Storm Worm Botnet "Cracked Wide Open" 301
Heise Security reports that a 'team of researchers from Bonn University and RWTH Aachen University have analysed the notorious Storm Worm botnet, and concluded it certainly isn't as invulnerable as it once seemed. Quite the reverse, for in theory it can be rapidly eliminated using software developed and at least partially disclosed by Georg Wicherski, Tillmann Werner, Felix Leder and Mark Schlösser. However it seems in practice the elimination process would fall foul of the law.'
Law? (Score:5, Funny)
Who cares about laws? I mean, the criminals don't, the government doesn't care, is anyone still clinging to this outdated model of a coexistance standard?
Re:Partially disclosed? (Score:5, Funny)
WWBD? (Score:5, Funny)
Re:WWBD? (Score:3, Funny)
Forget Batman! What would Yagami Light do?
Re:Pfft... (Score:5, Funny)
The guys found the "cure" of Storm Worm are university students. They did the research using the university's facilities. They have to follow the university's regulations and everything they do is pretty open to the public. Should they just triggered the switch and take over, the university may find itself in legal trouble.
Unless one of them happens to be Batman.
Question (Score:2, Funny)
After you decode it with base 64 how do you open it? do you just rename it to .c and open it with VS?
if not then how?
Re:So you are sued and lose your house. (Score:5, Funny)
Just require a warrant from some level of federal judge.
Things might not work great at first, but the whole warrant system works pretty well, and it would provide a framework for preventing abuse and overuse.
Re:Just more whack-a-mole (Score:4, Funny)
Don't be silly. If they read SLashdot, they certainly aren't going to have RTFA, so how are they going to know what the vulnerabilities actually *are*?
Re:So you are sued and lose your house. (Score:3, Funny)
Just curious. What was the one of the previous week??
Re:Just more whack-a-mole (Score:5, Funny)
If you want to stop the botnet, you need to remove its incentive. The botnet operates not for someones jollies, but because it is profitable to have a botnet. If you remove the profit motive the botnet will self-disassemble over time.
By Jove, I think you've got it! All we need to do is remove the incentive and crime just fades away! I wonder why nobody's thought of that before.
Re:So you are sued and lose your house. (Score:1, Funny)
"I think he's right because otherwise international net crime will continue unabated,..."
We need to call Netman, he will save us from those Jokers.
Comment removed (Score:3, Funny)
Re:Pfft... (Score:5, Funny)
Re:I am glad I use a Mac (Score:2, Funny)
Did you honestly just put Windows and Linux people in one boat? Somehow sounded like it. Must be my imagination.
Re:Partially disclosed? (Score:3, Funny)
Looks like perfectly valid Perl to me.
Re:so what? (Score:3, Funny)
I'd rather propose that they brick the machines in the first place instead of cleaning it. Cleaning a worm will eliminate the effect only and that for a very short time. Bricking a PC might eliminate the cause -- the clueless user.
We now have home PCs that are faster than supercomputers from 15 years ago. Operated by users who have no idea of basic computer security, these PCs pose a real threat to individuals and businesses on the net.
Computing power and bandwidth are so great these days that most users won't even notice a worm or two. So learning how to protect their computers is a bigger inconvenience to them than using machines that send spam and participate in DDoS attacks.
Should that change, should white- or greyhats who gain control to a botnet simply brick the affected machines or wipe a hard drive, users might care more next time.
Hell, the researchers can always blame botnet creators and get away with that!
Re:So you are sued and lose your house. (Score:2, Funny)