Re: So, did the BBC cross the line?

["Alex Eckelberry" <AlexE () sunbelt-software com>]

> * Alex Eckelberry:
>
> > But malware researchers routinely deal with botnets for analysis
> > purposes.  It would be considered a high crime indeed to allow a
> spambot
> > to actually send spam to the outside world, even for "testing"
> purposes.
>
> I think you've missed the peer-reviewed paper for an ACM conference
> where the researchers did exactly that.  It's probably not even an
> obscure group, I recognized the name of one of the coauthors (and I
> usually can't remember names). 8-/


Yes, I missed it.  Not sure if the point you're making is to exonerate
the BBC or counter my argument.  But I'd love to see the document.  

At any rate, I think everyone agrees that it's unethical to play with a
live botnet to send spam, even for research purposes (meaning, you're
directing a user's computer to do something without their knowledge and
assent, which is fundamentally a bad thing). 

OTH, we've installed spam zombies on machines here in closed networks
for the purpose of analyzing their behavior to design mitigation
strategies.  The self-generated spam doesn't go anywhere but to another
machine in our network. If that's the case with the ACM paper, I don't
see anything wrong with that at all. 

Alex


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.