Comcast's War On Infected PCs (Or All Customers) 304
thadmiller writes "Comcast is launching a trial on Thursday of a new automated service that will warn broadband customers of possible virus infections if the computers are behaving as if they have been compromised by malware. For instance, a significant overnight spike in traffic being sent from a particular Internet Protocol address could signal that a computer is infected with a virus, taking control of the system and using it to send spam as part of a botnet." Update: Jason Livingood
of Comcast's Internet Systems Engineering group sent to Dave Farber's "Interesting People" mailing list a more detailed explanation of what this trial will involve.
Seems fine to notify (Score:5, Insightful)
As long as they don't act upon this information I don't see any issue with it. I bet most run-of-the-mill users don't know they have the infection and could act upon it if they knew.
Sounds like a win-win for both Comcast and their customers if it's informational only.
IP, FP (Score:3, Insightful)
Bad subject, this is a GOOD thing... (Score:5, Insightful)
ISPs need to notify their customers. Many customers don't really have email contact from their ISP for various reasons (eg, me!). But injecting a pop-up for notification purposes DOES work.
Yes, the same technology can be used for evil abuses like ad injection, but this is exactly what SHOULD be done.
When I think of Comcast, I think of progress. (Score:5, Insightful)
So wait, instead of a personal phone call (which they apparently had been doing before anyway), now it'll be a popup just like the 50 other ones the user sees because he or she's infected with malware to begin with?
Nice.
Re:Bad subject, this is a GOOD thing... (Score:5, Insightful)
How many folks ignore popups though?
I'd think the solution could be more like what they do when they are messing with DNS - identify customers with issues, redirect their DNS queries to a box that puts up a page that describes what is going on, why they are seeing that page instead of google or whatever, and a number to call at the ISP for assistance.
This is a very good thing (Score:2, Insightful)
Even better would be to give me my choice of notification mechanisms:
*pop-up
*email
*sms
*robo-phonecall
*no notification
Re:IP, FP (Score:2, Insightful)
If they just said "IP" many here would think they were referring to Imaginary Property. Spelling out acronyms is a good thing, even if your audience probably knows what the acronym means.
Comcast Antivirus 2009? (Score:5, Insightful)
I agree, (Score:3, Insightful)
But having to set a cookie on each machine I want to disable their fucking dns redirect doesn't give me much hope. Love the speed.. hate the company!
I think we're slowly but surely seeing the end of what was a really great thing. Open unfiltered internet. In a few years it will be an expanded version of tv with none to little user control about what we want to see. Soon it will be.. we noticed your IP has downloaded X amount of gigs in the last two days. It's impossible that you are doing anything legit and we are going to cancel or reduce your connection speeds for a month if you continue illegally downloading. PS. This may have been a virus and if so please take your pc to an **authorized vendor to clean it.
**Vendor may also scan for copyright infringements on your pc in which case it will be kept at evidence.
Re:Bad subject, this is a GOOD thing... (Score:2, Insightful)
How will it be distinguised from the "Your computer is infected?!??!" ads that customers are told to ignore.
Re:Bad subject, this is a GOOD thing... (Score:5, Insightful)
Re:Seems fine to notify (Score:5, Insightful)
I like the idea a lot, but I don't know that there will be enough information for everybody.
When my ISP notified me of problems, it took a while to get enough information to figure out what was going on. As it turned out, it wasn't on a Windows box, and it wasn't a virus per se, but rather an inadequate password on an unsecured port. A message like "YOU HAZ BEEN PWNED!!!! HAHA!!" wouldn't have been enough for me to go on.
Still, the ISP is in an excellent position to watch accounts for bot-like activity, and is likely to be the first one to know.
My guess would be that those Comcast customers who insist they don't need anti-virus and do know how to surf the Web safely are going to get unexpected notices.
Opt-out? (Score:2, Insightful)
Comment removed (Score:5, Insightful)
Re:Seems fine to notify (Score:5, Insightful)
I agree, and I think it is surprising it has taken this long to launch this service. This is a chance for Comcast to save money on bandwidth, improve their quality of service, and do something good for their users and for the Internet at large. They can do the right thing while increasing profits!
That being said, I'm sure they can find ways to screw it up. A pop up notice in the user's malware-infected browser is not the way to notify customers.
Re:Seems fine to notify (Score:5, Insightful)
Tech: "Ok, you've got a virus"
User: "But why? I have X protecting me!"
Tech: "Well, you downloaded these kitten screensavers that appear to have a trojan on them"
User: "So you're going to remove my kitten screensavers!?!"
Tech: "Um, well yes."
User: "But you can't do that!!!"
Tech: "Well you want the virus gone right?"
User: "Not if it endangers my kitten screensavers!"
Tech: "..."
Add that plus all the scareware floating around with rogue AV software leads to a perfect storm.
Doomed from the outset (Score:3, Insightful)
Re:Seems fine to notify (Score:5, Insightful)
I bet most run-of-the-mill users don't know they have the infection and could act upon it if they knew.
The problem is that most customers cannot do anything about their problems, except take the computer to someone that can help them. And because that is going to cost money, most people are going to wait until after Christmas, or after their vacation, or after their vacation after Christmas. Or until hell freezes over.
Assuming a pop-up of any sort is going to actually inform people is a mistake - almost everyone has some kind of pop-up blocking in effect today and the ones that get through are ignored.
The right thing to do is contact the person and see if they can explain the activity. No contact, cut off the account. No explaination, cut off the account. It does little good for the other 6 billion people on the planet to let infected computers continue to spew spam and phishing emails.
If only they had some other means of communicating (Score:5, Insightful)
It's really too bad that a cable company doesn't have any other means of communicating with their customers other than the internet. If only some how they could find out where their customers live, which I admit does sound like a startling infringement on their customers' right to privacy, they could convey such a warning with out worrying about web etiquette or spam filters.
-Rick
PS: In case your browser doesn't support them, there are sarcasm tags on the proceeding paragraph.
Re:Bad subject, this is a GOOD thing... (Score:1, Insightful)
Why not just create an automated telephone system informing users. Seems like trying to get the infected machine to show pop-ups would be more difficult.
Re:Seems fine to notify (Score:4, Insightful)
Re:Seems fine to notify (Score:5, Insightful)
Yeah, Also, because If I got a pop-up that said, "your pc is infected" I would just close it and say "stupid phishers you'll never get me!" So, I'm guessing that pop-ups would be much less effective then a real piece of mail/phone message.
How about /. coming up with a solution? (Score:3, Insightful)
Here's a question for the masses here on /.
How would you notify customers that their machine is spewing spam or part of a botnet? Would you continue with the phone calls? Surely paying people to call customers about a virus can't be cheap, and doesn't scale. What is your ISP doing about this?
Even if what comcast is doing isn't the best solution, it's gotta be better than doing nothing, or taking the draconian measures of turning off service until you call in and they tell you, "Sir/Ma'am we turned off your service because your home computer is sending out spam. Once you've fixed it, we'll turn your service back on." I work at a "large database company" and in our labs if a lab machine is detected to be infected, the lab admins will shut of the ethernet drop that server connects to until you fix it.
Re:Seems fine to notify (Score:2, Insightful)
Agree, if they do it properly it could be useful service.
Except this is comcast we're talking about. They'll probbaly throttle and not notify.
Re:Seems fine to notify (Score:5, Insightful)
My guess would be that those Comcast customers who insist they don't need anti-virus and do know how to surf the Web safely are going to get unexpected notices.
My guess is that those same users will think that the ISP is obviously wrong, and will continue along their merry way, spamming the world.
Alternatively, they will attempt to fix it by clicking that little banner ad for 'free antivirus' that popped up and told them the same thing...
Re:Seems fine to notify (Score:3, Insightful)
Who uses their ISP's email service these days?
Re:Seems fine to notify (Score:1, Insightful)
would the average "dotter" even know if if his linux box was rootkitted?
Re:weak dollar (Score:1, Insightful)
Re:flyswattery. (Score:3, Insightful)
Treating customers like dirt, redefining what "demand" is in terms of the business model, and shaping the services you supply sure is a lot easier than actually scaling infrastructure to meet real-life demand.
The business model is to keep the mass market consumer product affordable and drive the geek who wants "unlimited" broadband into paying the going rate for business or professional grade service.