its own. The second this is that, well, why not have it open source? Open the source and let everyone see what it can and can't do. The problem I see with that is that a quantum computer could overcome the encryption and doom us all...
    • Re:I'm Suprised (Score:5, Insightful)

      by apt142 (574425) on Monday May 12, 2008 @12:43PM (#23379754) Homepage Journal
      Why would they need to install them on civilian PC's? The US Gov't, unlike a lot of botnet creators, has a hell of a lot of funding. They could just buy a bunch of computers specifically for the task.

      Or, they could just take every computer that is upgraded/rotated out of a federal government facility and set it aside for this job.

      Or the US Gov't could just add a program to all of their active computers that relinquishes their idle time to the botnet. Sort of a militant version of Folding@home. (Civilians could even opt into this one.)

      Or they could do all of the above. They wouldn't need to touch a civilian PC to get a formidable botnet.
      • Re:I'm Suprised (Score:5, Informative)

        by hodet (620484) on Monday May 12, 2008 @12:48PM (#23379840)
        Isn't the strength of a botnet that it controls systems behind millions of different broadband connections? It's not the number of PC's that matter but being able to use the sum of all bandwidth available behind a gazillion connections. If the military spreads their botnet on 100,000 systems behind 1000 networks then that wouldn't be very effective.
        • Re: (Score:3, Insightful)

          by peragrin (659227)
          your quite correct but.

          If you linked up the FBI, CIA,and DHS windows computers you would have a pretty wide network. your not talking about a single point, your talking tens of thousands.

        • Re:I'm Suprised (Score:5, Interesting)

          by bill_kress (99356) on Monday May 12, 2008 @02:08PM (#23381182)
          Doesn't the US government already have monitoring at the choke-point of virtually every ISP? Equipment that undoubtedly has the ability to generate any number of packets, spoofing any source...

          Would that be enough?
      • Re: (Score:2, Interesting)

        by zehaeva (1136559)
        It would be more formidable with civilian computers, I would imagine that most govt computer systems are going through choke points to limit attack vectors. That should mean limited attack vectors out as well. You would get more distributed with civilian computer systems.
        • by apt142 (574425)
          Yeah, you would. What's to stop the US Gov't from tying into those civilian networks? The government already has a relationship to a number of ISPs for purposes of wiretapping and packet sniffing. What sort of agreements, financial or political, would have to be made to allow them to slip in their computers?

          Tin foil hats reasons aside, I don't think many ISP's would think twice at a chance to help the military.
      • Re:I'm Suprised (Score:5, Informative)

        by mckinnsb (984522) on Monday May 12, 2008 @01:29PM (#23380528)
        Actually - they would have to use civilian PC's in some manner , one way or the other, to be effective.

        Part of the strength - and 100% of the resilience - of a bot net lies in compromising trusted computers and networks. A bot net built on every army base in the nation would be within the governments military domain space, which would be really only trusted by those within the United States government itself.

        Overflowing computers in other countries via DDoS attacks could easily be thwarted by simply blocking incoming packets from those military bases - or all incoming requests from any US domain. If you tried to avoid this block by bouncing these packets somewhere along the way to the attacked computer from the US, then you are involving civilian computers somehow, foreign or US. So you risk bombing either a) US civilian computers , or b) foreign innocent civilian computers, since the military's traffic would have to go through some civilian computer at some point even if it was originally funneled through dark fiber (like Internet 2), and its well within the realm of possibility that the civilian computer would not be able to handle the incoming storm of packets before said storm got to it's intended target, so you would completely miss your objective while simultaneously tanking a potentially friendly system.

        You could build it without using a civilian computer, but you couldn't use it without effecting a civilian computer, and the odds of hitting an innocent would be huge. It sounds like they are considering "Counter DDoSing" people that attempt too "DDoS", which personally sounds like a really, really dumb idea. It could potentially cause a lot of collateral damage. Conventional military thinking does not apply analogously to the internet; you can return fire in real life, but returning fire on the internet isn't always a smart decision.
      • Re: (Score:3, Informative)

        They could just buy a bunch of computers specifically for the task.
        That's moving out of the definition of "botnet", though, and more into the definition of "legitimate cluster."

        And by the way, I really don't care what they do with their own funding, but they do NOT get to commandeer my hardware. So if it's a "botnet" in the traditional sense, then I say hell no!
    • by nizo (81281) * on Monday May 12, 2008 @12:43PM (#23379756) Homepage Journal
      Maybe they could outsource it?
    • Re:I'm Suprised (Score:5, Insightful)

      by iminplaya (723125) <iminplaya.gmail@com> on Monday May 12, 2008 @12:50PM (#23379888) Journal
      Patriotic Americans who allow the govt to install software on their machine to attack the enemy is all well and good...

      And it makes the civilian population a legitimate military target. A little like hiding the missiles in the churches.
      • by mi (197448)

        And it makes the civilian population a legitimate military target.

        No more so, than allowing a military commander to use your phone — or refrigerator. Your premises get "upgraded" from being "civilian" to "dual use", but none of America's real enemies today care for that fancy legal distinction anyway.

        A little like hiding the missiles in the churches.

        Not quite, not quite...

        • Re:I'm Suprised (Score:4, Interesting)

          by lucas_picador (862520) on Monday May 12, 2008 @02:21PM (#23381392)

          Your premises get "upgraded" from being "civilian" to "dual use", but none of America's real enemies today care for that fancy legal distinction anyway.

          This is a shocking statement, not only in its ignorance of current affairs, but also its shortsightedness. Read some military history and find out what happens to countries that declare that jus belli no longer applies to them. The US has always (until recently) adhered to international laws of war for very good reasons; this recent call to abaondon them is a terrifying development, because it invites atrocities against our soldiers as well as our civilian populations. This may not make a difference to terrorist groups who already ignore these distinctions, but if you think those are the only forces the US will face in the next 30 years, you are an idiot.

          The previous post was exactly right: when you recruit civilian computers to carry out military attacks, those computers and their operators become legitimate military targets. This is a terrible idea.

    • Re:I'm Suprised (Score:5, Insightful)

      by QuantumRiff (120817) on Monday May 12, 2008 @12:51PM (#23379910)
      Wouldn't it just be easier to "accidentally" anchor some navy ships in the wrong spot, and sever many of the connections to the area. We learned this last winter that you don't need to cut off areas, just make their working links so oversaturated that they are essentially worthless.
    • what this push for "America's Army" was all about.
    • Re: (Score:2, Funny)

      by Anonymous Coward
      Does that mean my computer can get a purple heart from being a causality during the internet wars?
    • They probably are. (Score:5, Interesting)

      by jd (1658) <imipak&yahoo,com> on Monday May 12, 2008 @01:25PM (#23380462) Homepage Journal
      Cyberwarfare is nothing new. To repeat an example I keep going back to, the Internet Auditing Project, they did talk about a successful attack on their system from a US Government agency via a cracked Australian computer. This is not the same as a botnet (hence the uncertainty) but the fact that they do already exploit vulnerable machines is a pretty good indication of the line of thinking they have been going on.

      But - and this is the important part - it is extremely unclear as to who the "they" are. The US Government is big, different departments have different policies and philosophies, what holds true for some branch A may not hold true for some other branch B, and so on. For example, I can't really imagine the regular US Army or Navy using a botnet. That's not, as a whole, their style. Remember, the US Navy is looking at semi-robotic next-generation Ironclads/Battleships with hundreds of missile launchers on each side. There is nothing subtle or stealthy about the Navy. Their sneers and jeers at Sweeden examining stealth ships is further evidence that these guys are about as subtle as a rocket-propelled 2x4.

      Now, what about other departments? We already know that there are departments that indulge in signals intelligence, electronic and cyber warfare, covert operations, and so on. By definition, we do not know what those departments are involved in, and by definition they would be unable to tell us honestly if they were - or if they weren't. That makes it easy to be paranoid, as there is no way of testing any speculation as to what they are doing. We might know in 50 years time, some secrets may be held back for 100, some secrets may never be known (documents lost or destroyed, for example, as happened in the My Lai warcrimes investigations). Paranoia is the antitheses of rational thought, and in matters in which limited (or zero) information exist, rational thought should be of paramount importance. Insanity helps nobody, least of all yourself.

      The evidence is slender, but is strongly suggestive one department already has backdoors on vulnerable boxes. After cyber-attacks elsewhere in the world, protective measures by the US will have increased, not decreased. Ethics aside, at least one military botnet under US control probably exists, as it probably does for Russia, China and probably other nations. I imagine, given the advanced education and the perceived need (it may also be a real need, but nobody acts on real needs they don't perceive as such) by Israel and India that they also have botnets. Britain's brain-drain has probably deprived it of too much talent at this point, but GCHQ and the various clandestine intelligence departments (we don't even know what departments there are - only two officially even exist, but at least one other has been officially mentioned) might have such a system in place, but more likely for intelligence purposes than for attack.

      But what about the ethical standpoint? Well, ethics covers a multitude of sins, and most people have different ethics, making any kind of rational ethical argument difficult. I will stick to one point alone, then, and it's not the obvious one concerning those running the botnets. It's the ethical consideration of running an insecure machine. If you are a patriot, is it not your duty to secure your computer? If you do not, then any (and possibly every) hostile power could - and probably eventually will - run a node of the botnet on your machine. If you are a sympathizer of a foreign power, is it not your duty to secure your computer? If you do not, then your country could - and probably eventually will - run a node of a defensive botnet on your machine. If you are apolitical, then is it not your moral duty to secure your machine, so that nobody can abuse your facilities for their political purposes? If you're an anarchist, isn't it politically unacceptable to allow a government to maintain/impose order through you?

      In short, it is unethical to leave your machine insecure, no matter what your political stance. No matter w

    • Re:I'm Suprised (Score:5, Insightful)

      by Deanalator (806515) <pierce403@gmail.com> on Monday May 12, 2008 @02:19PM (#23381356) Homepage
      Military botnets are a dumb idea. Botnets serve two main purposes.

      1. DDoS
      2. mail relays

      The value of a DDoS network is proportional to the total bandwidth of syn packets it can send. Why would the military need to take over smaller hosts when they have direct access to routers high up on the backbone of the internet?

      As for number 2, I doubt the military has much need for mail relays.

      What they really need is not a botnet. They need a list of foreign machines that they can bounce attacks through. It's been shown that titan rain was using compromised machines in Korea when they pulled the data from Germany (whether titan rain is considered a military unit is still up in the air).
  • Wait What?

    If the enemy is using civilian computers in his country so as to cause us harm, then we may attack them.
    Wouldn't this work both ways? Wouldn't the USAF be doing the same thing?
    • Re: (Score:2, Insightful)

      by chalkyj (927554)
      What makes them think that botnet will be made up of computers located in some other country in the first place? As I remember, a massive proportion of infected computers in existing botnets are in the US. Quick, lets attack our own computers!
  • Hmm? (Score:5, Insightful)

    by Kingrames (858416) on Monday May 12, 2008 @12:32PM (#23379596)
    No good can come of this.

    A botnet is like a disease. Not a bomb. Deliberately infecting your own computers is a horrible idea.
    • by localroger (258128) on Monday May 12, 2008 @12:42PM (#23379732) Homepage
      ...disease pathogens. Oh wait...
    • by Tmack (593755) on Monday May 12, 2008 @01:27PM (#23380492) Homepage Journal
      Really... if they wanted to launch a massive distributed attack, why not just deploy specially designed devices that can spew the specific packets needed to the major POPs around the country (or even covertly in international POPs). Why waste computer resources when you can design something for a specific military goal. Do we see the infantry driving around in a bunch of ford escorts to attack the terrrrrists? Generally no [ewarbirds.org]. They have the budget specifically for stuff like this, and it makes more sense to develop and deploy something like this at the edge, so it doesnt cause collateral damage to our own network, and truly only targets the intended. The NSA has already been snooping almost ALL traffic with their secret rooms [spamdailynews.com], why not use similar to spoof traffic from ALL locations? And since a botnet is mostly just mindless crafted-packet spewage, a packet generator would be much more efficient than hijacking or deploying the thousands of computers that would be equivalent. Stick one one in each of the secret rooms, attached to the backbones, and let it flood the pipe with DDOS or whatever it is DARPA or whoever had this bad idea had in mind.

      It sounds like some jr highschool kid's idea. What is the military going to do, call up Kim Jong-il and say "ke ke ke PW0n3gE! How you liek the intrnetz n0w? bizatch."? If someone is "attacking" us via the internet, there is a much easier solution: block their traffic, null route their netblock, or even just "drop anchor" [abc.net.au] on their cable.

      tm

  • The path... (Score:2, Insightful)

    by FrankSchwab (675585)
    Let's see...
    It's a military necessity to have a botnet...so it will become my patriotic duty to allow their malware to reside on my machine. AV will be modified to not report it's existence. I will have no control or knowledge of what it's doing, or what it's reporting.

    Then, those in charge of the program will complain that the citizen's computers are "unreliable" - they get turned off, are filled with competing malware, etc. So they will let a contract to Grumman or Lockheed for 10 million computers, to
    • Re:The path... (Score:5, Informative)

      by CogDissident (951207) on Monday May 12, 2008 @12:41PM (#23379712)
      Read the article. And don't mod people insightful before reading the article yourselves!

      It specifically states, in no uncertain terms that they will only use USAF computers for this. And that it will be a way to use retired computers from other sections of the government that would normally be slated for destruction.
      • by Gordonjcp (186804)
        It specifically states, in no uncertain terms that they will only use USAF computers for this.

        Yeah, that sounds like a good idea. Watch how with a single rule the whole of the USAF network gets nullrouted from the rest of the world.
  • New laws (Score:2, Interesting)

    by pvt_medic (715692)
    Sounds like the Geneva convention needs to be updated to include technological attacks.
    • Re:New laws (Score:5, Insightful)

      by halivar (535827) <bfelger@gmai[ ]om ['l.c' in gap]> on Monday May 12, 2008 @01:25PM (#23380458) Homepage
      Oh, please. Having your HDD screwed with is not a human rights violation. The purpose of the Geneva convention was not to outlaw everything that can hurt you. It was conceived so that the slaughter of human beings on a massive scale would be conducted with some sort of decorum... like not chemically flaying people alive and making their eyes explode.

      You got a virus on your computer? Cry me a river.
  • by gbjbaanb (229885) on Monday May 12, 2008 @12:33PM (#23379624)
    You have 4 windows updates to install:

    Security hotfix for XML services KB0453456
    Security hotfix for Windows
    Microsoft Silverlight
    US DoD anti-terrorist cyberwarfare battle attack bot v3.1

    Do you think they really wouldn't do it?

  • by Anonymous Coward
    One day this botnet will become self-aware...
  • lol (Score:5, Funny)

    by Anonymous Coward on Monday May 12, 2008 @12:35PM (#23379660)
    We must not allow a botnet gap!!
  • by Ice Tiger (10883) on Monday May 12, 2008 @12:37PM (#23379668)
    "If the enemy is using civilian computers in his country so as to cause us harm, then we may attack them"

    It might be found that the enemy botnet just doesn't respect political borders and will be using machines within ones own country. What happens then?
    • by oodaloop (1229816)
      Which country? That would be China, my friend. DoD gets thousands of attacks from China a day and they've trainined millions in various forms of cyber warfare. We are already at cyberwar with China. If botnets are our defense, I say fire em up.
    • Does it really matter? So, say it's some stateless, even goal-less entity that just wants to cause chaos. It doesn't really matter, they attack us, we have to defend ourselves. It doesn't matter if that's on a computer network or in a jungle. And in a military context, defending yourself includes several offensive options.

      In Vietnam, do you think guys in the jungle gave a damn if the guy they couldn't see who shot at them was Vietnamese Army, Viet Cong, or just some farmer firing at him? No, offensive
    • by Culture20 (968837) on Monday May 12, 2008 @01:19PM (#23380332)
      If the U.S. government starts targeting botnet clients within U.S. borders, I say it's a good use of my tax dollars.
      Even better if they can provide educational public service announcements about computer security.

      Remember: Only you can prevent firewire.
      This is your computer. This is your computer in a botnet.
      Got v146rA? ....Please, buy your pharmaceuticals from a pharmacy, not junk email.
      • Re: (Score:3, Funny)

        by Zak3056 (69287)

        Remember: Only you can prevent firewire.
        This is your computer. This is your computer in a botnet.
        Got v146rA? ....Please, buy your pharmaceuticals from a pharmacy, not junk email.

        I just got a disturbing image of R. Lee Ermey chanting, "This is my PC, this is my Mac!"

  • Somebody needs to correct this! It's even the Air Force, just like in movies.
  • ..is that creating a botnet is a fundamentally offensive tactic. If you're compromising computers to use for "defensive purposes", then you're launching a preemptive attack, which would make the US the aggressor. Unless you think somehow you're going to convince me to put your crappy malware on my machine, in which case you're sadly mistaken.
  • The U.S. will perform the same target preparation as for traditional targets
    I wonder why that doesn't seem the least bit reassuring to me...
  • by EdIII (1114411) * on Monday May 12, 2008 @12:37PM (#23379676)
    So.. Ummm... Does this mean that Microsoft has retroactively become a military "equipment" provider?

    Ahhh.. That felt good. Mod away :)
  • where can i get some (Score:5, Interesting)

    by FudRucker (866063) on Monday May 12, 2008 @12:38PM (#23379686)
    if China or Iran or some other enemy country wants to attack the USA and the US government wants to start a botnet let me know i have 2 PCs on 24/7/365 on cable broadband, i will volunteer my PCs to work for the US Government as part of a botnet, Bush may not be my favorite president but i am still an American and know what side my bread is buttered on (just make a Linux version too)...
    • by nizo (81281) * on Monday May 12, 2008 @12:46PM (#23379806) Homepage Journal
      You think Comcast had a cow about downloading movies, just wait until they see the traffic our government botnet generates.
  • by hoshino (790390) on Monday May 12, 2008 @12:38PM (#23379698) Homepage
    "USAF Considers Creation of Military Botnet"?

    The views expressed here are the authorâ(TM)s own and do not necessarily reflect those of the Air Force or Defense Department.
    Me: I like vanilla ice cream
    Slashdot: Internet Ranks Vanilla as the Best Ice Cream Flavour Ever
  • by The Iso (1088207) on Monday May 12, 2008 @12:42PM (#23379740)

    The U.S. would not, and need not, infect unwitting computers as zombies. We can build enough power over time from our own resources.

    Rob Kaufman, of the Air Force Information Operations Center, suggests mounting botnet code on the Air Force's high-speed intrusion-detection systems. Defensively, that allows a quick response by directly linking our counterattack to the system that detects an incoming attack. The systems also have enough processing speed and communication capacity to handle large amounts of traffic.

    Next, in what is truly the most inventive part of this concept, Lt. Chris Tollinger of the Air Force Intelligence, Surveillance and Reconnaissance Agency envisions continually capturing the thousands of computers the Air Force would normally discard every year for technology refresh, removing the power-hungry and heat-inducing hard drives, replacing them with low-power flash drives, then installing them in any available space every Air Force base can find. Even though those computers may no longer be sufficiently powerful to work for our people, individual machines need not be cutting-edge because the network as a whole can create massive power.
  • ... If the enemy is using civilian computers in his country so as to cause us harm, then we may attack them.
    So... if the enemy is using civilian computers in our country... will the USAF still take them out?

    What if these computers (in our country or another, third country) are running critical infrastructure? Or are essential to a hospital, school, or business?
  • ...would it be illegal to take anti-botnet measures, such as running rootkit revealer on your own machine and wiping the infection? Or would that get you swimming lessons at Gitmo?
  • by meisenst (104896) on Monday May 12, 2008 @12:45PM (#23379784) Homepage
    ... the government decides to turn this botnet against the civilian population in some way?

    I mean, at some point (if I recall correctly, I am not American, I am Canadian), there were laws created saying that Americans have the right to arm themselves in case their government turns against them. Does that include the case of computer warfare?

    What would happen in the case of other countries that this botnet could be used against? Would that be considered an act of war?
  • by nick_davison (217681) on Monday May 12, 2008 @12:46PM (#23379802)

    "But neither the law of armed conflict nor common sense would allow belligerents to hide behind the skirts of its civilians."
    Remember that much celebrated tea party in, where was it, Boston? The one where none of the protagonists war uniforms or abided by the laws of armed conflict and then slipped back in to the public masses? The one where, today, the U.S. would classify them as illegal combatants and deny them access to any legal protection?

    The one where the superior military, that could crush its opposition anywhere they stood and fought, couldn't defeat an army that kept slipping in to the countryside?

    The one where the "evil" greater power could be demonised every time they caused collateral damage or took reprisals on the people the weaker force hid behind?

    The one where the great general George Washington brilliantly used geurilla tactics to make up for never having more than 17,000 men in the field at any one time?

    The one where, soon after winning its largely guerilla war, they wrote the second ammendment to their constitution to enshrine the right to that kind of combat?

    The one where the larger but distant power regarded the attacks on its own holdings as terrorism - the term just wasn't widely used yet?

    It's ironic that a nation formed on, and celebrating in its constitution, the principles of armed insurrection, guerilla warfare and terrorism when it was the weaker power gets its panties in such a collective bunch when people do exactly the same thing that worked so well for it back again.

    Remember: If you win and you're powerful enough to write the history, it's noble. If you lose, it's evil terrorism. Until it's decided, which one it's viewed as simply depends on which side you're on.
    • This really shouldn't be modded troll. On a sidenote, I've always wondered how the history of the Revolutionary War is taught in the UK.
    • by bendodge (998616) <bendodge.bsgprogrammers@com> on Monday May 12, 2008 @01:53PM (#23380928) Homepage Journal
      The Revolutionary War had clear aims and objectives (self-government and independence) and tried using normal negotiations first (Olive Branch Petition). Americans were not running into Britain to blow things up, they were not using random people as human shields, they were not kidnapping British civilians, and they were not using a radical religion as justification (most of the Founding Fathers were Deists).

      The basis of the American Revolution was "no taxation without representation". The basis of the whatever-you-call-it the Muslims are doing is "Jews are dogs and America is the Great Satan".
      • by nick_davison (217681) on Monday May 12, 2008 @08:52PM (#23386336)
        Lack of/biased reporting on their goals doesn't equate to their not being any.
        • They'd really like Palestine back how it was.
        • They'd really like [essentially] occupying U.S. troops out of Iraq.
        • They'd really like the U.S. to stop imposing Western [semi agnostic] Christian values on Eastern Muslims.
        • They'd really like U.S. troops out of bases in places like Saudi Arabia as part of that.
        • They'd really like to stop having their culture threatened by Western culture in pretty much the same way a lot of Americans get upset when their culture is threatened by Mexican culture.

        I'm not going to pass judgment on whether those goals are "right" or "wrong." (Actually, arguably, such struggles almost always break down to both sides doing a lot of "wrong" things and ignoring their own wrongs, focusing on the others' to justify even more of their own.)

        There are those who can dismiss them as wrong just as there are those who can dismiss the justifications for the American struggle for indepedence as wrong if they're determined enough.

        Yes, it can be argued that it's mostly about a few cynical Muslims whipping up hatred so they can consolidate power far more than it's about the above stated aims. Then again, the same argument can be made that the stated aims for American independence were very different to the argument it was really about rich white slave owners, who'd taken the land from the native people, wanting to pay less tax and whipping up populist sentiment to ensure they got it.

        Again: Just because the goals get a fraction of the attention "OMFG TERRORISTS!" gets on the nightly news, it doesn't mean there aren't any.
      • Re: (Score:3, Interesting)

        by meringuoid (568297)
        Americans were not running into Britain to blow things up, they were not using random people as human shields, they were not kidnapping British civilians

        Tell it to John Paul Jones the pirate, arsonist of Whitehaven, who attempted to kidnap for ransom the Earl of Selkirk, and on failing this proceeded to rob his house. Of course Americans remember this nautical terrorist as a hero.

    • Re: (Score:3, Insightful)

      by King Louie (211282)
      Historical perspective, indeed. Your comparison between the American Revolution and modern terrorists suffers from some fatal flaws, among them:

      - American revolutionaries may have blended in among the civilian population while not fighting, but they did not hide behind the civilians while in the act of attacking. Modern terrorists often deliberately launch attacks from locations that are surrounded by civilians in the hope of incurring embarassing collateral damange when the target counter-attacks

      - While ma
  • ... that the only way to fight a network is with another network. Do they really have any other choice?
  • Given their track record, once the botnet comes online I give them three months tops before someone else hijacks it and uses it to drop US gov't websites just to show them it can be done. Watch as they scramble to bring even more offensive capabilities online in response to the demonstration.

    Hahaha... welcome to the digital cold war.
  • by AmiMoJo (196126) <(mojo) (at) (world3.net)> on Monday May 12, 2008 @12:50PM (#23379874) Homepage
    In a traditional war, the idea is that the US could win by having a larger, better equipped and high tech army. Of course, it doesn't always work in places like Iraq or Afghanistan, but that's the theory.

    On the internet, small groups of individuals can wield as much power as the US armed forces could hope to. Massive botnets are hardly new.

    Also, how exactly would targeting infected civilian PCs help? The first 'D' in DDOS stands for "distributed", i.e. blasting PCs off the internet one at a time isn't going to help much.
    • Re: (Score:3, Insightful)

      by eagl (86459)
      Dismantling botnet clients is one possible use of a military botnet. Assume a hostile botnet has 1,000,000 computers, and 100,000 military computers are used. That means each military botnet client only has to disable 10 hostile clients. And the military clients are behind generally robust firewalls making counterattacks difficult without first compromising the entire .mil infrastructure.

  • by eagl (86459)
    I don't seem to have much sympathy for people who's computers have been compromised any more than I have sympathy for drunk or reckless drivers who get into car accidents.

    It would be nice if the response would be to either remotely eradicate botnets through antivirus or other "friendly" measures, and at least it would be nice if the response gave the user some clue why their computer no longer works. Something like a blue screen with the message "your computer was compromised and was part of botnet [insert
    • Re: (Score:3, Informative)

      by eagl (86459)
      To clarify - the "military botnet" in the article uses computers owned by the military, not unsuspecting civilian computers. That's the FUD part, people equating botnet with the computers of unsuspecting people who aren't competent enough to protect their computers from compromise.
  • Uh, guys... (Score:4, Funny)

    by fuzzyfuzzyfungus (1223518) on Monday May 12, 2008 @12:54PM (#23379942) Journal
    Even if true, the assurance that all the usual standards will be upheld in choosing targets to attack just isn't all that reassuring. Building a botnet means attacking systems. Lots and lots of them. In order to be effective, a botnet has to be widely distributed and scattered amidst legitimate systems, otherwise you can just ignore it. Building a botnet would mean compromising a metric fuckload(possibly an imperial fuckload, depending on the department and contractor in question) of individual and business machines. Using domestic computers for this purpose had better be illegal, and even if it isn't, tolerating vulnerabilities in domestic systems just to build a botnet is lousy security policy. I suspect that our allies would not be happy to hear about us trying it on their citizens and our enemies might well raise a serious diplomatic stink about it.

    Knowing us, of course, we'll probably take the even less palatable option and hire scummy contractors and subcontractors to do it. How could a DoD/Raytheon/Ukrainian Mob joint venture with a giant black budget possibly go wrong?
  • Don't be silly... (Score:5, Insightful)

    by FrankSchwab (675585) on Monday May 12, 2008 @12:56PM (#23379994) Journal
    A botnet succeeds in DDOS because it's able to leverage the bandwidth of 10's or 100's of ISPs to overwhelm the resources of the 1 ISP or server that a site is hosted on.

    For a US Military operation, you wouldn't bring the headache of maintaining 1,000,000 crappy old PCs stuffed in unused closets to bear on the problem. You'd build big machines, and you'd locate them on major backbone networks. When it came time to bring a little DDOS to bear on the enemy, you would have your big machine fire packets. It could spoof IP addresses as it wished; it could use yours, and you wouldn't even know it!

    No one other than the technicians on the backbone could tell the difference between this and a hacker's botnet. But it would at the same time be much larger scale, cost more, and be theoretically more efficient - all positives in the military contracting arena.

    • Mod parent up. (Score:4, Insightful)

      by khasim (1285) <brandioch.conner@gmail.com> on Monday May 12, 2008 @01:14PM (#23380248)
      Yep, that's the logical way to do it.

      The problem is that this is an illogical response. What are they going to actually do with this patriotic attack system? DDoS a zombie? A few zombies? A hundred zombies?

      At some point, the battle becomes worse than the attack. The attacker has thousands (hundreds of thousands? a million?) zombies. What use is "attacking" them like this?

  • We could build a voluntary enrollment bot net that could be loaned to the government in time of crisis. Other times we could use it for basic research or rent it out for LEGAL super computer use.
    It might also come in handy for keeping our own government under our control in case some over zealous patriot gets their hands on the military's control equipment.
  • How long would it take to design and deploy something like this as a government driven project. Maybe if they would write it in Ada....
  • This is absolutely the definition of a weapon of mass destruction.

    "If the botnet is used in a strictly offensive manner, civilian computers may be attacked, but only if the enemy compels us."

    In other words, there will be massive civilian collateral damage that we can't control. It's the electronic equivalent of nuclear, chemical, or biological warfare. How wonderful.

    Bill Joy's excellent (albeit dystopian) article "Why the future doesn't need us" talked about this. He said "Thus we have the possibility not j
  • by Dekortage (697532) on Monday May 12, 2008 @01:02PM (#23380082) Homepage

    It seems like the author wants to run a legal botnot from military computers around the world, as a way to respond to attacks. That's fine, but since criminal botnets are distributed among computers around the world, some of the attacking computers will be from allied countries. Heck, some of them may be the very same military computers that are part of our botnet. The author writes about attackers spoofing IPs to appear to come from friendlies, but what if the computer is actually a friendly that has been zombied? That's where other "intelligence" sources comes in, I suppose, but I am skeptical that the attacker could be accurately identified quickly enough.

  • by Glock27 (446276) on Monday May 12, 2008 @01:02PM (#23380086)
    Army and Navy will want botnets too! Seriously, cyber warfare will be a big issue of two high-tech countries ever go to war against each other again... ;-)
  • by chiph (523845) on Monday May 12, 2008 @01:03PM (#23380116)
    How will they ensure that they're only enlisting US-based computers?
    The geo-location algorithms are only so accurate.

    Chip H.
  • Next up: USAID -- the United States Agency for International Development -- will begin funding for Internet cafes in developing countries. "Really, we are only trying to advance their economic and technological potential!"

    Hmm... can you install a bot zombie on an OLPC?

  • Wouldn't it just be easier to install this sort of thing directly at outgoing US cables? Instead of pumping a bunch of crap across the domestic lines, why not just spew it at the border?
  • The next thing you know its going to be the Nato-net and the Comu-net.
  • What sane person would even think of letting our military (but god bless the soldiers, wave the flag now, sing the anthem etc...) -or any other acronym based "service/agency" for that matter- do something so dangerous to the common U.S. citizen John Q. Public?

    Why don't we just let the government blatantly spy on us, arrest us without warrants? Or make a mockery of our constitution? Ohhh sh.. wait they already did and are! If the people have the government they deserve. It seems that "we the people" are not
  • Yeah, let's ratchet this one up. They have bots, now we must have bots. Our bots will be better than their bots. Our bots will wreak havoc on their stuff.

    Next will be mutually-assured folder deletion, e-commerce tracking (we must find terrorists, after all, will be the mantra), and the military's machines will crawl to a halt because the bots will take over the CPU strokes in the machines.

    I can see a command that governs bot defense and blocks at NAP points. Otherwise, it's another arms race.
  • T3? (Score:2, Funny)

    by WoodburyMan (1288090)
    Whoever decided this DID NOT see Terminator 3.... Skynet = large botnet! It will turn on us!! AHH
  • by mlwmohawk (801821) on Monday May 12, 2008 @01:14PM (#23380262)
    Hey, while I think the current administration is repugnant and creates military enemies out of greed, and regards government and the military as nothing but a means to a financial end, I have to say I still think the military fights for the nation, and sometimes, must follow a corrupt president to prevent constitutional destruction. Honor our troups and all. I agree with it. These guys do their duty regardless of the ahole in the whitehouse sending them heaven knows where to fight for oil.

    That being said, China, Iran, etc. have nothing on patriotic americans. Americans will do what they think is right and good for the country when ever asked to do so. The current problems with the U.S.A. are about what "right and good" are, not about whether or not to do it.

    We don't need a botnet. Just tell america why it "right and good" to do something, put proper protections and limitations in it to ensure that the wrong people don't exploit your patriotism and it will happen.

    I know that is naive, but part of me still believes that America has a noble streak that lately has been obscured by corporate greed.
    • Peace through superior botpower.
    • Mutually assured DDoS.
    • An Army of (log2 n).
    • Byte my shiny metal ass!
  • Sign of a new era? (Score:3, Interesting)

    by BobMcD (601576) on Monday May 12, 2008 @01:49PM (#23380860)
    I imagine this as a large box, labeled 'Pandora', with a huge red 'open me' button on it...

    To date, warfare is warfare. We have guns and bombs, planes and ship and tanks, etc, to fend off similar threats. But that's essentially the limit. We do not, as far as I am aware, have any non-military weapons in the hands of the military.

    This proposal seems to insinuate that the military should be welcome to consider non-gun, non-bomb, non-traditional methods of securing American interests.

    Correct me if I'm wrong here, but I'm fairly certain there's no Constitutional provision for this... Likewise, if there WERE such a creature, wouldn't if fall into the hands of the executive branch, rather than the military? CIA seems a more likely candidate for such a program, were it designed for attack - a pure-defensive option would be within the hands of DHS, via the FBI, or some such.

    Since we're entering new realms of thought here, what OTHER types of attacks are acceptable additions to our military's arsenal? In fact, are there any that are off-limits at all?

    Economic weapons? Would it be permissible for the US military to buy out enough of 'X' to cause the economy of an enemy to fail?

    Cultural? Carpet-bombing bibles, blue jeans, and Britney Spears?

    Agricultural? Secretly infect the fields with weeds rendering crops far more difficult to grow? Or perhaps poison the gene pool of whatever the enemy is producing?

    These are SILLY examples, I'll admit, but to me the notion of the military being the stewards of the internet is equally as silly...

    I wish we were a better nation. I wish we'd turn the other cheek on stuff like this, all the while keeping up international pressure for others to do likewise. Sure, sure, China, Russia, blah blah blah. No amount of what the neighbor is doing makes this acceptable to me.

    In my humble opinion, some things should be hands-off to the military, just as their planes, tanks, and ships are hands-off to the rest of us...

"Never give in. Never give in. Never. Never. Never." -- Winston Churchill

Working...