US Shows Interest In Zombie Quarantine Code 195
bennyboy64 writes "Barack Obama's cyber-security coordinator has shown interest in an e-security code of practice developed in Australia that aims to quarantine Internet users infected by malware, also known as zombie computers. He reportedly said it would be a useful role model for the US to adopt. One suggestion within the code is to put infected users into a 'walled garden,' which limits Internet access to prevent further security problems until quarantined. Another is to throttle the speed of an infected users' Internet connection until their computer fixed. The code is also being considered by other Asia-Pacific countries, ZDNet reports."
Seems reasonable (Score:5, Interesting)
My only real concern is that of privacy. How exactly do they go about telling you're a zombie? Well written malware isn't exactly going to advertise infection, and even hosts which may be participating in a denial of service attack can't definitively be proven to be infected unless they're obvious (like sending a TCP packet with an invalid combination of flags, for instance). Scarier would be using the 'zombie' excuse to monitor net traffic on a connection for 'investigative' purposes. So it may just turn out pointless or it may be a ruse for a different kind of control. Anyone have any articles as to the effects of this or some cases where it was actually used in AU?
I don't want to give information away (Score:5, Interesting)
Currently my network looks like a single netbsd box from the perspective of my ISP. The original Australian proposal could have been interpreted to mean I would have to tell the ISP what OSs I was running and what software they had installed.
So if I had windows here they would want to know how it was firewalled, etc. So yeah I can tell them three ubuntu laptops, one mac laptop with windows running inside vmware. Two servers running netbsd and the ISP are going to get dollar signs lighting up in their eyes. They will want me to pay for a "business" connection now, because of the nodes I have running. Not good for me.
Re:I don't want to give information away (Score:1, Interesting)
You're are only required to pay for a business connection if you actually use them for business purposes, if they are a hobby (which is what you will obviously be claiming to them), then they can't force you to use a business plan, and they would much prefer you paying something to them than paying nothing to them and something to someone else.
Re:I don't want to give information away (Score:3, Interesting)
I might be in trouble there because my wife uses this connection for her architecture practice. But on the other hand a lot of the people I work with use their DSL lines to VPN into work so should they get business lines too?
knee-jerk reactions without reading (Score:5, Interesting)
Is it just me, or is the first onslaught of posts unusually full of people who seem to want to judge government first and read/think later? I mean, beyond the usual level here.
I mean, something has to be done. We are well over 50% of the internet's capacity being used to send people junk mail, most of it both offensive and fraudulent, far too much of it containing executable payloads that harm the internet itself, etc.
If the ISPs don't take voluntary action at a level of minimum intrusion, some excited parents' group is going to hold a referendum and hand their government the right to intrude in every living room.
Sure, this proposal goes too far in places, misses the boat technically in others. It's not perfect. But it's better than legalizing deep inspection to be adminitered and performed by the agency of the UN/international courts.
If we want better than this, we need to come up with counter-proposals of our own, get out, educate people. (And get ourselves off the OS that is the primary medium of abuse.)
I'm not convinced. (Score:4, Interesting)
This "voluntary" icode just happens to discussed under the backdrop of the government trying to build an internet kill switch. I'm supposed to believe it's going to remain "voluntary" when the US Government is involved?
When it's voluntary then all the government influenced ISP's or ISP's with big government contracts will be pressured behind the scenes to adopt it. I'm not convinced that it will be voluntary if its not in the ISP's economic best interest.
If corporations want to do this they already can. So to make it "voluntary" when it already is an option, it looks more like an agenda.
So the goal is to win? (Score:3, Interesting)
It's not reasonable for the government to do anything more than monitor the internet. To start telling people how to run their nodes
In a competitive world, businesses WILL NOT prepare for disaster unless the executives see that it affects the stock price. Preparing for disaster is expensive, and it seldom pays off. (see also: car industry, banking industry, airlines, BP, failure to protect against natural disasters...)
If we want the internet to keep running, without collapsing during a cyberwar, then we do need to insist on some things. It's like requiring that banks keep some reserve, requiring that oil companies have a means to stop a leak, or requiring that an airline not skimp on maintenance when the competition gets fierce.
The internet is never going to collapse. That is a strawman. Industries could lose profits however and this is a legit argument. If American industries lose profit this endangers national security. Endangering national security reduces US military might and overall power. This endangers US superpower status. So all policies are designed to maintain government power and superpower status.
The problem with these policies is they make the civilian population miserable. We can't find a job. The laws all seem to be telling us what we can't do so we can't pursue happiness. This creates collateral damage on the civilian side as many civilian lives are ruined in some cases beyond repair to "win."
Why can't the military establishment find a way to win without making the entire world miserable? After a certain point the people fighting to protect these laws and Constitution wont have morale. We claim the USA is worth fighting for because it has liberty and freedom, and people can get rich and be happy. But that perception is rapidly fading and lying to the public is not going to change the fact that the American dream is harder to reach for individuals. Individuals primarily feel we are winning or losing the war based on situations they see in their own lives and sphere of influence. We might be winning the war on paper but for most people in practice it feels like we are losing.
This is the primary disconnect.
Re:Principle and practice (Score:5, Interesting)
I am an Australian on Exetel. I have had the quarantine kick in twice due to my house mates getting infected. Both times it was a spam relay, so it was presumably easy to detect the massive jump in port 25 traffic. Once you are quarantined all ports but 80 are blocked and port 80 only serves up a page telling you that you are quarantined, what you need to do to remove the quarantine (clean your system then click a link to tell the automated system to check your outgoing traffic), and links to ISP mirrors of malware removal tools. Both times it took about 15-30 minutes to clean the infections and get the quarantine removed.
I think schemes like this are best practice and the only way the Internet is going to be usable with the rise in online crime. Even if you have a secure local OS nothing stops users downloading trojans.