Feds To Remotely Uninstall Bot From Some PCs 211
CWmike writes "Federal authorities will remotely uninstall the Coreflood botnet Trojan from some infected Windows PCs over the next four weeks. Coreflood will be removed from infected computers only when the owners have been identified by the DOJ and they have submitted an authorization form to the FBI. The DOJ's plan to uninstall Coreflood is the latest step in a coordinated campaign to cripple the botnet, which controls more than 2 million compromised computers. The remote wipe move will require consent, and the action does come with warnings from the court that provided the injunction against the botnet, however. 'While the 'uninstall' command has been tested by the FBI and appears to work, it is nevertheless possible that the execution of the 'uninstall' command may produce unanticipated consequences, including damage to the infected computers,' the authorization form reads. FBI Special Agent Briana Neumiller said, 'The process does not affect any user files on an infected computer, nor does it ... access any data on the infected computer.' The DOJ and FBI did not say how many machines it has identified as candidates for its uninstall strategy, but told the judge that FBI field offices would be notifying affected people, companies and organizations."
Re:As much as I hate to say this (Score:2, Interesting)
Or maybe Microsoft software is what got these users into this mess, so someone else should fix it and Microsoft should just foot the bill.
Re:The remote wipe move will require consent (Score:5, Interesting)
As much as I would love the Feds to just run a complete vulnerability scan of the US (not unlike the Internet Auditing Project) and then remotely uninstall every instance without telling a damn person (if the virus doesn't de-install cleanly, that's a bug in the virus so go sue the authors), I get the impression there'd be a few complaints. In part, because the Feds have shown themselves to be ethically-challenged from time to time.
If you want - really, truly want - bots and spyware to be gone forever, it's going to take a Federal agency vulnerability scanning your machine and installing nagware when your machine is shown as both infected and insecure. (Insecure alone might just be a honeypot, it doesn't prove there's a real vulnerability present.)
Nobody is going to trust an agency to do this. Doesn't matter if that's just or unjust, the only just that matters is that it's just not going to happen. In consequence, corporations will fail to secure products, users will fail to secure their machines and the problem will miraculously fail to vanish all on its own. Things won't change without pressure and the only sources of pressure big enough won't and/or can't.
Re:A far more effective solution... (Score:5, Interesting)
Uninstall Windows.
Or don't uninstall Windows but make computer owners legally responsible for their computers in the same way they are legally responsible for a swimming pool. The resulting fines would either stop botnets entirely or eliminate the national deficit. In short, a tax on the stupid.
Disconnect from internet? (Score:5, Interesting)
Why cannot they just ask the ISP to disconnect infected computers from the network? It should be responsibility of each owner to connect with uninfected computer. The company responsible for this whole mess - Microsoft - will likely not be held accountable, but the users should. And when the OS they use start to be liability in their lives, then maybe they will choose based on that as well.
YACA: If someone installed randomly firing machine guns in the trunk of your car, I doubt FBI response would be a letter asking you if they could please uninstall those for you.