Forgot your password?
typodupeerror
Botnet Security IT

The Biggest Cloud Providers Are Botnets 116

Posted by CmdrTaco
from the resistance-is-futile dept.
Julie188 writes "Google is made up of 500,000 systems, 1 million CPUs and 1,500 gigabits per second (Gbps) of bandwidth, according to cloud service provider Neustar. Amazon comes in second with 160,000 systems, 320,000 CPUs and 400 Gbps of bandwidth, while Rackspace offers 65,000 systems, 130,000 CPUs and 300 Gbps. But these clouds are dwarfed by the likes of the really big cloud services, otherwise known as botnets. Conficker controls 6.4 million computer systems in 230 countries, with more than 18 million CPUs and 28 terabits per second of bandwidth."
This discussion has been archived. No new comments can be posted.

The Biggest Cloud Providers Are Botnets

Comments Filter:
  • by beh (4759) * on Tuesday March 23, 2010 @09:35AM (#31582608)

    And they came up with that number how?

    28 terabit/s == 28.000 gigabit/s == 28.000.000 megabit/s

    28.000.000 megabit/s / 6.400.000 systems would average out to 4.375 megabit/s AVERAGE bit rate over those 6 1/2 million systems in 230 countries... (oh - and to fully utilize that, it would also require the UPLOAD rate to be in the same ballpark figure; to have more than 4 megabit/s upload speed on average over that many systems in that many countries...?)

    18.000.000 cpus in 6.400.000 systems is on AVERAGE 2.812 CPUs per system - so, most of the systems would already have been dual or even quad cores... ...oh - and in order to qualify such numbers, that would have to be the average number of systems online at any given moment; if half of them are switched off (while someone is asleep, away, ...) - the numbers go down.

    I would believe, that conficker and similar botnets are huge, but the numbers depend strongly on 'estimates'. Also, if conficker really managed to 'rent out' the computing power, the botnet would likely quickly decrease in size, as more and more people would take their systems to repairs, because they are so slow all of a sudden...)

    So, how do they get to those numbers? Apart from, obviously, pulling them out of thin air? ...and apart from the desire, to get the name of the company coming up with the number out on slashdot?

    • Re: (Score:3, Interesting)

      by ZorbaTHut (126196)

      Also, if conficker really managed to 'rent out' the computing power, the botnet would likely quickly decrease in size, as more and more people would take their systems to repairs, because they are so slow all of a sudden...)

      You'd be surprised how true that isn't. Even Windows is reasonably good at idletime priority processes - unless they intentionally used CPU that the user was trying to use, people would probably never notice.

      A bigger problem is that there are very few useful problems that are practical t

      • by Glonoinha (587375)

        Somehow I don't think the guys running the Conflicker botnet are particularly concerned with the practical implementation of ethical computing.

        • by ZorbaTHut (126196)

          Getting your botnet removed from the user's computer makes bad financial sense, especially when you can get 95% of the same computational power while being totally invisible. They'd be fools to do otherwise.

      • Re: (Score:3, Interesting)

        by bunratty (545641)

        A bigger problem is that there are very few useful problems that are practical to calculate on a distributed botnet of that fashion. It's been tried and failed before, more than once - most real-world problems involve large databases of confidential data, which is obviously inappropriate for a network like this on multiple levels.

        Probably a bigger problem is that not many useful problems are "embarrassingly parallel". The nodes performing the computations need fast communication between other nodes in most

        • by dskoll (99328) on Tuesday March 23, 2010 @10:12AM (#31583162)

          Probably a bigger problem is that not many useful problems are "embarrassingly parallel".

          Sending spam is. DoSing a victim is. Brute-forcing passwords is.

          It's unfortunate, but a lot of problems of interest to unethical people are indeed embarrassingly parallel. :(

          • by Yvanhoe (564877)
            But comparing them to Google's cloud seems unreasonable. Their numbers may be higher but they can't outmatch google when it comes to quickly make a search on petabytes of data or to compute millions of user recommendations on amazon.
          • Did anyone else wonder what Do-Sing'ing was?
            I think I need some more coffee.

            • by b4dc0d3r (1268512)

              BlurryEyed, meet Solfege [wikipedia.org]. Solfege, may I introduce BlurryEyed. He'll shake your hand once he's had his morning dose of crack to get moving this afternoon.

    • by Gudeldar (705128) on Tuesday March 23, 2010 @09:56AM (#31582930)
      I can't even figure out how they got to 230 countries. The UN has 192 members, Wikipedia lists 203 de jure and de facto states.
    • I tend to agree that many glamorize the evidence they have to help construe certain facts about botnets and what not.
      If we had a real number based on fingerprinting scheme, sort of like each one logged on marks itself in some way on a global scale, to then be able to document stats from, i am sure at any one time you will never have more then xxx active infected pcs....seeing as there is also timezones to consider and also when the control centers are temp. shot down either on purpose (to avoid detection) o

    • Re: (Score:2, Informative)

      by JoshuaJ (1757248)
      Ha! I think I found where they got at least some of these numbers: confickerworkinggroup.org. To quote the source: "it is with a lot of trepidation that we even show any values for conficker knowing that they will most likely be taken out of context and quoted by many." Oh well. They show conficker traffic hitting their honeypots from about 6.2 million unique IPs in 225 geographic areas (presumably based on ccTLDs, which use a liberal definition of "country") -- interestingly close to the stats quoted.
    • by kextyn (961845)
      While a lot of Americans are limited to less than 4Mbps upload there are plenty of people in other countries (and even a lot in the US) who have faster connections. I personally have a 100Mbps (up and down) connection in Japan. I have seen above 90Mbps both ways in real world tests to an FTP server...in the US. A lot of European countries have higher speeds and anyone on FiOS would have decent speeds at least. I'm sure they're also including bandwidth from servers which are infected and have access to h
    • by beh (4759) *

      Yeah, thought about that, too - even if they can provide vast amounts of CPUs and stuff, and even have the knowledge of how to get to results, what would make a customer believe, that people who break into PCs might not also steal the customers data/results, too - and sell them on for even more profit...?

    • by sopssa (1498795)

      It's perfectly valid to difference cloud based hosting and dedicated servers and so on. It's just an issue when some companies do it badly or customers don't understand what it really is. After all, it's just a network of servers who work on-demand. In addition it should offer backups and such, but these are always just per-contract service details and shouldn't be assumed.

      Wikipedia has a good diagram [wikipedia.org] on why "cloud computing" term makes sense. I really can't think of any better one.

      In some cases it makes se

      • by Glonoinha (587375) on Tuesday March 23, 2010 @10:13AM (#31583182) Journal

        Regarding whether it's better to host in the cloud or buy your own environment - I often ask when designing a software solution to process a given business requirement 'Does this need to be repeatable (forever, using different datasets) or is this a one time run?' If they only want the answers to a problem once against a single data set, I can crank out a one-pass solution with about 1/10th the time (and effort, and cost) that it would take me to engineer a long term solution that I can hand over to their business users to use forever using different data sets.

        I would take the same stance on something applicable to cloud computing. If you only need the results from a small limited set of runs or you will only run it a very small portion of the time, it makes sense to lease someone else's environment. If you are going to need this solution as part of your day to day business and it runs wide open 24x7 - it's probably more cost effective to procure your own environment.

        Need a massive render farm to do a proof of concept showing a four minute preview of Toy Story 4? Cloud computing.
        Need a massive render farm to actually generate every CGI frame for every movie Disney or Lucas is going to produce the next four years? Buy your own environment.

        • Need a massive render farm to do a proof of concept showing a four minute preview of Toy Story 4? Cloud computing.
          Need a massive render farm to actually generate every CGI frame for every movie Disney or Lucas is going to produce the next four years? Buy your own environment.

          You seem to be comparing remote application hosting vs. in-house application hosting; cloud computing (dynamic server provisioning by divorcing logical instances from physical servers) is somewhat orthogonal to that. While certainly its

  • How long before... (Score:4, Interesting)

    by Lord Lode (1290856) on Tuesday March 23, 2010 @09:47AM (#31582800)

    How long before these botnets are so big and complex that they become similar in structure to the human brain and start thinking on their own?

    • by Anonymous Coward on Tuesday March 23, 2010 @09:48AM (#31582822)

      Seeing some troll comments here, I wonder whether they (the botnets) already do - and post to slashdot... ;-)

      • by Galestar (1473827)
        Or maybe they are modding down any post that speak of their intelligence... IN B4 BOTNET CENSOR
    • Re: (Score:1, Troll)

      by dogfolife69 (1005455)
      dude... your killing my secret plan here, i have been working on joining different botnets together using AI technology, and the more botnets are connected, the more powerful they get
      • by Galestar (1473827)
        <ManiacalAlien> They'll make bigger botnets and bigger networks, and soon, they will make a botnet on a network so big, it will destroy them all!</ManiacalAlien>
    • Re: (Score:2, Funny)

      by Anonymous Coward

      > How long before these botnets are so big and complex that they become similar in structure to the human brain and start thinking on their own?

      Now? [theonion.com]

    • by rolfwind (528248)

      Wouldn't that question apply to the Internet in general?

    • at 2:14 am Eastern Time on August 29th, 1997

    • by wvmarle (1070040)

      Interesting and funny at the same time. And after all the funny replies let me give you a serious one.

      Botnets as we know them will never become anything like a neural network (let alone self-aware) simply because the nodes do not communicate with each other, but only receive commands from a central server. And all that inter-node communication is necessary for a neural network.

  • by Pegasus (13291) on Tuesday March 23, 2010 @09:48AM (#31582820) Homepage

    I'm impressed how while academia is all high on grids, billable cpu time, fault tolerant and robust distributed computing, in place live upgrades, all that is already in natural evolutional development out there in the wild. I'm sure that the botnet uptime numbers they get are much higher that any commercially available cloud, while running on household PCs with household broadband connectivity.

    I think it's time to embrace the true nature of wild wild web. Where can I rent this botnet legally?

    • by Cragen (697038)
      Yet, they are not paying a penny for their access, right? (Or rather, the poor schmucks whose pcs they have pwned are the ones paying.) Wild, wild, and stolen web, I believe.
    • Re: (Score:3, Interesting)

      by WillAdams (45638)

      I believe you want access to systems running xGrid:

      http://www.macresearch.org/openmacgrid [macresearch.org]

      William

    • Re: (Score:3, Interesting)

      by bunratty (545641)

      Where can I rent this botnet legally?

      BOINC [berkeley.edu] is an academic platform to do exactly what you describe.

    • Re: (Score:3, Interesting)

      by theIsovist (1348209)

      Where can I rent this botnet legally?

      you can't because the botnets are created illegally. There are "botnets" created for scientific use, such as folding@home, but these do not spread on their own and are completely opt in (and, more importantly, opt out). Perhaps someone should create an opt in cloud system where users who provide cpu power are given a cut of the profit from the distributed super computer use. Perhaps someone already has, as I'm not an expert on these things. I would doubt that the income from this would offset the incre

    • Easy, my new friend.
      Please post here your social security number, bank account and credit cards details plus all logins and passwords and you'll be part of our network in no time!!!

  • ... with their 0-day exploitable Windows installations.
  • interesting... (Score:3, Interesting)

    by Anonymous Coward on Tuesday March 23, 2010 @09:51AM (#31582864)

    So it's actually Windows which is good at distributed computing...

  • How about a comparison to say folding@home or other distributed projects? http://en.wikipedia.org/wiki/List_of_distributed_computing_projects [wikipedia.org]
  • by GPLDAN (732269) on Tuesday March 23, 2010 @10:01AM (#31582996)
    Rustok was a real piss cock
    Who was very rarely stable.

    Cutwail, Cutwail was a woozy beggar
    Who could dos you under the table.

    Bobax aka Kraken could out-consume
    Nagle!

    And Maazben was a leery swine
    Who was just as poorly coded as Bagle!

    There's nothing Grum couldn't teach ya
    'Bout the razing of the kernel.
    Mega-D, itself, was permanently pissed.

    Festi-ville, of its own free will,
    On half a gig of pipe was particularly ill.

    Xarvester, they say, could stick it away--
    Half a dozen XP machine every day.

    Donbot, Donbot was a bugger for the lot.
    Conficker was fond of its spam,

    And Gregory King was a drunk on bling.
    'I spam, therefore I am.'

    Yes, ZeuS, itself, is particularly missed,
    A lovely little thinker,
    But a bugger when it's pissed!




    -- Apologies in advance to the Pythons
    • You damn well should be sorry. That is some of the worse timing I've ever seen!

      That sixth line should have six syllables! SIX! You chop it down to two, leaving a gap of FOUR syllables! That's a whole bar of rests!

      I'm sorry, GPLDAN, but it's a No from me. Simon?
      • by GPLDAN (732269)
        I.... I..... didn't show enough voice and wasn't unique enough, but you know.... that's okay... because I know who I am and I know the Lord.... he will never keep me down... I will just keep on keepin' on, ya know?
  • by houghi (78078) on Tuesday March 23, 2010 @10:06AM (#31583072)

    Google will have availability of those 100% of the day and 100% of processor. The bot while impressive in numbers won't. People turn of their computers. Many for most of the day. And many of the cycles will still be used not for the Botnet, but for playing games and other things people do on their PC.

    • by TubeSteak (669689)

      Google will have availability of those 100% of the day and 100% of processor. The bot while impressive in numbers won't. People turn of their computers. Many for most of the day. And many of the cycles will still be used not for the Botnet, but for playing games and other things people do on their PC.

      If you have a 6.4 million strong botnet, you can run anything Google wants on 10 different computers and still have 1.4 million hosts leftover.
      (6.4 M - (500K * 10))

      Do you think 10 distributed computers can give you uptime & processor power equal to Google's?
      (I personally think the bandwidth claims are a load of crap, since the upload is what matters)

  • by Arancaytar (966377) <arancaytar.ilyaran@gmail.com> on Tuesday March 23, 2010 @10:08AM (#31583104) Homepage

    The fact is that most Windows users firstly don't care what runs on their computer, and secondly don't use even a non-negligible fraction their computer's power.

    Suggestions have been made, by frustrated sysadmins, for a "destructive" counter-virus, a large-scale attack that cripples botnets by destroying infected computers. That's not only morally wrong but also just impractical - the average computer user just buys a new computer, and all the virus does is destroy property to satisfy lust for vengeance. Value is lost.

    A more practical idea may be to re-purpose this vast resource of free computing power and put it to better use than churning out advertisements. A botnet worm could instead hook these computers up to a grid computing project like Folding or SETI, or distributed file transfer, cloud storage, providing uncensored communication to authoritarian countries. The worm could at the same time inoculate computers against more damaging viruses and botnets. The user gets free protection instead of the overpriced crud by McAfee & co; the world gets free computing infrastructure, the internet gets less spam. Everybody gains value.

    It would be like a very lenient security tax - for letting their computers pose a risk to the network at large, users donate a share of their computing power/bandwidth for the good of society, at no real cost to themselves.

    (And yes, the obvious ethical dilemma here is whether it is morally wrong to manipulate a person's property without their knowledge or consent, even to their own benefit. This suggestion takes a strict utilitarian perspective, which doesn't always lead to the best option.)

    • by dargaud (518470)

      Suggestions have been made, by frustrated sysadmins, for a "destructive" counter-virus, a large-scale attack that cripples botnets by destroying infected computers. That's not only morally wrong but also just impractical - the average computer user just buys a new computer, and all the virus does is destroy property to satisfy lust for vengeance. Value is lost.

      Your argument sounds wrong and trite. If Billy-Bob's computer gets knocked out by a well-placed grey-hat command, for instance a MBR format, he will then either: go buy a new computer (with a more recent and hopefully less hole-ridden version of Windows on it). It may not be very ecological, but it's a WIN against the botnet. Or he'll get his brother in law to reinstall on his old hardware, hopefully better this time. His precious collection of prOn is not lost in either case so I really don't see the argum

    • Re: (Score:1, Flamebait)

      by flappinbooger (574405)
      I could foresee that happening on a national level some day.

      When you get your computer with windows 12 on it you automatically are a part of the ISA Net. ISA Net is the Information Safety Administration Network, and it is a vast command and control network providing constant real-time analysis of your computer for security purposes. Constant registry and system file monitoring. Once a threat is found on one if the ISA Net computers the signature is instantly propagated throughout the network, instantl
      • Flamebait??!?! **I'm** not the one saying linux is cobbled together and archaic, I'm saying what THE MAN will be saying via the propaganda machine when they actually DO this. Come on, you can surely see how something like this is a little more than just possible.

        Linux IS NOT cobbled together and archaic. This is windows 12 timeframe, probably about 10-15 years from now assuming 2-3 years between releases. IF there is federally mandated OS usage and "botnet" participation they will do whatever kind of
    • by shentino (1139071)

      Kinda sucks when the bad guys get away with cheating.

    • The fact is that most Windows users firstly don't care what runs on their computer, and secondly don't use even a non-negligible fraction their computer's power.

      What a moronic statement. Where exactly did you pull this "fact" from? A common side-effect of malware infection is noticeably slow system performance, and I can assure you that users do care when their computers are sluggish to respond. If Windows users didn't care what ran on their computers, there would not be a huge worldwide market for antivirus software.

      As for Windows users not using a "non-negligible" fraction of their computers power, that's equally moronic. Are you suggesting that, (as a Linux user

  • by miffo.swe (547642) <daniel,hedblom&gmail,com> on Tuesday March 23, 2010 @10:09AM (#31583120) Homepage Journal

    Does the fact that 100% of these machines run Windows XP/Vista/7 mean that Microsoft is the biggest supplier of Cloud OS computing software (if you disregard the small patches from the botnet owners)?

  • Not only does massive damage, affect the entire world climate, and those living around them mutates in so strange ways, that the only solution is reform... i mean, euthanasia.
  • when all we could do was imagine quaint toothless beowulf clusters of something

  • Hey You... (Score:2, Funny)

    by trurl7 (663880)

    ..get off of my cloud!

  • Imagine a beowulf cluster of these...
  • Not sure how effective this really is, but it makes sense.

    http://www.confickerworkinggroup.org/infection_test/cfeyechart.html [confickerw...ggroup.org]

  • I might be offending some people. But botnets are not made by users who are technically proficent. Sometimes I find it interesting that you find Linux imperviuos to this threat... You would have to defend Linux like any other system... Just because, well most often than not it exploits the user. Not the os. I am a user like no other. I use Windows 7 and many microsoft os:es. And I can never think of any time in my 25 years of using a computer I really caught a virus... Finally after 10:s of years I got a
    • I can remember once in the last 20 years that I had an honest-to-goodness virus on one of my computers. This was back in the DOS days, and I got it while pirating Novell Netware Lite.

      To this day, I still keep some form of on-access anti-virus program running when using Windows, just in case.

      That and, as someone else mentioned earlier, I rarely use all of my computer's processing power, so I can afford the slight performance hit an on-access scanner takes.

  • Conficker controls 6.4 million computer systems in 230 countries

    Are there even 230 countries in the entire world?

  • Maybe computer systems include virtual servers. And virtual servers are usually run on computers with multiple CPUs with high bandwidth.

In any formula, constants (especially those obtained from handbooks) are to be treated as variables.

Working...