Comments on: 'Zombie' PCs caused Web outage, Akamai says

Attackers built a "botnet" of unknowing home PCs to bring down Google and other sites, the company says.

[johndoe445566]

The only way to solve the problem

This will continue until the lusers who allow their PC's to become zombies are held accountable for their poor security practices. Having an Internet connection isn't a right -- it's a privilege. Akamia should pick few hundred Zombie owners and sue them for negligence. That would make headlines, raise awareness, and maybe force something to finally be done about the DDoS problem.

[bjbrock]

After the users are sued...

they should turn around and sue Microsofrt for selling a dangerous product which has caused billions in damages for countless users. Microsoft has the largest part in all of the IT woes around today. Making a Microsoft product safe is way beyond the scope of what the average user should have to deal with. Make Microsoft financialy responsible for the carnage enabled by their dangerous software and then we will see a decrease in the massive trash out on the Internet.

Who is guilty?

I understand the frustration, but attempting to make co-victims into co-conspirators is insane. That's like saying the victim in identity theft is guilty of not protecting themselves from identity theft. Personally, I'd rather see the real culprits caught, at any price, and as many as can be found and convicted sentenced to life without parole in the most inhumane prison known to man, followed by a reality show about what that really means, 24/7/365. That puts the blame squarely where it belongs, and might even make these cockroaches change their behavior. Actually, what I really like to do with them can't be published, but this would do for starters.

Reason why traffic dropped

My theory for why traffic dropped is because although the big 4 sites listed were targeted, I think that people sort of got off the Internet for a little bit until things worked again. Where I work, Google was most people's main concern, although we did see the DNS issue effect some e-mail servers and some websites (including a few public government databases) seemed much slower because of the DNS outage.

[mbula]

How can we find/remove the RAT?

Does anyone know if this RAT can be removed by Spy-Bot, Norton's, etc.? When these articles are written, it is rare that the author discusses what remedy or web-site we can go to to remove the RAT. Maybe they don't know enough about it. I think the govt should sponsor a web site to help detecting these problems.

[bjbrock]

If the world would quit using MS's...

software, this and other malicious activity would all but cease. Microsoft id the basis for these attacks. It is the Winows OS which has allowed this to proliferate.

My thoughts

This problem isn?t going to go away by a previous suggestion ?sue them for negligence?. That?s not going to help anyone. If we want this to stop then we must educate people, tossing them in jail or making them pay a fine isn?t helping anyone. I can see the headlines ?grandma receives fine for pc virus?. How about teaching grandma how to scan her pc instead? How about some understanding that not everyone is a pc expert, some might not know how to clean their machine.

Most RAT?s can be detected by virus scanners, you have to make sure the scanner checks to Trojan?s, backdoors, etc and not just viruses and e-mail. Some versions of Norton don?t.

If we want this to be fixed then things need to change, we need the ISP?s to take some of the responsibility in that when things are reported don?t take a week to check on it. A week of an infected pc running is WAY to long. We need people to be understanding, not stubborn.

If everyone worked at the problem then it would be easier to battle, I don?t think we will win outright, but we can make a difference, if we try.

[johndoe445566]

Yes, sue Grandma

"Education" alone isn't the answer. The information is already out there, yet people don't choose to be educated. Sue a few grandmas and people will start taking the time to learn about security, or decide that the Internet isn't for them. As I'm fond of saying, using the Internet is a privilege, not a right. If Grandma can't use it without being a danger to others, she should shouldn't be using it. If grandma had an incontinence problem, they'd make her get out of the public swimming pool too. It doesn't matter that it isn't her fault -- what matters is that she's polluting a common resource.

[johndoe445566]

And sue the broadband ISP's too

And while assigning responsibility, let's not forget the broadband ISP's. Any ISP who doesn't have anti-spoofing filters on their border routers is grossly negligent. I think they could even be held criminally responsible under the "attractive nuisance" laws. If all ISP's had filters in place, DDoS victims could trace packets back to their origin and get them stopped.

[Raife]

The REAL Issues...

Here's my response to this discussion...

First...

1. Using currently available 'communications-mediums', ...IS A RIGHT. This HAS been ruled to be true by the Supreme Court of the United States (yes, they mentioned the 'Internet' specifically). If you don't like this fact, too bad...

Second...

2a. The REAL responsibility for such an incident falls FIRST upon the Virus-Writers themselves, ...if they even exist.

2b. The responsibility then falls squarely on "Microsoft", for producing a SERIOUSLY-FLAWED, and DANGEROUS, product which they sold to an unsuspecting public.

2c. "Granny" can no more be held accountable for the actions of criminals, or criminally-negligent companies, than "John Doe" could be if, for example, someone broke into his house, stole a flashlight, and then used the 'stolen' flashlight during the commission of another crime.

Such an assertion of culpability is simply ASININE.

Furthermore...

3. "Akamai's" claims are themselves currently quite suspect, since the actual evidence makes their assertions look like little more than a pathetic excuse from a company which has, in fact, had a string of embarrassing technical-problems.

4. The actual impact of this, "astonishing" event, was nothing more than yet another, all too common, 'website-access slowdown' (hardly the end of the Internet as we know it, or, a major threat to business).

And frankly...

5. The "threat" of, so-called, "Zombie-PCs" (along with the scourge of SPAM) currently seems to be a couple of the most popular "Cyber Boogie-men".

Of late, these "threats" are being used, mercilessly, as an excuse to limit all sorts of 'Freedoms' (by creating the technical-ability to monitor and control virtually all 'Internet access' and 'computer end-use').

[johndoe445566]

Liability

Lets say I had a gun collection, but "locks are just too complicated for me". So I didn't keep the guns secure, and every [script] kiddie in the neighborhood knew about it. I would indeed be liable if some criminal walked into my house, took one of my guns, and then went off and held up a liquor store with it.

Lets say I'm doing construction on my house. During the process, a pile of scap lumber has accumulated in my front yard. Under the legal doctrine of "attractive nuisance", I am responsible if a kid tresspasses onto my property, steals a 2x4, and then goes and whacks another kid upside the head.

[johndoe445566]

The right to use the Internet

Please cite the case where the Supreme Court held that using the Internet was a right. Having free speech rights ON the Internet is quite different from having a right to Internet access.

You think net access is a right? Try not paying your ISP bill and see how long it takes for them turn off your connection. Have your rights been violated? How about sending spam? Is that a right too?

Freedom of the press is a right, but it only extends to those who own a printing press. You have no right to walk into your local newspaper and demand they print something for you. Newspaper have broad immunity from liability for what they print, but that immunity is not absolute. Papers are successfully sued to libel and slander.

[chish]

Watch the RAT come back

If this attack was thru remote controlled pers. computers and Akamai won't tell what it is, then how can home users remove the threat and the person controlling their computers?

It seems awfully selfish for a big corp. co. to w/hold info that helps the little man and I wouldn't be surprised if/when the starter of this DDoS see's the paragrapgh where they won't tell what it was (to not give them notariety) that the creators don't slam them once again.

And I have to say, as one of the little guys who just helped 3 friends computers go down after Tues attack, it would serve them right.

In order to protect all - you must share the info!

[cpudrewfl]

ITS outsourced programming

Simple english if we didnt outsource and had programming done her by the smartest people in the world maybe this wouldn't happen.

It's a crime to stop the crime

Say what, you ask?

Yes, MS, Linux and other major OS's have security holes. Naive users are a major part of the problem, but the whole point of much of the modern internet is to make it available to naive users. Unfortunately we all will have a long wait for those security holes to be plugged, if they ever are completely plugged.

Yes, in many cases taking advantage of those security holes to form RAT packs is illegal. It should be illegal in all cases... but wait a minute! How do you bring the RAT commanders to justice?

The problem is, the internet is international! There will ALWAYS be places where this behavior is either legal or not prosecuted. So the RAT commanders send their commands to their zombies through other zombies in those jurisdictions.
The only way I can think of to get around the jurisdiction problems is to reverse RAT the RAT's, so that I could trace them back to their source.

But wait, that's illegal too!! So even if I penetrate all their layers of zombies commanding other zombies to find out who they are, I can't use any of that evidence against them because it was illegally obtained! At the very least, the law has to wink at those who do the very same thing to computers as the RAT commanders in order to find them.

So as long as the RAT commanders can send their commands through jurisdictions that can't, won't or don't care to persue them, they keep on happily messing up the internet for the rest of us. I and I imagine others like me won't persue them, even though we might know how, because it's illegal.

Thus my subject line: It's a crime to stop the crime.