Feeds

Readers battle botnets for control of planet Earth

Apocalypse Now

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Letters The focus of today's letters is botnets: the threat they represent to the future happiness of our children, and how they can, and must, be stopped. The following pretty well represents a cross section of opinion on the matter, starting with your thoughts on the cunning "let's block port 25" plan:

>(1 - Many ISPs now block port 25, which is an excellent trend).

Take away peoples' car keys and there won't be any more road deaths.

A solution that penalises legitimate needs of some users and in particular many SMEs with their own servers is one that should not be condoned by someone with 20 years network/security experience. Education is the best, if not only, answer but in the real world this is not going to happen.

I'm no security expert so I'm not going to profer a solution, I'll leave that up to you lot, just come up with a sensible one.

Kind regards, Chris Winpenny


Your "Stop the bots" article mentions something I find somewhat peculiar. You say "(1 - Many ISPs now block port 25, which is an excellent trend)". Is this such an excellent trend? I understand, and agree with, your point of view -- that by blocking port 25, these botnets cannot send out mail. The trouble is that there is no way to determine if an SMTP connection is to your appropriate SMTP server, which will send the message for you, or whether the connection is a direct connection to the recipient's SMTP server.

I have nine email accounts covering four domains. Only one of those accounts is the account I have with my ISP. If my ISP blocked port 25, I could not send my outgoing mail through the appropriate server for the remaining eight accounts; it would all have to go through my ISP's server. This causes two problems. First, some ISPs do not relay mail, period. If the "From:" address is not the address associate with your account at that ISP, they will not send the message (Verizon used to be this way; I don't know if they still are). The bigger problem, however, is with SPF records. No one in their right mind would add their ISP's SMTP servers as trusted servers for their domain. So any receiving server enforcing SPF records would reject the messages because they didn't come from the sending domain's trusted servers.

You may then say "Well, host your own mail server". But the problem would remain because the ISP would then be blocking port 25 traffic from the mail server instead of from my workstation. I agree that spam is a big problem that we need to do something about (I guess Bill Gates was wrong about eliminating spam within two years, eh?), but I think blocking port 25 is the wrong way to do it.

Chris


Food for thought there on the port 25 ruse. Now, where does Microsoft fit into all of this?

"...If you found some Trojan bot software on your parents' computer, stealing their credit card information and distributing viruses, would you just wipe the computer, reinstall, and leave it at that? Has it become your problem yet? Would you analyse the botnet, log in yourself as a bot and see if you can disable its command and control centre? Is there any point in helping thousands of people along the way?..."

Wrong questions. What you SHOULD be asking is why does my government allow a company like Microsoft to sell shitware to 95% of the population that allows such infections BY DESIGN? Why is my Grandmother expected to be a computer engineer and expert in root-kits/spyware/virus infection vectors just to detect/remove all the bad stuff that self-installs on her computer? Why do I have to load down my CPU with all manor of extraneous bandaid software called anti-virus/spyware/firewall/etc just to be able to even run it for more than a few days on the Internet?

And don't even try to come back with all the bs about keeping the computer software updated, be careful, etc... the standard updated Windows box is still a sitting duck for break-ins, it doesn't matter what the operator does. Windows boxes have broken security BY DESIGN... why are they even legal to sell?

I got your 'BOTS' hangin dude.

Tony


Aaron has a couple of points to make regarding the statement "...In another 15 years, they [bots] might be ready" (to subjugate humanity, etc, etc):

Bloody hell! How about a little rationality? A little sanity? A little less drawing strained and silly comparisons to an enjoyable but not exactly prescient sci-fi flick? A little more something worth the time of Reg readers?

To be entirely fair, some small portions of the article is actually worth reading -- the bits in the middle, where it talks about botnets and how to go about investigating and potentially disabling them -- those bits are worthwhile, although I think it might not be a bad idea to mention that pissing off people with botnets can lead to some pretty unpleasant consequences (massive DDoS anyone?)

Going wild about Skynet and distributed AI intelligence launching all the nukes and destroying humanity to replace it with a sterile, cold nuclear-winter vision of chrome steel in completely unnecessary and impractical bipedal-humanoid form, grinning metal skulls and plasma rifles and all, well -- if Mr Martin takes all that crap seriously, he should probably get out into the bright sunlight a little more, and if he doesn't then he should probably check the calendar again because I think he missed that April 1 was almost a month ago.

And, while I'm on the subject --

"What interested me most about this SciFi classic was how real and plausible this future could be, understanding the dark side of human nature that creates evil and some people's inherent need to cause harm."

Mr Martin needs to watch the movie again. In the movie(s), Skynet was a human creation, designed to automate the entire US military and defense systems, and it became conscious and went batshit on its own -- there was no human agency of evil involved. In fact, there was only questionably any evil at all, considering that Skynet destroyed humanity as the most probable threat to its (Skynet's) continued survival -- it's more of a moralistic 'man should not tread in god's domain' kind of story with guns and shiny robots.

Speaking of man, god, and shiny robots, I'd go on to add that humans didn't create the Terminator robots; that was Skynet's doing, because the HKs (robot tanks and airplanes with big guns) weren't efficient enough at killing humans. Skynet figured it'd have better luck if it had something which could impersonate humans well enough to get into their caves and hideaways, at which point the shooting would start. Now, granted, I might sound like a sad bastard knowing all this, but it's made perfectly clear in the first Terminator movie, which in a lot of ways is the best of the lot -- and if Mr Martin's never seen it, then he needs to toddle back over to the VCR and spend a couple of hours learning what he's talking about.

Whatta bloody moron. It doesn't help him make his point any, either; without all the incompetent sci-fi wibblage, I'd have taken his article a lot more seriously. (To be fair, I wouldn't have laughed nearly as much, but that's what the BOFH is for.)

Blimey. That set us straight, and no messing.


To conclude the botnet round-up, we're always happy to bring a little cheers into our readers' lives:

I'm sorry, but I had to laugh when I saw this in your article about botnets:

"Most readers would have the ability to read the logs, find the attack attempt, download the script themselves, and see how it works."

What can one say to that except HAHAHAHAHAHAAAAR?!

Most people in my department, which is tech support, wouldn't even be able to tell you how to change the default mail program, and they all read El Reg.

On the other hand, thanks for the laugh. I was still blowing Pepsi out of my nose an hour later...

Paul

Readers should note that this email was not sponsored by Pepsi. See the end of these letters for the reason we are making this disclaimer.


Right, let's have another rantette, what with it being Friday and all.

The US Supreme Court has refused to hear the appeal of Reverend Jerry Falwell against an Appeals Court ruling that allowed a gay rights activists to continue operating a site about the television evangelist under the domain name fallwell.com:

It's heartening to see that bigot Falwell get slapped down by the justice system!

Bullying, free-speech hating, neo-conservative, so called Christians (what, exactly, is Christian about being a judgemental f**ktard anyway?) need to be firmly put in their place before they have a chance to destroy this country entirely.

We're hated by half the world and laughed at by most of the rest, in large part thanks to idiots like Falwell, so I have a lot of respect for folks who speak out against them and hopefully remind the world that not everyone in the USA is a fundamentalist moron.

Paul Glover

You don't rate the bloke much then?


Moving on to matters linguistic, the UK's ASA has ruled that the umlaut in Möben doesn't make the furniture outfit sound Germanic. Ahem...

This isn't a dig at your report, but a dig at the ASA.

Artistic device, my ass. Möben, or moeben (for that is how I shall write their name if I can't find the umlaut on my keyboard) is desperately trying to sound German. An umlaut as an artistic device only serves to create a Germanic feel - that's what the "artistic device" is trying to achieve.

The German word for furniture is "möbel", in the plural it becomes "möbeln".

Sounds and looks uncannily similar to "möben", doesn't it? It's as if someone wanted to create a german sounding name that suggested German furniture company.

I had assumed that they're a German company: that makes me both stupid and gullible. It would be hard to think of a better trademarkeable name for a German furniture company!

I do sort of see where the ASA are coming from, but the sheer balls of Moeben for saying that they're not trying to appear German is almost as good as SCO saying that they have evidence of literal copying of their code into Linux.

Cheers, Nick.


My favourite example of this sort of caper is the completely American-founded and -owned Haagen-Dazs...

Chris

Ah yes, you have to admire Ben and Jerry's for wearing their roots on their sleeve. No mistaking them for a couple of München cream worriers.


Sounds like the evolution of the Heavy Metal Umlaut? http://en.wikipedia.org/wiki/Heavy-metal_umlaut

James

Indeed, as the cited Wiki piece notes: "It is a form of marketing that invokes stereotypes of boldness and strength commonly attributed to peoples such as the Vikings." Hence the Möben umlaut ploy: "Yeah, hello love, this is Möben Basingstoke here. We're going to come round tomorrow at three and cremate your husband on top of his Löngböat kitchen, if it's convenient."


Some company somewhere in Wales has decided to lay cables in sewers. That's fibre optic cables, by the way:

Presumably, you're talking about storm sewers, and not sanitary sewers. You might clarify that.

Brand Hilton

Erm, not sure - but we reckon it really is the sanitary sewers...


This idea was used in Paris some years ago and was such a success that the sewer company sold off its sewerage business and went into dark fibre MAN's instead. Should give a whole new meaning to the internet being variably; full of shit, swimming in filth or stooping to new depths.

grahame


Fibre optic networks in the sewers - is that a case of the Sun shining *into* your arse for a change?

Jay


Sounds like a shit-hot idea

Keith McMahon


Nearly missed this one lads: "Thames Water has also allowed its sewers in London to be used to lay cables."

It didn't really matter if there was an IT angle on this one did it?

-Andrew

Not really. We reserve the right to completely ignore the lack of IT angle in any story if we believe it's in the public interest to publish.


Kev Warwick, eh? The good prof, aka Captain Cyborg, recently hooked up with a Dalek:

Lester, you've got it completely the wrong way round. You write of "Warwick's Dalek slave" -- but Warwick is, in fact, the Dalek's slave, controlled through the RFID chip that Warwick was foolish enough to implant.

Sadly (or, from the human perspective, not), this demonstrates alien stupidity in ways that a long and dishonourable history of administring rectal examinations to straw-chewing hicks, and of incompetent bovine vivisections, could never hope to rival.

The chances of Kevin Warwick either doing any significant damage to humanity, or being accepted as an ambassador for anything other than pointless self-mutilation, are ... not good.


"The remote-control alien will be accompanied by Professor Kevin Warwick, Professor of Cybernetics at Reading University" is clearly in the same sense as "the queen will be accompanied by her favourite corgi" ---

it will obviously be the Dalek which controls cpt. Cyborg. As per usual. If you doubt this, I challenge anybody to point me to any trait the beloved captain has exhibited, which would be too complex for a Dalek's logical circuitry?

Michel


An opportunity missed. As any fule kno, the Daleks are manic xenophobes who can always be relied upon to turn upon their unwitting allies "at the death", so to speak. By unmasking their dastardly alliance, you have merely served to save Professor Cyborg from at least one of the following: Being showered in something that looks suspiciously like shaving foam, but obviously isn't as it's fatal. Being illustrated in alternately positive and negative film footage causing death. Being shot [does happen, even with Daleks - I can describe the series when this happened although I cannot name it, nor do I care whether you or one of your mates down the pub can before you ask]. Being subjected to miscellaneous Quantel effects, considered trendy at the time by the more discerning Dalek, causing death. Being surmounted in wavy bright lines that are, apparently, fatal.

The cry of "Exterminate" is common to all the above as Daleks have much in common with the English and are, therefore, traditionalists.

This is by no means an exhaustive list as even I'm not that sad, although I am disappointed at the missed opportunity to study exactly what technique the Daleks have devised for disposing of redundant pawns these days.

Tim

PS: If anybody's got the recording of 20,000 Dalek supporters chanting "Two intergalactic wars and one world cup" as their first XI beat Germany 3-1 in the 2197 World Cup Final I'd like a copy please.

Yes, we'd pay good money for that, too.


Re: Kevin Warwick.

He's not the cyber-messiah, he's a very naughty bot!

:-)

cheers, DaveK

Oh dear, oh dear.


A California woman has decided to knock up a house from bits of old 747. An interesting idea...

She's quite a brave one to take one for the team, since aluminum dust is toxic:

http://www.atsdr.cdc.gov/tfacts22.html

Also, one hopes other American Indians "Using the whole buffalo" aren't trying to do so in her watershed, especially since acid rain will wash aluminum into the soil and attack plants' root systems.

Brian Bush


This has, of course, been done before. I refer to Neal Stephenson's excellent novel, Cryptonomicon, in which Randy's gaming nerd friend Chester builds a house with the entire remains of a crashed TWA 747 suspended from the glass ceiling. In this case, Chester reports, "the FAA and NTSB were surprisingly cool about it."

Chester also possesses an "espresso machine that looks like a scale model of an oil refinery" but sadly no make or model number are quoted.

Steve Oram

Yes, a shame that.


Jumbo Jet wings reused for residential roofing... Do you see anything wrong with that?

Think 'high winds'. Think perfect aerofoil. Think several hundred thousand pounds of lift. Think roof flying away.

-Jeffy

Stuff the flying car, where's my flying house?


A quick correction re: pythons as delivered to a Scottish family with a shiny new telly:

I feel compelled to comment on the article regarding the snake in the television because it contains an obvious and very common fallacy regarding snakes.

The vast majority of non-venemous snakes (which includes the one mentioned in the article) do NOT have fangs. They have itty bitty teeth which they obviously use to aid them in swallowing prey.

The correct term for what the snake did is called a "threat gape". The purpose of which is to make the snake appear as threatening as possible and hopefully scare away whatever creature had scared it in the first place. Which, according to the article, it had admirably succeeded in doing.

The absolute LAST thing a snake will want to do if it has any choice in the matter, is strike. Especially a poor little 10 incher, which at that size, would be lucky if it managed to even break skin on a successful strike.

Imagine yourself dumped out of your happy home, in front of four giants who out-mass you by several orders of magnitude. I'm sure the first and only thing on YOUR mind would be to do whatever you possibly can to make sure they leave you alone.

We now return you to our regularly scheduled program of silly British antics. :)

Ilsa

Agreed,...


... so here's a Paris Hilton quickie:

PARIS HILTON IS NOT AN "amateur pornstar".

Please don't use this in your articles. It is false. She did not take part in the release of the tape.

Thanks

Enkil

To be fair, we did also describe Ms Hilton as "multi-talented", and have in the past described her as "highly talented", Mind you, we've also accused her of flaunting herself like a two-bit hussy, which is a little unfair since she is only an amateur pornstar and, as you point out, did not take part in the release of the tape.


Before putting a stop to this madness, let's have the latest gripe on an old theme:

I was wondering when did Microsoft buy The Register it seems very odd to see any advertisers name on same level as the sites so I assume they bought you oh well see ya round hope you understand I dislike Microsoft and won't read an MS fan site, or an intel fan site or an oracle fan site you used to tell the truth now I know you can't be trusted.

Alan Donaly

We reckon Alan is moaning about our InfoSec section, sponsored by Microsoft and duly branded in lovely Redmond sky blue.

Well, it pays the bills, which is more than you lot do, coming down here every day, getting your top-notch IT news for nothing, banging on about sponsorship deals, etc, etc.

We're reminded by this letter of the mail we got years back when we sold El Reg to Microsoft. The deal was concluded on 1 April, but we still have sleepness nights thinking about those abusive emails... ®

Top three mobile application threats

More from The Register

next story
Och aye! It's the Loch Ness Monster – but only Apple fanbois can see it
Fondleslab-friendly beastie's wake spotted... OR WAS IT?
Spanish village called 'Kill the Jews' mulls rebranding exercise
Not exactly attractive to the Israeli tourist demographic
Sleuths find nosy NORKS drones on the Chinternet
UAVs likely to have been made in the Middle Kingdom
Oz bank in comedy Heartbleed blog FAIL
Bank: 'We are now safely patched.' Customers: 'You were using OpenSSL?'
Dorian Nakamoto gets $23,000 payout over Bitcoin invention saga
Maintains he didn't create cryptocurrency, but will join community
Japanese boffin EYES up big bucks with strap-on digi-glasses
AgencyGlass saddles user with creepy OLED display
Forget the beach 'n' boardwalk, check out the Santa Cruz STEVE JOBS FOUNTAIN
Reg reader snaps shot of touching tribute to Apple icon
Happy 40th Playmobil: Reg looks back at small, rude world of our favourite tiny toys
Little men straddle LOHAN, attend tiny G20 Summit... ah, sweet memories...
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.