Interesting People mailing list archives
Re: Comcast's "Evil Bot" Scanning Project (Lauren Weinstein)
From: Dave Farber <dave () farber net>
Date: Sat, 10 Oct 2009 18:55:40 -0400
Begin forwarded message:
From: "Livingood, Jason" <Jason_Livingood () cable comcast com> Date: October 10, 2009 18:39:10 EDT To: Dave Farber <dave () farber net>, ip <ip () v2 listbox com>, dpreed () reed comSubject: Re: [IP] Re: Comcast's "Evil Bot" Scanning Project (Lauren Weinstein)
I have a great deal of respect for David's achievements, his views and the fact that he and others may have concerns like these. However, I'd submit that they may not fully take into account the large (and growing) threatthat malware poses on the Internet (bot networks in particular). Botnetworks are **massive** criminal enterprises used not just for spamming, but also for identity theft, financial theft, DDoS attacks, and many other not-so-friendly things. I can tell you ISPs and many other organizations are getting more and more intelligent about how these networks function, andour customers expect us to do what we can to protect them.But after they have been infected with a bot, why would you **not** want someone with this information to advise the user? It would be like I was your neighbor and knew that not only had your home been burglarized, but theburglar still lived there in your basement unbeknownst to you, and wasrenting out one of the rooms to whatever random criminal wanted to use yourhome for a little while.This is an extraordinarily serious threat, it is one that the average userknows very little about, and it is a growing threat.As for the method of the notification this is an area we have said we want to learn more about in the trial, and we do not claim is perfect (no method is, nor anything else for that matter). See the following Internet Draft for some discussion of options -- and I hasten to add that it is only on -03revision and we still would like lots of feedback, comment and ideas: http://tools.ietf.org/html/draft-oreirdan-mody-bot-remediation-03. I also would like to note that the draft on the general system is athttp://tools.ietf.org/html/draft-livingood-web-notification-00 and you are correct that we do not disclose precisely all methods by which we learn about bot networks. As John Levine pointed out, this would quite easily permit bot net controllers to subvert a system that is years in development.Please see my other comments inline below. Regards JasonFrom: "David P. Reed" <dpreed () reed com> Date: October 9, 2009 9:53:40 PM EDT To: nnsquad () nnsquad orgSubject: [ NNSquad ] Re: Comcast's "Evil Bot" Scanning Project (LaurenWeinstein) I don't see where Comcast is being transparent about *how* they do this, or giving customers a chance to opt-in or -out.I fear that making good security optional is one of the reasons that got us here in the first place on the Internet. But once infected by a bot, it is not just the end user that suffers. They are then the launching pad for other malicious activity and can affect (and infect) many, many others.If I send a lot of email, why does that make me a "bot"? Maybe I justsend a lot of email.It is not about volume (this data point refers to mail relayed through ouroutbound SMTP servers).If the contents of my communications are being "scanned", why is that legal? Why does Comcast care?I might choose (if it were explained to me what was happening and whatthe risks are to my privacy or being accused of a crime or hauled off as a "suspected child pornographer" because I sent pictures of my naked child) to have this service, or not. But to be honest, in most markets, Comcast is the only real choice, and imposing their "features" on me might not be what I want, even ifthey "market" it as a *good thing*. If there were serious competition(multiple providers, and no special "franchise" deals with localgovernments that block new competitors, perhaps customers would have a choice. However, most do not have other choice for highspeed Internet,except Hobson's: "take that or nothing at all"). I'm really not impressed by these moves by Comcast. Livingood already sent out an email saying that they redirect DNS service to a service that sends certain names to hosts that do not have those names registered, but which will respond with advertising-only websites. This is not the way the Internet is designed to work.It'd be nice though if the Internet had better security, then these kinds of systems would not be needed, since malware, spam, and bot nets would notexist. ;-)Comcast supposedly cleaned up its act. Now it's backsliding - forcingsecret and invasive services on customers. On day one, they will "love it" (especially in the Comcast-authored press release).
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Re: Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) David Farber (Oct 10)
- <Possible follow-ups>
- Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) Dave Farber (Oct 10)
- Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) Dave Farber (Oct 10)
- Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) Dave Farber (Oct 10)
- Re: Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) Dave Farber (Oct 10)
- Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) David Farber (Oct 11)
- Re: Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) David Farber (Oct 11)
- Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) David Farber (Oct 11)
- Re: Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) David Farber (Oct 12)