Re: Comcast's "Evil Bot" Scanning Project (Lauren Weinstein)

[Dave Farber <dave () farber net>]

Begin forwarded message:

> From: "Livingood, Jason" <Jason_Livingood () cable comcast com>
> Date: October 10, 2009 18:39:10 EDT
> To: Dave Farber <dave () farber net>, ip <ip () v2 listbox com>, dpreed () reed com
> Subject: Re: [IP] Re:    Comcast's "Evil Bot" Scanning Project  
> (Lauren Weinstein)

> I have a great deal of respect for David's achievements, his views  
> and the
> fact that he and others may have concerns like these.  However, I'd  
> submit
> that they may not fully take into account the large (and growing)  
> threat
> that malware poses on the Internet (bot networks in particular).  Bot
> networks are **massive** criminal enterprises used not just for  
> spamming,
> but also for identity theft, financial theft, DDoS attacks, and many  
> other
> not-so-friendly things.  I can tell you ISPs and many other  
> organizations
> are getting more and more intelligent about how these networks  
> function, and
> our customers expect us to do what we can to protect them.
>
> But after they have been infected with a bot, why would you **not**  
> want
> someone with this information to advise the user?  It would be like  
> I was
> your neighbor and knew that not only had your home been burglarized,  
> but the
> burglar still lived there in your basement unbeknownst to you, and was
> renting out one of the rooms to whatever random criminal wanted to  
> use your
> home for a little while.
>
> This is an extraordinarily serious threat, it is one that the  
> average user
> knows very little about, and it is a growing threat.
>
> As for the method of the notification this is an area we have said  
> we want
> to learn more about in the trial, and we do not claim is perfect (no  
> method
> is, nor anything else for that matter).  See the following Internet  
> Draft
> for some discussion of options -- and I hasten to add that it is  
> only on -03
> revision and we still would like lots of feedback, comment and ideas:
> http://tools.ietf.org/html/draft-oreirdan-mody-bot-remediation-03.
>
> I also would like to note that the draft on the general system is at
> http://tools.ietf.org/html/draft-livingood-web-notification-00 and  
> you are
> correct that we do not disclose precisely all methods by which we  
> learn
> about bot networks.  As John Levine pointed out, this would quite  
> easily
> permit bot net controllers to subvert a system that is years in  
> development.
>
> Please see my other comments inline below.
>
> Regards
> Jason
>
> > From: "David P. Reed" <dpreed () reed com>
> > Date: October 9, 2009 9:53:40 PM EDT
> > To: nnsquad () nnsquad org
> > Subject: [ NNSquad ] Re: Comcast's "Evil Bot" Scanning Project  
> > (Lauren
> > Weinstein)
> >
> > I don't see where Comcast is being transparent about *how* they do
> > this, or giving customers a chance to opt-in or -out.
>
> I fear that making good security optional is one of the reasons that  
> got us
> here in the first place on the Internet.  But once infected by a  
> bot, it is
> not just the end user that suffers.  They are then the launching pad  
> for
> other malicious activity and can affect (and infect) many, many  
> others.
>
> > If I send a lot of email, why does that make me a "bot"?  Maybe I  
> > just
> > send a lot of email.
>
> It is not about volume (this data point refers to mail relayed  
> through our
> outbound SMTP servers).
>
> > If the contents of my communications are being "scanned", why is that
> > legal?  Why does Comcast care?
> >
> > I might choose (if it were explained to me what was happening and  
> > what
> > the risks are to my privacy or being accused of a crime or hauled off
> > as a "suspected child pornographer" because I sent pictures of my
> > naked child) to have this service, or not.
> >
> > But to be honest, in most markets, Comcast is the only real choice,
> > and imposing their "features" on me might not be what I want, even if
> > they "market" it as a *good thing*.  If there were serious  
> > competition
> > (multiple providers, and no special "franchise" deals with local
> > governments that block new competitors, perhaps customers would  
> > have a
> > choice. However, most do not have other choice for highspeed  
> > Internet,
> > except Hobson's: "take that or nothing at all").
> >
> > I'm really not impressed by these moves by Comcast. Livingood already
> > sent out an email saying that they redirect DNS service to a service
> > that sends certain names to hosts that do not have those names
> > registered, but which will respond with advertising-only websites.
> >
> > This is not the way the Internet is designed to work.
>
> It'd be nice though if the Internet had better security, then these  
> kinds of
> systems would not be needed, since malware, spam, and bot nets would  
> not
> exist.  ;-)
>
> > Comcast supposedly cleaned up its act.  Now it's backsliding -  
> > forcing
> > secret and invasive services on customers.   On day one, they will
> > "love it" (especially in the Comcast-authored press release).



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com