Re: So, did the BBC cross the line?

[Gadi Evron <ge () linuxbox org>]

On Sat, 14 Mar 2009, Alex Eckelberry wrote:
> > * Alex Eckelberry:
> >
> > > But malware researchers routinely deal with botnets for analysis
> > > purposes.  It would be considered a high crime indeed to allow a
> > spambot
> > > to actually send spam to the outside world, even for "testing"
> > purposes.
> >
> > I think you've missed the peer-reviewed paper for an ACM conference
> > where the researchers did exactly that.  It's probably not even an
> > obscure group, I recognized the name of one of the coauthors (and I
> > usually can't remember names). 8-/
>
>
> Yes, I missed it.  Not sure if the point you're making is to exonerate
> the BBC or counter my argument.  But I'd love to see the document.
>
> At any rate, I think everyone agrees that it's unethical to play with a
> live botnet to send spam, even for research purposes (meaning, you're
> directing a user's computer to do something without their knowledge and
> assent, which is fundamentally a bad thing).

This story shouts at us "OH COME ON!!" the bad guys (CRIMINALS!) do much 
more any day. All these people did was raise awareness and create some 
traffic."

Well, yes. It shouts that at me as well. Thing is, even if they didn't 
break the law (which they did), they were simply too unaware of how this 
works to understand how this all works (...), and they did violate the 
privacy and safety of 20,000 hapless users.

Then they sent a lot of traffic through networks around the world, even if 
the eventual target was themselves.

We will never know if someone lost their documents because of them, or 
which of the computers they happened to pwn for a moment there was 
carrying CP or was DDoSing someone else as well.

We do know they made it look "OKAY". Which it isn't. Things are so easy 
with computers it takes us some time to realize when they might be wrong.

Personally, it took me years to "grow up" my online personality and 
ethics. Luckily I grew up around IRC family and help channels. A friend of 
mine, who is a much more serious person than I am, grew up around mp3 
sharing circles and he still speaks in kiddie when online and sees nothing 
wrong with disconnecting what happens online with real life.

> OTH, we've installed spam zombies on machines here in closed networks
> for the purpose of analyzing their behavior to design mitigation
> strategies.  The self-generated spam doesn't go anywhere but to another
> machine in our network. If that's the case with the ACM paper, I don't
> see anything wrong with that at all.
>
> Alex
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.