Suspected Mariposa Botnet Creator Arrested 95
mehemiah writes "The writer of the Mariposa Botnet has been arrested through international effort. The FBI said this arrest and the arrests of three alleged operators in February were the result of a two-year joint investigation into the Mariposa Botnet, which may have infected as many as eight million to 12 million computers around the world."
satisfaction (Score:2, Insightful)
Two years? (Score:1, Insightful)
It took two years and a task force of how many, costing how much, to bring down three people? 8--12 million computers infected? That sure says a lot about the state of network security, and law enforcement's ineptitude for technology. We could give them supreme lord powers and allow summary executions and they'd still be behind because they just don't understand the technology.
Re:Two years? (Score:5, Insightful)
Re:Two years? (Score:5, Insightful)
You're an idiot.
The good guys do something good and you sit there and call them inept because they didn't do it in a timeframe you find acceptable? You think that they could just type in 'tracert' and show up at an address to arrest someone? How about congratulating them on bringing in a criminal instead of backseat quarterbacking.
D
Re:Jail time (Score:5, Insightful)
It's our odd modern sense of justice. We don't consider incarceration to be an effective deterrent or just punishment, but throw in a little jailhouse rape and suddenly everyone's appropriately scared or satisfied.
People are strange.
Re:Two years? (Score:5, Insightful)
It took two years and a task force of how many, costing how much, to bring down three people?
Much less than it would have cost to let them run amok.
That sure says a lot about the state of network security, and law enforcement's ineptitude for technology.
While it says a lot about the state of network security, the fact that 8 to 12 million people were infected with a virus they didn't know about says more about the computer literacy of the average individual. And, despite the fact that the botnet was millions of machines large, providing nearly impenetrable anonymity, law enforcement was still able to find the people behind the whole thing. That is actually one of the rare cases where law enforcement has proven they are not technically inept. Maybe this is a sign of better things to come.
Don't get me wrong. I share your cynicism in general about the state of the Internet and all of the security holes you could pilot a starship through, but I don't think that mocking law enforcement when they actually catch somebody is the way to go. The people behind this botnet were responsible for creating international tensions that could have led to violence. They stole credit cards and banking information with no care for who they were harming, all to fuel their own egotistical ambitions. These were not good people, or hacker heroes, or anything of the sort. Sorry, but I'm siding with the FBI on this one.
Well, thanks goodness... (Score:2, Insightful)
... that THAT didn't go on for too long and they got 'em in a timely manner - I mean if that had kept up, millions of machines could have been compromised! I say, good thing they had LOTS of people investigating so we could catch these crooks before the damage was done.
(Yes, for the impaired, that's sarcasm!)
Two years to track this down?! Give me a break...
Re:Jail time (Score:4, Insightful)
Oh ya, people will talk about how it would be deeply wrong to use rape as a punishment and then almost in the same breath talk about sending someone to federal "pound you in the ass" prison.
Re:If I was a criminal, I'd never get caught! (Score:3, Insightful)
n) watch as some of your infections destabalise critical systems and cause damage or deaths.
"Phone home with info to create the worlds largest DB of infections and update all other machines to prevent same infection"
How exactly would your network recognise a virus you didn't already know about?
that problem is in the same realm as the halting problem.
some botnets do in fact install cracked and patched AV systems to clean their competitors off the systems they infect.
Re:Two years? (Score:5, Insightful)
Just curious, how would you have gone about finding them? You seem to imply you have a deep understanding of the technology involved.
If it were up to me, I'd harden the targets. Even if that meant making Microsoft financially liable under defective product laws for any losses incurred due to these botnets. The choice for Microsoft would be, stop selling Windows as a general consumer product touting claims of security and ease-of-use or face product liability for its insecurity. If they want to sell Windows as a product designed for skilled/competent users who understand the security issues it would be a different story, but then they'd lose the massive market they currently enjoy. Let them decide whether the product liability or the reduced market is more beneficial to their bottom line. This might have the side-effect of making Windows less of a monopoly, and thus less of a monoculture that allows one exploit to immediately impact millions of machines.
Either way the idea that Joe Sixpack can use an immensely complex system that he doesn't remotely understand and never expect a bad result is an illusion that needs to go. It leads to a parasitic situation where Microsoft profits from Windows and everyone else pays its costs above and beyond its price tag at the point of sale. This is unjust. Doing something about this would be good for everyone except maybe Microsoft, and for that I'd have to quote Spock about the needs of the many outweighing the needs of the few or the one. In the long term, serious pressure on Microsoft to improve Windows might even be beneficial to them as well.
So yes, hardening the targets is the approach I would take. When you have millions of systems with massive vulnerabilities I am not remotely surprised that someone somewhere is going to come along and exploit them. It's rather predictable. You can spend two years and a great deal of effort and expense to catch three of them, but during that two years how many more than three have committed similar crimes? It's a losing game so long as the supply of these criminals exceeds your ability to catch them. That's if your goal is to eliminate botnets. If you have a strong preference for some form of visceral satisfaction, then the current criminal justice approach would be more to your tastes.
It wasn't really my intention to make this a post about Microsoft, but how can you separate them from any sincere discussion about botnets? These million-plus-member botnets might have a great deal of diversity in terms of their function, their method of propagation, their purpose, and who is at the helm. They all have one thing in common: Windows. Targeted attacks by a skilled and determined human adversary are one thing. It's automated self-propagating write-once-exploit-everywhere script-kiddie bullshit for which there is no excuse. It is the latter and not the former that allows for millions of machines to become members of a botnet.
If you're a Microsoft fanboy, Windows is targeted because it's so popular. Because it's so popular and so thoroughly targeted, it needs to be one of the most security-hardened. Call it the price of success. If you're not a Microsoft fanboy, then Windows is targeted because it is inherently less secure. That makes it the squeaky wheel in need of some serious security oil. Either way, it's a pointless debate because what needs to be done about the situation is the same. Because they have such a wealth of resources and talent, I have full confidence that Microsoft could make a Windows secure enough to frustrate automated self-propagating attacks if they truly wanted to do it.
Re:Jail time (Score:5, Insightful)
Prison Rape isn't as common as the 'hope you get a cellmate who thinks you have a purty mouth' crowd assumes, but it certainly happens. It's also dumb for the guards or the whole system to allow. First, it's committed by the very violent types, and they don't pick victims because they secretly want to uphold the moral order and those victims are paedophiles or rapists on the outside, they pick them for vulnerability, which means they usually choose the persons with no physical, social or economic power first, not the ones society on the outside thinks are the 'most worthy'. The guy who committed rape on the outside is proven violent, and the cons will seek easier targets, like the kid whose only crime is dealing pot. Second, one way to avoid rape is to get with a gang and do other favors instead. The gangs all split totally along racial lines, all teach criminal methods to new members, and basically steer less violent criminals towards becoming more violent. Tolerating rape helps give gangs another recruitment tool, and empowers the most violent to think they can run the prisons, not the guards. Third, prison rape spreads AIDS, so now you have a growing pool of people who are going to be released in a few years, have become more and more violently inclined, are often hyperinsecure about their masculinity, and are HIV positive. Guards often have female family members too, or other women on the outside they care about. Priming someone to be a threat to them is a bad mistake. The Japanese run some very tough prisons, with almost no instances of rape because they take a prisoner thinking he can get away with more crimes while in prison as an automatic security threat.
Re:And in related news ... (Score:2, Insightful)
No doubt that post will be on your personal list of "Things I Wish I Hadn't Done Today."