Language Selection

English French German Italian Portuguese Spanish

Feds to fight the zombies

Filed under
Security

The FTC and more than 30 of its counterparts abroad are planning to contact Internet service providers and urge them to pay more attention to what their customers are doing online. Among the requests: identifying customers with suspicious e-mailing patterns, quarantining those computers and offering help in cleaning the zombie code off the hapless PCs.

To be sure, computers infected by zombie programs and used to churn out spam are a real threat to the future of e-mail. One report by security firm Sophos found that compromised PCs are responsible for 40 percent of the world's spam--and that number seems to be heading up, not down.

But government pressure--even well-intentioned--on Internet providers to monitor their users raises some important questions.

Will ISPs merely count the number of outbound e-mail messages, or actually peruse the content of e-mail correspondence? E-mail eavesdropping is limited by the Electronic Communications Privacy Act in the United States, but what about other countries without such laws? If these steps don't stop zombie-bots, will the government come back with formal requirements instead of mere suggestions the next time around?

The FTC said that its advice should not be alarming. "I think our recommendations are intended to provide flexibility by ISPs to implement them to the extent they can," Markus Heyder, an FTC legal adviser, said on Friday. "We have vetted them extensively with other partners and industry members."

Heyder said the commission plans to send letters to ISPs outlining the suggested antispam steps: "This is intended to provide a range of possible measures that can be taken if appropriate."

The FTC also wants Internet providers to prevent e-mail from leaving their network unless it flows through their own internal servers. That makes spam zombies easier to catch. That technique is called blocking port 25, the port number used by the venerable Simple Mail Transport Protocol.

Full Story.

Again - the eyes should be on Microsoft

If Micorsoft would secure their operating system this crap wouldnt be happening.

I know

I know, I know what you mean. It's ridiculous what the internet environment has come to due to the insecurity of the microsoft operating systems. But place blame where due, they are only an enabler, the assholes responsible are the assholes responsible. You know what I mean? Just cuz I leave my front door unlocked don't mean it's okay for someone to come in and swipe my stereo.
----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security Leftovers

  • Someone is putting lots of work into hacking Github developers [Ed: Dan Goodin doesn't know that everything is under attack and cracking attempts just about all the time?]
    Open-source developers who use Github are in the cross-hairs of advanced malware that has steal passwords, download sensitive files, take screenshots, and self-destruct when necessary.
  • Security Orchestration and Incident Response
    Technology continues to advance, and this is all a changing target. Eventually, computers will become intelligent enough to replace people at real-time incident response. My guess, though, is that computers are not going to get there by collecting enough data to be certain. More likely, they'll develop the ability to exhibit understanding and operate in a world of uncertainty. That's a much harder goal. Yes, today, this is all science fiction. But it's not stupid science fiction, and it might become reality during the lifetimes of our children. Until then, we need people in the loop. Orchestration is a way to achieve that.

Leftover: Development (Linux)

  • Swan: Better Linux on Windows
    If you are a Linux user that has to use Windows — or even a Windows user that needs some Linux support — Cygwin has long been a great tool for getting things done. It provides a nearly complete Linux toolset. It also provides almost the entire Linux API, so that anything it doesn’t supply can probably be built from source. You can even write code on Windows, compile and test it and (usually) port it over to Linux painlessly.
  • Lint for Shell Scripters
    It used to be one of the joys of writing embedded software was never having to deploy shell scripts. But now with platforms like the Raspberry Pi becoming very common, Linux shell scripts can be a big part of a system–even the whole system, in some cases. How do you know your shell script is error-free before you deploy it? Of course, nothing can catch all errors, but you might try ShellCheck.
  • Android: Enabling mainline graphics
    Android uses the HWC API to communicate with graphics hardware. This API is not supported on the mainline Linux graphics stack, but by using drm_hwcomposer as a shim it now is. The HWC (Hardware Composer) API is used by SurfaceFlinger for compositing layers to the screen. The HWC abstracts objects such as overlays and 2D blitters and helps offload some work that would normally be done with OpenGL. SurfaceFlinger on the other hand accepts buffers from multiple sources, composites them, and sends them to the display.
  • Collabora's Devs Make Android's HWC API Work in Mainline Linux Graphics Stack
    Collabora's Mark Filion informs Softpedia today about the latest work done by various Collabora developers in collaboration with Google's ChromeOS team to enable mainline graphics on Android. The latest blog post published by Collabora's Robert Foss reveals the fact that both team managed to develop a shim called drm_hwcomposer, which should enable Android's HWC (Hardware Composer) API to communicate with the graphics hardware, including Android 7.0's version 2 HWC API.

today's howtos

Reports From and About Cloud Native Computing Foundation (CNCF)