Language Selection

English French German Italian Portuguese Spanish

Feds to fight the zombies

Filed under
Security

The FTC and more than 30 of its counterparts abroad are planning to contact Internet service providers and urge them to pay more attention to what their customers are doing online. Among the requests: identifying customers with suspicious e-mailing patterns, quarantining those computers and offering help in cleaning the zombie code off the hapless PCs.

To be sure, computers infected by zombie programs and used to churn out spam are a real threat to the future of e-mail. One report by security firm Sophos found that compromised PCs are responsible for 40 percent of the world's spam--and that number seems to be heading up, not down.

But government pressure--even well-intentioned--on Internet providers to monitor their users raises some important questions.

Will ISPs merely count the number of outbound e-mail messages, or actually peruse the content of e-mail correspondence? E-mail eavesdropping is limited by the Electronic Communications Privacy Act in the United States, but what about other countries without such laws? If these steps don't stop zombie-bots, will the government come back with formal requirements instead of mere suggestions the next time around?

The FTC said that its advice should not be alarming. "I think our recommendations are intended to provide flexibility by ISPs to implement them to the extent they can," Markus Heyder, an FTC legal adviser, said on Friday. "We have vetted them extensively with other partners and industry members."

Heyder said the commission plans to send letters to ISPs outlining the suggested antispam steps: "This is intended to provide a range of possible measures that can be taken if appropriate."

The FTC also wants Internet providers to prevent e-mail from leaving their network unless it flows through their own internal servers. That makes spam zombies easier to catch. That technique is called blocking port 25, the port number used by the venerable Simple Mail Transport Protocol.

Full Story.

Again - the eyes should be on Microsoft

If Micorsoft would secure their operating system this crap wouldnt be happening.

I know

I know, I know what you mean. It's ridiculous what the internet environment has come to due to the insecurity of the microsoft operating systems. But place blame where due, they are only an enabler, the assholes responsible are the assholes responsible. You know what I mean? Just cuz I leave my front door unlocked don't mean it's okay for someone to come in and swipe my stereo.
----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

35 Open Source Tools for the Internet of Things

In a nutshell, IoT is about using smart devices to collect data that is transmitted via the Internet to other devices. It's closely related to machine-to-machine (M2M) technology. While the concept had been around for some time, the term "Internet of Things" was first used in 1999 by Kevin Ashton, who was a Procter & Gamble employee at the time. Read more

IoT tinkerers get new Linux hub & open platforms

Cloud Media, the maker of entertainment box Popcorn Hour, launched a project on Kickstarter, Inc. that will add to the growing number of smart hubs for people to connect and control smart devices. Called the STACK Box, it features a Cavium ARM11 core processor, 256MB DDR3 RAM, 512MB flash, SD slot, 802.11n WiFi, Bluetooth LE 4.0, Z-Wave, standard 10/100 Ethernet port, optional X10 wired communication, 5 USB 2.0 ports, RS-232 port, 2 optocoupler I/O, Xbee Bus, Raspberry Pi-compatible 26-pin bus and runs Linus Kernel 3.10. IT also features optional wireless communications for Dust Networks and Insteon with RF433/315, EnOcean, ZigBee, XBee, DCLink, RFID, IR coming soon. Read more

Citrix and Google partner to bring native enterprise features to Chromebooks

Chromebooks are making inroads into the education sector, and a push is coming for the enterprise with new native Chrome capabilities from Citrix. Google and Citrix have announced Citrix Receiver for Chrome, a native app for the Chromebook which has direct access to the system resources, including printing, audio, and video. To provide the security needed for the enterprise, the new Citrix app assigns a unique Receiver ID to each device for monitoring, seamless Clipboard integration across remote and local applications, end user experience monitoring with HDX Insight, and direct SSL connections. Read more

Is Open Source an Open Invitation to Hack Webmail Encryption?

While the open source approach to software development has proven its value over and over again, the idea of opening up the code for security features to anyone with eyeballs still creates anxiety in some circles. Such worries are ill-founded, though. One concern about opening up security code to anyone is that anyone will include the NSA, which has a habit of discovering vulnerabilities and sitting on them so it can exploit them at a later time. Such discoveries shouldn't be a cause of concern, argued Phil Zimmermann, creator of PGP, the encryption scheme Yahoo and Google will be using for their webmail. Read more