Symantec Wants To Use Victims To Hunt Computer Criminals 139
Hugh Pickens writes "Business Week reports that security experts plan to recruit victims and other computer users to help them go on the offensive and hunt down hackers. '"It's time to stop building burglar alarms to keep people out and go after the bad guys," says Rowan Trollope, senior vice-president for consumer products at Symantec, the largest maker of antivirus software. Symantec will ask customers to opt in to a program that will collect data about attempted computer intrusions and then forward the information to authorities. Symantec will also begin posting the FBI's top 10 hackers and their schemes on its Web site, where customers go for software updates and next year the company will begin offering cash bounties for information leading to an arrest. The strategy has its risks as hackers who find novices on their trail may trash their computers or steal their identities as punishment. Citizen hunters could also become cybervigilantes and harm bystanders as they pursue criminals but Symantec is betting customers won't mind being disrupted if they can help snare the bad guys. "I'm convinced we can clean up the Internet in 10 years if we can peel away the dirt and show people the threats they're facing," says Trollope.'"
The World is America? (Score:4, Insightful)
How many of these scams and hack originate in the US anyway? Will their customers really have information to share?
Re: (Score:2)
@flymolo: "How many of these scams and hack originate in the US...?"
Probably at least as many as originate in China and Russia.
Re:The World is America? (Score:5, Insightful)
And the countdown to a DOS via spoofing a report to symantec of malware propogation..... Begins.
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
SANS points to top IP addresses. According to TFA this is supposed to point to top hackers. I have some doubt about that, but if it was true it would be much more useful.
Re: (Score:2)
I've had one intrusion so far. I found out the IP address the attack came from, and then got the domain name.
The domain name ended with ".ro". Now what? I'm supposed to go to Romania and hunt somebody down?
Re: (Score:2)
And even if the hacker is in the US, getting law enforcement cooperation to get logs from that hacked box will be nigh impossible.
Re: (Score:3, Insightful)
How many of these scams and hack originate in the US anyway? Will their customers really have information to share?
Lots actually. If I wanted to hack you my first step is to hack someone in a country where their police can't be bothered to look nor cooperate. Next, I launch the attack on the local USA target using the foreign system as a proxy. Some who do this even work for the same company. I have no way of qualifying this, but I am sure it is a major constituent of "foreign" hack jobs.
More sophisticated hackers might use 2 or more proxies making it a real PITA to chase them. But sloppy ones with savvy security t
Re: (Score:2)
Sure they will "originate" in the US... And the "hackers" will act as if they knew nothing and were just a mom and some small children, who got her computer hack. But we will put them to justice, and not look at those pesky fake trojans on her computer!
Hmm, tip line? Vigilante? or just more info? (Score:2)
And everyone will live happily ever aft
Re:Hmm, tip line? Vigilante? or just more info? (Score:5, Insightful)
The example in the article is even misleading, since it was a Facebook account that was hacked, who knows if the hackers ever touched the system of the user. He may have just used the same password too many places. I'd assume Facebook isn't using Norton Internet Security, so I'm kind of wondering what cases this will really make a difference in. Most worms/viruses even don't come from the creator's PC, but infected zombies.
vigilante@home (Score:2)
Hey, so this is like those cure-cancer protein folding things, or like the original find-an-alien-civilization SETI project, except where it's recruiting people to become cyber vigilantes with their spare computing cycles. Awesome! I want to get my computer infected just so my employer's favorite documents can be snagged AND my daughter's school project can be shredded AND I can be implicated in a giant DDoS zombienet counter-attack scandal too. Sign me up!
Re: (Score:2, Funny)
-- Name: Grandma
-- Data stolen: pictures of cats
-- Underwear size: enormous
-- Thank you for your support.
Re: (Score:1, Interesting)
Re: (Score:1, Insightful)
Re:such a john wayne (Score:5, Insightful)
1. Users are mostly idiots. An educated idiot is still an idiot.
2. Despite lame excuses about "market share" that MS uses for their frequently exploited vulnerabilities, there isn't a system that CANNOT be hacked.
3. The best standards and coding practices can probably only hope to reduce exploits by about 80 to 90 percent.
4. Damn good idea. Next time you meet a marketer, shoot him. We don't need his genes in the pool.
Re: (Score:2)
2. Despite lame excuses about "market share" that MS uses for their frequently exploited vulnerabilities, there isn't a system that CANNOT be hacked.
Define hacked. My ROM based computer is pretty damned immune to being hacked, in the traditional definition of the word.
Re: (Score:2)
Unless your talking about an Amiga or something, where viruses spread on floppies. Even if you rebooted from ROM, as soon as you put in the floppy, you have your virus again.
Re: (Score:2)
Well, i was actually thinking of my Atari ST ( with applications on cartridge ), but there are thousands of embedded machines that boot from ROM that run anything from DOS to QNX.
You can even buy ix86 style motherboards with linux in ROM.. or just boot off a CDROM or read only flash usb.
And depending on how you manage your PC, having infected floppies wont matter much. ( and what is a floppy? :) )
If 'a minimal OS' isn't your thing, you could run a VM and restore it from snapshot every time you 'reboot' it.
Re: (Score:2)
Even a ROM system could be hacked if there were vulnerabilities. Consider an embedded Linux system that uses a flash disk that is hardware write protected. You aren't going to write to that flash disk no matter how hard you try but the kernel does need scratch space and that's going to be a ram disk. So you could temporarily infect the ram disk but as soon as the reset button is pressed your back to running normal again. But plenty of hardware devices today need some type of writable space to hold settings
Re: (Score:2)
Hacked, in the context of TFA, and in the context of my post, would mean "exploited for the purpose of gaining valuable information and/or taking advantage of exploits on other computers".
I think it's fairly safe to say that any machine capable of browsing the internet can be taken advantage of, by one means or another. A ROM based machine may not be capable of hosting a trojan, virus or worm between boots - it is still a potential target for social networking, man in the middle, and other attacks. Boot u
Re: (Score:2)
My definition is more of a long term thing, which would be negated if i reboot every day, or before i did something 'sensitive'.
Re:such a john wayne (Score:4, Interesting)
A recent paper [ucsd.edu] reports on hacking a voting machine that could only execute out of ROM. Interesting paper. I hadn't read about the technique they used before--it's quite ingenious. Turns out, being ROM-based didn't make it unhackable at all.
Re: (Score:2)
Well, sure, if you have physical access anything is possible.
Re: (Score:2)
Re: (Score:2)
2. Despite lame excuses about "market share" that MS uses for their frequently exploited vulnerabilities, there isn't a system that CANNOT be hacked.
If we leave exploits till later, it is perfectly possible to run a completely sure OS by requiring all code running on the OS be signed so malware simply can't exist.
3. The best standards and coding practices can probably only hope to reduce exploits by about 80 to 90 percent.
The best security standards can make 99% of exploits pointless, if the browser tab only exists while rendering a page and is separated from all other pages, and the browser itself can only access files (other than those it needs) through an external file dialog, similar logic applied to all programs.
While 2 would severely cripple the OS and 3 w
Re:such a john wayne (Score:5, Funny)
Hack mah abacus, n00b!
I kick the table your abacus is on causing the beads to shuffle about randomly.
next.
Re: (Score:2)
Thats only a DOS attack, its not exploitable, thanks to stack protection in the kernel.
Re: (Score:1)
Re: (Score:2)
The Klein attack [kleintools.com] works quite satisfactorily on a wire and bead construction.
Re:such a john wayne (Score:4, Interesting)
1. Impossible. There is no way to both have "computing for everyone" and have educated users. Users are going to be, well, users always.
2. Sorry, not really possible either. If I can convince the user to run a program, grant security authorization to this program and do whatever it takes to take over their computer, the operating system is irrelevent. And yes, we are there today. Windows is plenty secure but it, as Linux does, requires an Administrator. When that is the "user" you no longer have security.
3. The criminals aren't interested in having their code reviewed.
4. I'm glad we have some unrealistic utopian folks here. It is always refreshing to see people that simply do not understand that all human activity since the beginning of time has revolved around "commerce" and "commerce" is, by its nature, marketing.
Dogs are not involved in commerce. Dogs do not experience "marketing". If everyone was more dog-like we wouldn't have problems like this. We would, however, have masters.
Re: (Score:2)
>>> 1. educate users
That is why you fail. Most people can barely multiple 12 * 12 or write a coherent letter, and you want them to learn the intricacies of an electronic machine? It. Won't. Work. You might as well ask them to fix their own cars, which is impossible since most people can't even change the oil.
Re: (Score:3, Funny)
Re: (Score:3, Funny)
Don't worry. If you haven't changed it in long enough, there might not be.
Re: (Score:2)
I have an electric car you insensitive clod, all I need is some grease for the bearings and smoke to make the electronics work
nice pipe dream.... Re:such a john wayne (Score:3, Insightful)
1. educate users
Who is going to "educate" users? What will be taught? Where will it be taught, and to how many people? How do you deal with the differing systems that people would need to be "educated" on (remember there are still people using OSes that are 10+ years old)?
More importantly, who will pay for it?
It is easy to talk about "educating users", almost as easy as it is to blame the current problems on "uneducated users". But there are too many unanswered questions related to the statement.
create hardened operating systems that may never need antivirus
That is a great d
Comment removed (Score:5, Informative)
Re: (Score:2)
Velma problem?
I'd have expected Velma of all people to do security right. If Daphne's laptop is virus-ridden, I'd suspect Shaggy or Scooby clicking on anything that looked like a recipe or picture of food.
Re: (Score:1)
Re: (Score:2)
Cleaning the uncleanable? (Score:3, Interesting)
I think, ultimately, that the internet will never be cleaned up. It is very idealistic to think there are a finite number of hackers and that their methods will not become more and more sophisticated as time goes by.
The kind of "cleaned up" internet that these companies talk about requires STRICT regulation and STRICT monitoring. It is very apparent, from just the audience that posts on Slashdot, that regulation is the exact opposite of what people want.
As far as the approach, the idea of a proactive anti-virus is novel, but I think the idea of recruiting novices to help hunt expert hackers is ludicrous. All it would take is a couple of reprisals from the hackers to permanently deter the said novice from going after a hacker.
Re:Cleaning the uncleanable? (Score:4, Insightful)
Sorry to bring politics into it, but it's a good example.
Re: (Score:2, Insightful)
While you are arguing semantics (symantecs, lol) between hackers and crackers, I think you strongly, strongly overestimate the ability of the general populace to rise to this specific occasion.
Technology has developed at such an accelerated rate that there are few, at the least, who really know how things work. I think I've stated this before in another article, but to most people, computers are virtually magic. The level of understanding and specific knowledge required to do so is so in-depth that really
Re: (Score:1)
More like he was arguing "semetics".
Re: (Score:2)
They've hired a marine? (Score:3, Informative)
Marines aren't like cops at all. A marine knows that the best defense is a good offense. Go get 'em, before they come to get you!
Hmm; Top 5 Hackers (Score:2)
I wonder where Don Knuth and RMS appear on the list?
False leads? (Score:3, Interesting)
How difficult would it be for an enterprising "computer criminal" to leave a trail of breadcrumbs leading to someone else?
IF this is easy to do, Symantec knows it, and this effort amounts to nothing more than a publicity stunt to sell more licenses.
Re: (Score:1, Funny)
Anonymous Coward, that bastard! I got his IP, it is 127.1.2.3, lets get him!
Re: (Score:1)
I think you are overestimating what happens. I hear from people all the time how they "know" the've been hacked because things like some mysterious service host "svchost" is taking over their system in the task manager.
It would be nice not to have a constant deluge of viruses to clean up, but this ain't gonna happen.
The funny thing is, I am running Windows XP on one of my computers and it has no active anti-virus program on it, and I have never been infected with a virus in the three ye
Re: (Score:2)
The funny thing is...
Same here. Every few months I download a few of the latest free AVs and ASWs, run them and then wipe them. In over five years the only thing any of them has found is suspicious cookies.
more of the same (Score:2)
Hah. You think Joe and Judy are going to be concerned about the big picture when they are trying to order Suzie's birthday party invitations and can't? The big picture is nice and all, but to expect people to act reasonably is, in my experience, a recipe for disappointment.
Sounds awesome! (Score:1)
I need a job ... (Score:5, Funny)
Re: (Score:1)
... will somebody victimize me so that I can put it on my resume?
Just look for nude pictures of celebrities - that's the only time in the last few years I actually got infected - AVG caught it. Or, visit porn sites and start clicking on links and when the "This site is a reported attack site." big red screen comes up, by pass it and start downloading. You'll get infected.
I'd like to see it applied for anti-spam as well (Score:3, Interesting)
Re: (Score:1)
Re: (Score:2)
there was an antispam system that used 'revenge' : http://en.wikipedia.org/wiki/Blue_Frog [wikipedia.org]
That was a different idea altogether. Blue Frog ran under the assumptin that the spammers could be pressured directly into removing people from their lists.
On the other hand, I acknowledge that attempting to work directly with the spammers is a lost cause. Instead you need to attack something that the spammers really care about - their profits. If you can disconnect the spammers from their revenue streams then you will remove their incentive to send out spam.
And by victims, what do they mean exactly (Score:1)
i'll help... (Score:1)
Clean It Up? (Score:2)
I'm convinced we can clean up the Internet in 10 years...
Bwahahahahahahahahahahahahahahahahahahahaha!!!
Oh gawd, that's rich. One of the funniest jokes I've read in a long time. Hysterical. Hopefully I'll see this guy at next year's Montreal Comedy Festival. Awesome comedian!
How do people like that get into the position of VP of anything? A bold statement that indicates such a complete and utter lack of possibility... Unreal.
Vigilante Cyberjustice? (Score:2)
Advocated by a guy name "Trollope"?
<looks at calendar>
It's not April 1st; what's up with that?
Re: (Score:2)
I presume they like English Novelists from the Victorian era.
And no, I'm not sure how I know that
Ruler of the Interwebs (Score:1)
#1 threat to the internet (Score:2)
customers won't mind being disrupted? (Score:2)
*I* mind, and will sue any responsible party or anyone that is encouraging it.
Huh? Clean up the Internet? (Score:3, Insightful)
As long as an ISP values their customer's privacy and rights to step on other people more than they value the integrity of the Internet, we are going to have problems.
Right now, it is not illegal, wrong, immoral or forbidden to have a computer owned by a botnet. This means that if my computer at home is infected nothing will stop it from doing whatever its little botnet commander wants it to do. And my ISP will not do anything to prevent or deter this computer from stepping on the rights of others in any way possible.
Similarly, if your computer is intruded upon and you find an IP address that has been used to vandalize your computer, good luck. The ISP owning that ISP address will certainly not release any information about their customer without your suing the ISP or involving law enforcement. Law enforcement isn't interested until you have lots and lots of financial damages.
All in all, this absolutely assures that "script kiddies" will get away with anything until they do something really big. Similarly, fraudsters and credit card thieves will get away with it until they do something really, really big. So what if you track them down to an IP address? It doesn't help. Nobody cares because it is just the "Internet" and law enforcement is still caught up with the idea that the only people that lose anything are nerds and geeks or people that have been foolish trying to get rich quick - so they deserve whatever they lost.
Re:Huh? Clean up the Internet? (Score:5, Interesting)
Right now, it is not illegal, wrong, immoral or forbidden to have a computer owned by a botnet. This means that if my computer at home is infected nothing will stop it from doing whatever its little botnet commander wants it to do. And my ISP will not do anything to prevent or deter this computer from stepping on the rights of others in any way possible.
Maybe 7 years ago, my sister's computer got caught into a botnet. Someone had loaded mIRC and a bot, and her computer was off trying sequentially to find more machines to infect. We got dropped offline, and our modem was blocked from reconnecting.
That evening, I called the ISP tech support, explained what was going on, and explained why we were disconnected. He turned our connection back on, and a couple seconds later, the scans started up again. He then proceeded to walk me though telneting into the modem, watching the NAT states to see which internal IP was causing the behavior, and then tracing that back to the machine that was infected so I could clean it.
Finally! (Score:2)
Well, someone finally someone is doing something about it. I can't even remember how many hacked computers I got my hands on and I could clearly see the spam bots / irc bots processes, who controls them, how they are controlled, etc, but nobody would help me bring down the whole network. I've sent countless emails to companies who had their computer hacked, their ISPs and about 90% of them got replies from postmaster@ and the other 10% didn't get any reply. I sent logs and all the information they needed to
Big problem with the logic (Score:1)
For every one hacker they take down, 2 will pop up in their place. Why? Because you are giving them exactly what they want. Hackers operate for 2 main reasons 1.) Because it is a challenge, and 2.) For the prestige earned when they pull off a
Depressing. (Score:1)
It's really sad that our law enforcement is so incompetent that we're reduced to security contractors attempting enforcement pro bono.
Now, that's not entirely fair, our law enforcement isn't so much incompetent as nonexistent and /or apathetic in this arena. But still, this is ridiculous.
New game in town? (Score:2)
So, if I'm reading the summary correctly, there's this program where you can go and hunt down the bad guys, and these bad guys like to do bad things (intrusions?), and there might be bounties on the best/worst ones, and there's even a way to have bragging rights (TOP 10/killmail?), and you can collect a crazy amount of data to get this done...
I'm confused, are we talking about the next Eve-Online expansion, or is this a different MMORPG?
Cross-functional delusions (Score:2)
The strategy has its risks...
Interesting that the first thing Edwards (Business Week) thinks of are the cliché arguments for gun control.
war on drugs, war on crime, (Score:2)
Symantec trying to stop malware? That's a laugh (Score:2)
Aside from what buggy bloatware their crappy AV is, the last time I worked on a new computer with a "trial" verison of Norton, I discovered that I couldn't completely uninstall their crapware even in safe mode. So where do I sign up? I want to report Symantec for distributing malware.
Stop building burglar alarms (Score:1)
Theater (Score:2)
Symantec is just doing this for the Publicity... (Score:1)
This reminded me of previous attack reports I got. (Score:2)
How does Symantec monetize this? (Score:2, Troll)
This doesn't make any sense... why would Symantec want to catch the bad guys, when the very existence of those bad guys is the bread and butter of the corporation? Biting the wretched hand that feeds it?
There's something else far more sinister going on here. Will Symantec make up the profit lost from having fewer bad guys from whom to "protect" people by milking the people themselves somehow? Of course it might be argued that's been done all along, but....
Nah, it's simpler then that (Score:1)
Computer users will think: "Oh man, look at all the evil schemes hackers are thinking of on the web! I'm really scared! But wait, Symantec knows all about what's going on the internet, so they can save us! Let's buy all their products so we don't have to be afraid anymore!"
In the end this looks like nothing more than a marketing ploy. If they were really interested in going after the "bad guys" (is that even possible when so many o
Clean up the Internet? (Score:2)
Disconnect from the 'Net every computer running Windows operating systems. Hell, we can have this place spic-n-span overnight!
Does becoming a manager destroy brain cells? (Score:1)
You mean like ... (Score:1)
I am Vengeance! I am the Night! (Score:4, Funny)
Re: (Score:1)
Symantec got a posse!
Symantec (Score:1)
Daydreaming (Score:1)
Re: (Score:1)
Opt-In (Score:1)
So how does this work? (Score:2)
Why would someone use a possibly infected computer with their real info?
Why not set up a Honeypot system and create a fictional name via free web mail and then sign up for some web sites. When a scam email comes in click on the attached file or link, which will install malware on the system that Symantec can track back to the system that is accessing it. When the scammer/hacker/cracker has the fake info, you'll know that they stole it and the infected system can have a history of IP connection that leads ba
I am convinced this gives Symantec media exposure (Score:2)
And I really see nothing else here. A big mounth, thing said that sound right to those without a deeper understanding of the issue. "Commercial Bullshit", to (mis-)quote Anathem.
Interesting business strategy (Score:1)
And rid the need for Symantec. I think I'll sell my stock now.
Nah, it's time to lock the damn house (Score:2)
"it's time to stop building burglar alarms to keep people out and go after the bad guys"
Nah, it's time to stop building burglar alarms and lock the damn house.
It's computer security, unlike physical security it's actually possible for it to be completely impassable. Just stop letting untrusted people run code on your machine.
You don't need to track these criminal down, you can just completely ignore them.
Ahahahaha (Score:2)
If Symantec products were worth a shit, this might be a decent idea. But Symantec products don't work.
Lusers and education (Score:2)
That, right there, just shows how very, very far users are from being educated...
Re: (Score:1)
I'd prefer my police to be run by and for the people, i.e. the government, rather than for profit. That said, the FBI/CIA has been ludicrously incompetent in tackling this problem.
The blurb said they were going to collect data and forward it to the authorities. I don't get the leap to private police force you seem to be suggesting.