Language Selection

English French German Italian Portuguese Spanish

Feds to fight the zombies

Filed under
Security

The FTC and more than 30 of its counterparts abroad are planning to contact Internet service providers and urge them to pay more attention to what their customers are doing online. Among the requests: identifying customers with suspicious e-mailing patterns, quarantining those computers and offering help in cleaning the zombie code off the hapless PCs.

To be sure, computers infected by zombie programs and used to churn out spam are a real threat to the future of e-mail. One report by security firm Sophos found that compromised PCs are responsible for 40 percent of the world's spam--and that number seems to be heading up, not down.

But government pressure--even well-intentioned--on Internet providers to monitor their users raises some important questions.

Will ISPs merely count the number of outbound e-mail messages, or actually peruse the content of e-mail correspondence? E-mail eavesdropping is limited by the Electronic Communications Privacy Act in the United States, but what about other countries without such laws? If these steps don't stop zombie-bots, will the government come back with formal requirements instead of mere suggestions the next time around?

The FTC said that its advice should not be alarming. "I think our recommendations are intended to provide flexibility by ISPs to implement them to the extent they can," Markus Heyder, an FTC legal adviser, said on Friday. "We have vetted them extensively with other partners and industry members."

Heyder said the commission plans to send letters to ISPs outlining the suggested antispam steps: "This is intended to provide a range of possible measures that can be taken if appropriate."

The FTC also wants Internet providers to prevent e-mail from leaving their network unless it flows through their own internal servers. That makes spam zombies easier to catch. That technique is called blocking port 25, the port number used by the venerable Simple Mail Transport Protocol.

Full Story.

Again - the eyes should be on Microsoft

If Micorsoft would secure their operating system this crap wouldnt be happening.

I know

I know, I know what you mean. It's ridiculous what the internet environment has come to due to the insecurity of the microsoft operating systems. But place blame where due, they are only an enabler, the assholes responsible are the assholes responsible. You know what I mean? Just cuz I leave my front door unlocked don't mean it's okay for someone to come in and swipe my stereo.
----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Windows, Mac or Linux... Which operating system best suits your business?

Linux is a free alternative. Apart from the zero-cost factor, it's still less prone to viruses than Windows. Most Linux machines start out as Windows computers that are reformatted. Linux is also adaptable -- Linux is an OS kernel, not a full system, but is the heart of software distributions such as Ubuntu or Fedora. As for cons, Linux is more complex to learn and use. There are also far fewer programs written for Linux systems. Of course, someone with an advanced online computer science master’s degree will help you make the most of a Linux system by supplying the skills needed to innovate and implement custom solutions for your business environment. Read more

LinuxCon, Linux at 25, and Linux Development

5 Ways to Solve the Open Source Industry's Biggest Problems

Over the last decade, open source software and its audience of end users have greatly matured. Once only used by a small subset of tech-savvy early adopters, the convenience, effectiveness and cost savings of open source solutions are now driving enterprise IT to explore more ways to take advantage of the power of open source in their daily business operations. In today's economy, enterprise IT has less to gain from developing and licensing software and more to gain from actively working with existing open source technology. However, the march toward open source still faces major obstacles before it becomes mainstream. In this slideshow, Travis Oliphant, CEO and founder of Continuum Analytics, outlines five challenges preventing enterprise IT from shifting to open source and tips for tackling them to keep the future of open source heading in the right direction. The road may be winding, but it will eventually lead companies to open source to help them innovate and as the way of the future. Read more Also: Latest attacks on privacy...

Security News

  • Jay Beale: Linux Security and Remembering Bastille Linux
    Security expert and co-creator of the Linux-hardening (and now Unix-hardening) project Bastille Linux. That’s Jay Beale. He’s been working with Linux, and specifically on security, since the late 1980s. The greatest threat to Linux these days? According to Beale, the thing you really need to watch out for is your Android phone, which your handset manufacturer and wireless carrier may or may not be good about updating with the latest security patches. Even worse? Applications you get outside of the controlled Google Play and Amazon environments, where who-knows-what malware may lurk. On your regular desktop or laptop Linux installation, Beale says the best security precaution you can take is encrypting your hard drive — which isn’t at all hard to do. He and I also talked a bit, toward the end, about how “the Linux community” was so tiny, once upon a time, that it wasn’t hard to know most of its major players. He also has some words of encouragement for those of you who are new to Linux and possibly a bit confused now and then. We were all new and confused once upon a time, and got less confused as we learned. Guess what? You can learn, too, and you never know where that knowledge can take you.
  • Automotive security: How safe is a next-generation car?
    The vehicles we drive are becoming increasingly connected through a variety of technologies. Features such as keyless entry and self-diagnostics are becoming commonplace. Unfortunately, they can also introduce IT security issues.
  • Let's Encrypt: Every Server on the Internet Should Have a Certificate
    The web is not secure. As of August 2016, only 45.5 percent of Firefox page loads are HTTPS, according to Josh Aas, co-founder and executive director of Internet Security Research Group. This number should be 100 percent, he said in his talk called “Let’s Encrypt: A Free, Automated, and Open Certificate Authority” at LinuxCon North America. Why is HTTPS so important? Because without security, users are not in control of their data and unencrypted traffic can be modified. The web is wonderfully complex and, Aas said, it’s a fool’s errand to try to protect this certain thing or that. Instead, we need to protect everything. That’s why, in the summer of 2012, Aas and his friend and co-worker Eric Rescorla decided to address the problem and began working on what would become the Let’s Encrypt project.
  • OpenSSL 1.1 Released With Many Changes
    OpenSSL 1.1.0 was released today as a major update to this free software cryptography and SSL/TLS toolkit. In addition to OpenSSL 1.1 rolling out a new build system and new security levels and support for pipelining and a new threading API, security additions to OpenSSL 1.1 include adding the AFALG engine, support for ChaChao20 in libcrypto/libssl, scrypto algorithm support, and support for X25519, among many other additions.
  • Is Windows ​10’s ‘Hidden Administrator Account’ a security risk? [Ed: Damage control from Microsoft Jack (Jack Schofield) because Microsoft Windows is vulnerable by design]