Floating_Red wrote:W32.Downadup.C Digs in Deeper - https://forums2.symantec.com/t5/blogs/blogarticlep
age/blog-id/malicious_code/article-id/249.
Incredible. Thanks for the links, Red. The whole Downadup thing is quite fascinating, IMO.
Let's just hope the Downadup authors are only after money, and not something else - say, controlling an entire nation's powergrid or satellites 
or weapons systems or some other sci-fi-ish thing like that.
Let's also hope we don't someday look back on this and say, "Why didn't anyone do something to stop it?" since supposedly some of the infected PC's IP addresses are already known to researchers...
If all the various dedicated researchers, and the (often) lazy good-for-nothing ISPs would work together (fat chance of that ever happening - the ISPs simply don't care), the ISP's could notify infected customers to clean up their machines. Preferably make it mandatory - disinfect or have one's internet access temporarily suspended. Under current laws the courts would have fun would that one, so it'll probably never happen, sadly. The laws all seem to be on the side of the criminal malware authors.
It would take a major event of some kind, for society to wake up and do something, adapt laws to modern standards. Like having a dangerous intersection where it takes 100 people getting run over and killed before anyone finally thinks it's serious enough to even bother putting in a traffic light. How many of these giant botnets will it take before something sufficiently horrible happens to make lawmakers, politicians, etc., start to take such things seriously? Most of those people still seem to be living in some quaint old-fashioned la-la-land and laws haven't kept up with advances in technology and they see no problem with it.
As plenty of other people have no doubt already suggested, someone needs to figure out a way to make it legal for someone to just hijack the botnets and deactivate them (currently illegal etc "the machines might crash," "the owners might sue," "data could get damaged," "mistakes could be made," "invasion of privacy," probably trespassing and who knows what else blah blah blah) - or at the very least, make it mandatory that ISPs contact known botnet PC owners and tell the owners to get their act together. Realistically, though, that will happen when pigs fly. 
Yeah I know, I'm probably venturing too far off-topic or whatever, so I won't say anything more about it. 
But it does all pertain to security concerns, and each individual PC owner who's part of a botnet, bears at least some responsibility for what their PC is doing - if they had some way of knowing about it, that is.
Reason for edit: fixed typos.
I agree with Stu because, if you take the time to read through all the Blogs that I have Posted here, you will read that even Patched computers are still getting Infected.
__________________________________________________
I also agree that all this Downadup, a.k.a. Conflicker, is fascinating. If you read all the Blogs Posted, you will see that yes, their main aim is for money, but they also have the ability to create a nightmare for the person's / persons' computer.
Not sure if you've seen this, but there are a large group of Companies, symantec and Microsoft to name a few, are joining forces to hunt down this Threat and, hopefully, the Authors; the Blog for this is Posted in this Thread. 
And there are Countires where, creating a Threat, could land you in jail for a long time and which is il-legal - but does that stop them...?
Also, your rant is not Off-Topic - well, maybe slightly 
- because it is dealing with the Downadup Threat.
__________________________________________________
If you have not read all of these Blogs Posted in this Thread, I Highly-Recommend that you take the time to read them.
- �1995 - 2013 Symantec Corporation Legal Notice License Agreement Privacy Policy Cookies Site Map RSS
