Ed Felten has yet another interesting post Why So Little Attention to Botnets? in his blog Freedom to Tinker.
Ed does a good job explaining what a botnet is:
‘In this context, a “bot†is a malicious software agent that gets installed on an unsuspecting user’s computer. Bots get onto computers by exploiting security flaws. Once there, they set up camp and wait unobtrusively for instructions. Bots work in groups, called “botnetsâ€, in which many thousands of bots (hundreds of thousands, sometimes) all over the Net work together at the instruction of a remote badguy.’
The post includes a link to Is the Botnet Battle Already Lost? by Ryan Naraine, that goes into more detail about what some people are doing to combat botnets.
This past weekend the University of Mary Washington hosted the 22nd annual conference of the Consortium of Computing Sciences in Colleges. Shari Pfleeger gave the keynote address,”Economics of Cyber Security.†Her comments made me more sensitive to Felten’s statement
“Bots exploit the classic economic externality of network security. A well-designed bot on your computer tries to stay out of your way, only attacking other people. An infection on your computer causes harm to others but not to you, so you have little incentive to prevent the harm.”
—
Today’s special is
” It takes a mighty good man to be better than no man at all” – Dixie Carter
2950
Comment:
Nice post on Felten.
Did I already point you to the podcast that my co-worker did with him
a couple months back? (It’s a podcast I produce.):
http://www.cigital.com/silverbullet/show-005/
… Ryan
—
Ryan A. MacMichael (www.laze.net)
{ 1 } Trackback
[…] about three years ago I posted Botnets that featured a link to Ed Felten’s article citing the lack of attention paid to botnets. […]
Post a Comment