Australian ISPs To Disconnect Botnet "Zombies" 213
jibjibjib writes "Some of Australia's largest ISPs are preparing an industry code of conduct to identify and respond to users with botnet-infected computers. The Internet Industry Association, made up of over 200 ISPs and technology companies, is preparing the code in response to an ultimatum from the federal government.
ISPs will try to contact the user, slow down their connection, and ultimately terminate the connection if the user refuses to fix the problem. It is hoped that this will reduce the growth of botnets in Australia, which had the world's third-highest rate of new 'zombies' (behind the US and China)."
why not directly disconnect every Windows machine? (Score:4, Funny)
Not quite an accurate solution, but statistically close enough...
Re: (Score:2)
Re: (Score:2)
Because then no one would live in Australia.
If a few people move out, that would be a benefit. Don't they have a growing people vs resources problem over there, hence the relatively strict immigration rules?
(for the emotionally/intellectually deficient out there who need this pointing out: yes, I'm being facetious here)
Re:why not directly disconnect every Windows machi (Score:4, Funny)
Give a discount to those running clean systems. (Score:3, Funny)
They don't need to disconnect bad users. They should just give a discount to users who are running secure operating systems that are more resilient to malware infections than Windows is.
For example, give OpenBSD users a 50% discount, since it's quite unlikely that their system will ever get infected or compromised. The same can probably be done for users using Solaris, NetBSD, FreeBSD and commercial UNIXes.
Linux and Mac OS X are more widely used than the aforementioned systems, so the chance of them getting
Re: (Score:2)
OS/2 and eComStation users should get a 75% discount!
Re: (Score:2)
In this case, sure it's not a life or death decision, but spam, phishing, malware, child porn, and other nastiness does ruin lives. Slowing the
Re: (Score:2)
A couple years back malware was using 2/3 of the bandwidth, I shudder to think what it is now.
Ooo, must be at least 150% by now ...
Re: (Score:2)
This statement of yours is completely absurd
A computer that's a zombie node of a botnet is most likely dishing out spam by the thousands by the minute effectively clogging the InterTubes with digital feces. Additionally it is also part of any DDoS attack associated w/ that particular botnet's activities.
This makes that computer engaging i
Re: (Score:2)
Re: (Score:2)
The owner of said computer is negligent and should have their connection isolated until the computer engaged in infraction is cleaned.
Calling the owner negligent is assuming a lot. Don't get me wrong - plenty of them probably are. But you can have your box automatically downloading patches, run a top-tier antivirus package, avoid visiting shady websites, and still get yourself infected by some 0-day exploit served off an ad server used by a respectable website (say, CNN).
Disconnecting infected users is a worthwhile idea. Though wonder if malware writers won't adapt to that - detect disconnections or unusually slow throughput, go into a
Re: (Score:3, Insightful)
Goog Idea. But will end up with "Give discount for anyone who installs a closed-source, windows-only Punkbuster-lookalike"
Re: (Score:3, Interesting)
I've never heard people suggest that before, but the idea of "using open source = discount on your internet bill" is a good idea.
Nope. Market for software/services to try make a Windows machine actively running IE look to the outside like a Linux machine running FF/Konq in 3... 2...
I see hitting people's wallets as a good ides in another case though. Some will take the being cut off as a simple inconvenience and will after reconnection continue to behave as before and get cut off again after a couple of months - lather, rinse, repeat. Charging them a reconnection fee the second and subsequent time might be extra useful encouragement.
Re: (Score:2)
I think it's harder to validate if someone is Malware free than identify what OS they're running via modem data, no? I keep thinking ICMP or nmap, but I'm sure there are legitimate ways since the ISP already has your data.
When I think of trying to identify malware, how would you know without inspecting packets? does malware consistently spam traffic? I would assume not all the time on that.
I'm merely being philosophical on this, as I don't know the answer: if you do, by all means, please answer.
Re: (Score:2)
I think it's harder to validate if someone is Malware free than identify what OS they're running via modem data, no? I keep thinking ICMP or nmap, but I'm sure there are legitimate ways since the ISP already has your data.
With a proper router (rather than just a USB modem) in a sensible default situation where by default nothing incoming gets passed the router unless it is a response to an outgoing connection, the most you will be able to tell from that sort of probe is a few things about the router.
When I think of trying to identify malware, how would you know without inspecting packets? does malware consistently spam traffic? I would assume not all the time on that.
You're right, it would not be easy. Obviously someone thinks that it is practical to try though, or the plan would not have been conceived in the first place.
I can think of a few things that, while far from infallible, would prov
Re: (Score:2)
Don't they all do packet inspection anyway? And, some of them do deep packet inspection, looking for P2P users, right?
It really shouldn't be that hard to identify a spamming bot. Other bots may be harder to spot, but not impossible. While I don't much like the idea of retaining data on customer usage, I could justify 60 or 90 day retention of records for the purpose of shutting down malware/botnet machines.
"Yes, Barney, these six machines all answer up every single time the MyDoom2015 calls for a roll ca
Re:Give a discount to those running clean systems. (Score:5, Insightful)
I've never heard people suggest that before, but the idea of "using open source = discount on your internet bill" is a good idea.
Do it in a very simple way: if you're not running windows or OSX, you get a 5% discount your bill. Some might differ on whether to put OSX in the "Do not run" category.
The rest is too discriminatory and too extreme.
There are people out there who are able to configure Windows to be as secure as *Nix or Mac OS. Why penalize them? Penalize the retards who run Windows/*nix/Mac OS as administrator. Penalize the retards who are infected with the botnet zombie 'du jour'. Penalize the retards who mindlessly click on every 'OMGZ YOU WIN IPOD TOUCH CLICK HERE PLZ!111!!!!!!oneoneeleventy!~one!' banners.
Re: (Score:2)
"There are people out there who are able to configure Windows to be as secure as *Nix or Mac OS."
You make a pretty good point - except that you exaggerate a little. There are precious few people who can make their Windows machine as secure as *nix or Mac. And, most of those people work for an IT department somewhere that has hundreds of insiders fighting tooth and nail to poke tunnels so they can view their favorite flavor of porn.
I take it that this whole thing is aimed at private, domestic machines, rat
Re: (Score:2)
I think that's pretty inaccurate. Out of the box Windows is just as secure as Linux or a Mac is. It's something that Slashdotters don't like to discuss (easier to blame mothers and sisters I guess) but a lot of malware gets onto systems via warez and the like. For example, here is a point and click tutorial on uploading infected warez [pay-per-install.org], even including how to avoid bans from torrent sites. The appeal of this option is ob
Re: (Score:2)
out the box? sure, as long as it's not plugged in it's just as secure as mac or linux.
In reality, otherwise, the machines do not have the same security. This isn't an attack on Microsoft, it's just reality. They're poor performers as far as security is concerned and have been from day one.
Re: (Score:2)
"Unless you think using Mac or Windows makes somebody inherently more virtuous overnight,"
God, I hope not! I have little use for a virtuous woman!!
Alright, if you insist - I'll try to be serious. Windows is, and always will be, playing catch-up in the security department. The basic, underlying security model was flawed simply because Microsoft didn't believe security was as important as convenience.
In fact - that seems to be part of the argument every time one of the MS fanbois tauntingly reminds us that
Re: (Score:2)
yes, there are people who can secure it - but there are less layers of stupidproofing to prevent them from bypassing their own security loopholes.
Basically: even with UAC (or without it), superuser password requests are much more direct than just "click to continue".
So I agree:I wouldn't want to penalize such people, but since when did those folks have an issue in the first place?
Re:Why not just filter out the bot net traffic? (Score:2)
It just occured to me that if you can identify those computures that have Bot nets running, you have to be able to identify what that bot net traffic is. Why not just filter that out?
Re: (Score:2)
Simple! Fingerprint all users computer OS. block all Windows OS's.
Oh yeah, and my computer keeps playing a wav file that says.....
Brains............Need Brains.........
Damn windows updates!
Re: (Score:2)
It definitely will make an impact if all countries follow suit with a similar program.
Contacting the owner is the first good step, as for limiting connection speeds, well, I don't get that, especially if I paid for full speed, whether I am using it for spam or not, it is paid for, but let me know that I am spamming millions of emails per day, and I will change my computer install yesterday.
Re: (Score:3, Insightful)
> Of course I'm OK if that software isn't particularly Mac compatible ;)
So you wouldn't mind being required to switch to Microsoft Windows 7? Because that is what your proposal would lead to.
Re: (Score:2)
Er, no. He's saying everyone should use linux. If you notice, he also says that disconnecting every Windows machine is a good idea. No Windows, no Macs, that leaves linux/BeOS/BSD/etc.
Re: (Score:2)
I think everyone missed my point. The internet as a whole is being attacked by systems loosely guarded by their owners due to onerous and obtuse support requirements and maintenance routines. The fact that there is even an antivirus industry speaks volumes about where we are now.
Windows PC make up the bulk, if not all of all botnets (please cite for me any unix/linus/macos x desktop botnet that's been discovered that isn't just focused on weak LAMP setups)
In the "developing" world we might see corruption th
Re: (Score:3, Funny)
Wait - you are supposed to LOG IN to a hotspot? Seriously? Maybe I've been doing it wrong. I usually just spoof a MAC address, and take over an existing connection. Sometimes, I just log into the router, and change the settings more to my liking. There are so MANY imaginative ways to use a hotspot - why log in? Spoofing a MAC address has the advantage of making my terrorist network activities appear to be dozens of different people. Why, just last week I sold a suitcase nuke to an Ethiopian who had f
Re: (Score:2)
I don't think Norton or Kaspersky would be too chuffed either.
Bad Precedent? (Score:5, Insightful)
I'd rather not have my ISP decide what is a "virus" or "inappropriate communications" thank you. If the users are consuming too much bandwidth then disconnect them on those grounds, but please don't set this precedent.
Re:Bad Precedent? (Score:4, Interesting)
Re:Bad Precedent? (Score:5, Informative)
They usually watch for excessive traffic on specific ports. Since the most immediately profitable use of a botnetted machine is spam, the majority of botnetted PCs are either running open mail relays or are themselves functioning as outgoing mailservers. Many ISPs (including two in my area) watch for excessive traffic going OUT on TCP port 25. Unless you are running a mailserver, your computer has no legitimate reason to send out over that port in volume. Most ISP mailservers are SSL nowadays anyway and are off port 25 so you don't even need to use that if you are connecting to your ISP's mailserver from off-network. (and many ISPs outright block port 25 outgoing from anything in their network besides their mailserver) Many ISPs react the same if your computer is listening on port 25 (acting as an open relay)
So if you are pushing megs (or gigs) a day every day on port 25, there's better than 99% chance your machine is botnetted. It doesn't take speculation to figure that out, and the odds of false-positives are very close to zero.
That said, I have no sympathy for someone that knows their computer has a problem that's causing other people grief. That's the most basic understanding of the problem that is given when your ISP gives you a phonecall or email saying you have a problem and need to fix it or we will cut you off. If you're too stupid to acknowledge this and take responsibility for fixing it, or just plain don't care, I'd much rather see you off the internet and out of my Inbox. If you don't care that someone else has violated you by hijacking your computer that's fine with me, until they start using it to violate me, and that's when I start having a say in the matter.
If you want a fun example to separate the computer from the problem, here's something easier to understand: ABC Construction company does building demolitions. They leave their explosives on site and not locked up. They keep getting their explosives stolen. OK I don't care about that, it's their loss. But then stuff around town start getting blown up and the explosives are easily traced back to you. That's when it's time for the police to come have a talk with you about securing your explosives. You do not have the right to continue leaving dangerous things so easily accessible that the public is constantly being hurt by them. Even if you want to ignore your moral responsibility for it, the public won't stand for it and you lose your say in the matter. You WILL secure your things or you WILL go away.
Another excellent example is how several states legally require you to have a lock on your anhydrous ammonia tanks to prevent theft and use in drug manufacture. Also, most universities now are requiring students to install AV software on their computers before they're allowed to use the campus net. Your precedents have already been set.
Re: (Score:2)
...Many ISPs react the same if your computer is listening on port 25 (acting as an open relay)
Of course, practically all mail servers listen on port 25 since that's the standard port for receiving unencrypted incoming mail...
/Mikael
Re: (Score:2)
Most also listen on port 80 as well. simply to bypass the useless port 25 blocking that most ISP's use.
Re: (Score:2)
That said, I have no sympathy for someone that knows their computer has a problem that's causing other people grief.
What about people who do not care enough to find out? That is most people. They do not know, because they do not care.
My solution would be to allow victims to sue anyone who is negligent or the consequences. I think making everyone whose machine is in a botnet jointly and severally liable for all damage would be excessive, but each of them should face a liability big enough to be worth suing over.
Re: (Score:2)
My ISP (Clearwire, fwiw) has on several occasions throttled me down to about 5 KB/s until I call and ask what's up. I get a level 1 tech who reads me the entire "have you run your antivirus software lately, do you leave your computer on all the time, etc." script before I can tell him that I run os x on a laptop that spends most of its time at work.
The call immediately goes up the chain, I have to explain myself again, I get put on hold for a minute or two, and then the problem is mysteriously solved. All w
Re: (Score:2)
I don't run any internet-facing servers- in fact, my firewall is locked down as far as it can be without causing problems for myself, and every nonessential service and port is closed. My wireless network uses WPA2 and MAC filtering. All that, and I was identified several times as a zombie.
Have you port-sniffed your computer with another machine? Port sniffed your wireless router? Your router might be a zombie, and I've seen Mac zombies that look benign from the OS side, but have ports open that the GUI says are closed.
Re: (Score:2)
Yes, I've run tests on my network that confirm what I already thought. I have a small Dell mini with a few network utilities installed that I've used to troubleshoot issues in the past (said dell spends almost zero time connected to the internet).
It was actually during the course of scanning my network that I came across all my neighbors.
I just scanned again for my personal edification, and everything is locked down. The only thing I can't control is my clearwire modem, but I've been trying unsuccessfully t
They need to disconnect them here too ... !!! (Score:2)
This bot net crap has to stop, I wish they would do that here. Disconne.....{#`%${%&`+'${`%&NO CARRIER")
Re: (Score:2)
It doesn't really matter what you want if your ignorance is leading to these kinds of problems.
And bandwidth isn't a very good indicator since each individual bot doesn't have to actually send all that much info.
Personally I think there are certain patterns that could be gleaned from the traffic to help determine if there is a problem. Hundreds of failed connections or invalid packets per second, for instance.
Do I want to give the power of choice to the ISP? Not really, but who else is able to do it?
Could it be a Good Thing to prune some leaf nodes? (Score:2, Interesting)
Free botnet removal support? (Score:2, Insightful)
Re: (Score:2)
Many shops 'round here reinstall Windows and your apps (keeping your personal files) for 40. I doubt you can't find similar services in Australia.
Re: (Score:3, Insightful)
If they can't afford to keep their machine clean, they don't go on the Internet. Sucks to be them. They don't get to pass on the cost of their mistakes to everyone else, like they do if you just keep their connection alive.
Yes I work for an ISP. Yes that's in our terms and conditions.
Re:Free botnet removal support? (Score:4, Insightful)
Who will fix the problem? (Score:5, Insightful)
if the user refuses to fix the problem
The users who are likely to be infected by a bot are the least likely to be able to "fix the problem".
Re:Who will fix the problem? (Score:5, Insightful)
Here's a car analogy for you:
The users who are likely to crash by failing breaks are the least likely to be able to repair their own brakes...
Mod parent up (Score:2)
Re: (Score:2, Offtopic)
I don't know about the situation in your country, but here in the UK any car over a certain age undergoes mandatory regular testing (the MOT), which is designed to check the road-worthiness of the car. These tests are paid for by the owner of the car, and not having a valid MOT certificate brings all sorts of problems (not least of which is that it invalidates your insurance).
Perhaps the same should be true of PCs? Since we're equating poorly maintained cars with poorly maintained PCs.
Re: (Score:2)
Nobody gets run over by an infected computer. Fixing the computer after the fact is good enough
Go away.....NOW! (Score:4, Insightful)
Do you seriously want some twithead bureaucrat telling you what a "safe" PC is and what a "dangerous" PC is?
I want you to choose a number from 1 to 60. This number represents the amount of seconds before Linux (or some other disliked-by-those-in-power application) goes onto the "dangerous" list. This number also represents how many days you have to install a properly maintained OS, such as those produced by Microsoft, onto your PC. Within 10 days, please bring us proof that you have made the correct repairs and we will waive your fine. Oh, but court costs are 200 euro. Thank you, drive through.
I am deadly serious when I say this: This is one of the all-time worst ideas I have ever read on Slashdot.
Re: (Score:2)
I agree that the car analogy is has some merit. But is incomplete. It is more like someone is driving around with a car with a manufacturing flaw that is not obvious. You don't see that the brake is not working. When you brake everthing works fine, when you accelerate everthing if fine, maybe a little slow but fine. What you don't know is that someone is using part of your trunk to transport drugs, because the lock was made such that they could open it up and put it in, open it up and take it out without yo
Re:Who will fix the problem? (Score:4, Insightful)
Who cares? He owns it, its his responsibility to fix it. Pay someone if he cant figure it out and stop clicking on NAKED_PHOTOS.EXE or doesnt understand why he should be doing those Microsoft updates. Should we also coddle drivers with unsafe cars because they arent mechanics?
Its only when there's a financial incentive to keep a machine patched and thinking before clicking that people will begin doing so. Or switching to OSX or Linux. The status quo of not taking responsibility for your own computer isnt sustainable and isnt helping anyone.
Re: (Score:2, Insightful)
OK, I just had to jump in here. I'm tired of the people who say "Switch to linux and the spam/virus/worm problem will be solved!". It wouldn't solve sh*t! The spammers and virus/worm makers would just develop for the new platform, and the only reason that Linux is so secure is that the malware devs aren't developping payloads that attack it.
Re: (Score:2)
> The users who are likely to be infected by a bot are the least likely to be
> able to "fix the problem".
Unplugging the computer fixes the problem.
so what? (Score:3, Insightful)
everyone talks about their rights, but few speak up about their responsibilities
if people don't live up to their responsibilities, they lose their rights. not as a matter of some government mandate, but as a simple logical, natural consequence of ruining things- the internet, safe roads, a healthy economy, etc., for other people
Re: (Score:2)
That shits on centuries of philosophical thought.
I think you confuse the word 'right' with the word 'privilege'. Driving a car? That's a privilege, revocable when used irresponsibly.
The internet is developing into a primary means of communication, especially
Re: (Score:2)
This is correct. I know plenty of people who are clueless about security, and computers generally (I'm thinking of the ones who ask me "Do I have Adobe on my computer?"), but I'm not prepared to tell them they have to stop using them until they become experts. The real solution here is to offer proactive solutions. The ISPs could provide them for free (including house calls) and probably still come out ahead financially.
Re: (Score:2)
Re:Who will fix the problem? (Score:4, Insightful)
I've made some similar experience on my own some years ago while living on campus connected to a network of about 1,000 machines. The admins enforced a "three strikes" directive: if someone's machine was spreading viruses via internet access or via FTP/SMB shares or misbehaved in other ways (disturbing the DHCP and break-in attempts on internal servers, mainly), (s)he got a notice in her/his (real life!) post box to stop misbehaving/to fix the computer. As I recall, the note contained a paragraph offering help in case people weren't able to cope with the problem themselves. They only had to block less that 10 Machines during the time I lived there (4 years, approx.), as people really reacted quickly and we could even observe a (small) learning curve because new inhabitants mostly were briefed by their neighbours shortly after they had moved in.
So: Go ahead, Aussie ISPs! That's definitely the way to go - and to further sysadmin appreciation, but that's a different piece of.....
Re: (Score:2)
It’s called “natural selection”. It’s supposed to work that way.
Either you wise up, or you die. Simple as that. Look it up.
Open invite to hackers: Come steal our stuff!! (Score:3, Interesting)
This SOUNDS like a good idea in theory, but what will end up happening is that Hackers will start to send fake notices to Australian users and will easily be able to trick people into giving personal information (ie account numbers, CC numbers, ect.) by claiming to be from the government and/or ISP. They need to create some sort of control around this, but I only see it causing problems....
Re:Open invite to hackers: Come steal our stuff!! (Score:4, Insightful)
...will easily be able to trick people into giving personal information (ie account numbers, CC numbers, ect.)
I don't know why the emails would ask for personal information. I can however see this as a great opportunity for virus emails: The government has noticed your computer is infected and sending out spams. Now run this attached executable to remove it.
Re: (Score:2)
Um, use the telephone, or Certified letter?
Sad, isn't it? (Score:2, Insightful)
Re:Sad, isn't it? (Score:4, Insightful)
Pardon me, but isn't protection against security breaches the OPERATING SYSTEM'S JOB???
Partially, but it isn't the operating system's job to stop the user from being an idiot. If you want to run executables from suspicious websites, that's your right. And if the rest of the world wants a device to stab you in the face over the internet, that's their right, too.
Re: (Score:2)
No, the operating system's job is to manage memory allocation, physical devices, and manage scheduling of threads and processes.
Re: (Score:2)
I can't think of an OS that can tell the difference between skype spraying bit all over the internet versus a spam mailer spraying bits all over the internet. In both cases, the user probably clicked something (skype.exe or boobs.jpg.exe), and clicked "OK" when the OS asked if they were sure. At that point the reins are in the hands of the user.
You can put a HUD, anti-lock brakes, cornering headlights, parking sonar, all-weather tires, and wrap-around cabin airbags in a car, but a stupid user will crash it
What does this mean? (Score:2)
Does that mean they will cut off users who simply don't have an AV program, even if they're not infected?
Re: (Score:2)
If there are no signs of botnet activity from a computer, how would they know it doesn't have AV software? Something tells me ISPs aren't going to devote resources to asking their customers just in case...
Re: (Score:2)
Perhaps change the terms of service as to require AV software installed before a computer is let onto the Net. Perhaps requiring software to be installed on a given computer to check whether it has an applicable AV program.
So, if the software finds that there is an acceptible AV program, then the ISP is contacted and unrestricted access is permitted. If the software finds the AV program doesn't qualify, or doesn't exist, then the person only has access to a page that says, "You don't have a qualified AV pro
Re: (Score:2)
No, not going to happen. For a start, such a program would have to be available for every common iteration of every operating system and be able to recognise the installation footprint of a variety of AV software, and be constantly updated to recognise new versions and work around any changed settings. No Australian ISP is going to put in that kind of development work when they can just monitor their logs for suspicious activity (and already do). Besides, attempting to mandate a particular hardware/software
Finally (Score:2)
I've been calling for this for years, on Slashdot and other venues. ISPs do monitor suspicious behaviour. I can remember many many years ago when I was much younger and playing around with netbus and scanning the default port 1234 with it for about 20 minutes. The next day we got a call from the ISP asking if everything was okay.
There is no reason that a reasonable profile can't be built to detect standard bot activity and customers notified if this kind of behaviour has been noted coming from their connect
Re: (Score:2)
The problem I have with this is that my own ISP has blocked me using the excuse that I might have an infected computer. I tell them that I'm running os x and the problem is immediately fixed.
What concerns me is that what my ISP was doing was not 'bot profiling' (I have almost every port blocked and I'm not running any services that use weird ports, like some p2p software does)- they were simply disconnecting/throttling down their heavy users. I don't use the internet at home more than a few hours a day, and
Criteria (Score:4, Insightful)
Largest Botnet - BitTorrent
ISP - "Job's a good 'un lads, let's go home."
DNS redirect? (Score:2)
I usually hate messing with a protocol, but this sounds like a good use of a DNS redirect. When a user is deemed infected by whatever measure they decide, have the first web-page that the user brings up a re-direct to an ISP warning page with info on how to cure the problem.
I suppose if the user refuses to do anything about it you could cut him off after a month or so.
Re: (Score:2)
Whenever this has happened to me (when the person in charge of the bill forgot to pay it on time), the redirect page includes a phone number which is the only way to continue making progress with the issue.
If you're the sort who clicks on the fake warnings, eventually (with this method) the ISP will give you the real redirect page that fails to include any links.
Uk ISP's have done this before (Score:2)
At the height of the blaster outbreak a few UK ISPs cut off blaster infected PC's and redirected to a 'clean up your PC' page.
Will this be abused? (Score:2)
What checks are in place to prevent this being used as an excuse to take down "toublesome" sites?
I mean, computers that are part of the Tor privacy network, or part of freenet, or bittorrent servers, or used by contributors to Wikileaks.
yes sir mister policeman (Score:3, Insightful)
Good idea if implemented properly (Score:3, Insightful)
I think this has already been done in finland. (Score:4, Interesting)
Block the abused ports first, or firewall them (Score:2, Insightful)
Don't disconnect them. First, only block the ports being abused. If that doesn't work, confine them to a "walled garden" that tells them who to call and fix the problem. Then when the do call, help them fix the problem.
Comment removed (Score:3, Interesting)
There is an inherent responsibility (Score:2, Interesting)
There is a responsibility by any user not to interfere with others. Being infected with a botnet is certainly one for this category. Not responding to warnings of infection is negating this and is abusive of others using the net. Why should users that interfere with others be tolerated?
To simply say that a significant number of the people that have botnets don't know how to remove them, even after warnings is far to simplistic an excuse. The same can be said about their ability to pay to have them removed.
Colour me skeptical... Disguised "Three Strikes" ? (Score:2)
Why bother implementing a troublesome and unpopular "Three Strikes" law to stop torrents when all you have to do is claim their machine is part of a botnet?
Re:Stop tinkering with things they don't understan (Score:4, Insightful)
Quit trying to speak for the whole rest of the world. You are not qualifyied.
Re: (Score:2)
Comment removed (Score:5, Insightful)
Re:Stop tinkering with things they don't understan (Score:5, Insightful)
Seriously? This needed to be done for all countries 10 years ago.
Assuming you trust them to stop at botnets and not include p2p, vpn, uunet, private mail servers out of the country, list servers, and other legitimate traffic.
Re: (Score:2)
At college, the school did exactly this. They shut down every computer that was infected. If you get into a car accident on the highway, you might get your license suspended. So why shouldn't you be responsible for your actions online?
But at college, they also did all the things you mentioned. Also, the local police monitored the connections, because a week into the semester, the police came into my class to arrest a freshman for downloading things of an illegal nature.
Re: (Score:2)
The major problem is to identify legitimate traffic vs. Botnet Traffic. We know there are filters that also catch the un-intended such as censorship black lists, no-fly lists, banned book lists. And if you look at the spam or the arms races or business, when a restriction is found, the criminal finds a way around it. In the meantime the fellow who's computer was taken over is taxed with the penalty of no connection and the time to fix it. This is a little like making a victim of a crime have to come in day
Re: (Score:2)
Mark me as flamebait if you like, but this was started by the Internet Association, so chances are they probably have a pretty good idea on what they are doing. They would have buy in from their staff to be able to get this one through, their staff are probably sick of having to deal with all the SPAM complaints and everything else from these hosts. They probably have an even better idea on what they are doing to their network than what you do.
Re:Privacy (Score:5, Insightful)
Actually, it's more like your phone company disconnecting you for repeatedly making prank calls.
Which, in fact, they will.
Re: (Score:3, Interesting)
Re:Privacy (Score:4, Informative)
They don't discover that by listening in to content though. They do it after there have been complaints.
And you don't think ISPs have been getting complaints about spam?
Re: (Score:2)
Not entirely true. Most phone companies have anti-fraud systems and will detect and possibly disconnect you if you suddenly make 1000 times as many calls as usual. Compare with making a thousand new connections a minute to TCP port 25.
Re: (Score:2)
I think it's more like the water company investigating you because your oil tank has a leak which is going into the local water supply.
I think this is a really good thing, and it would be nice to see it being done more.
Most of the time all that's needed is a bit of education and a virus/malware scanner. Most people spewing this crap don't even know they are doing it, so letting them know is doing them a favor.
Re: (Score:2)
Cue crazy guy who thinks ever business proposal is a conspiracy by the government to "finally" get him. Err, if they wanted you, you'd be in a jail cell. No need for some business regulations about zombies to make it look legit(?)). Also, I think your tin foil hat is looking a bit crooked. Some alpha waves might be getting in!