Language Selection

English French German Italian Portuguese Spanish

Feds to fight the zombies

Filed under

The FTC and more than 30 of its counterparts abroad are planning to contact Internet service providers and urge them to pay more attention to what their customers are doing online. Among the requests: identifying customers with suspicious e-mailing patterns, quarantining those computers and offering help in cleaning the zombie code off the hapless PCs.

To be sure, computers infected by zombie programs and used to churn out spam are a real threat to the future of e-mail. One report by security firm Sophos found that compromised PCs are responsible for 40 percent of the world's spam--and that number seems to be heading up, not down.

But government pressure--even well-intentioned--on Internet providers to monitor their users raises some important questions.

Will ISPs merely count the number of outbound e-mail messages, or actually peruse the content of e-mail correspondence? E-mail eavesdropping is limited by the Electronic Communications Privacy Act in the United States, but what about other countries without such laws? If these steps don't stop zombie-bots, will the government come back with formal requirements instead of mere suggestions the next time around?

The FTC said that its advice should not be alarming. "I think our recommendations are intended to provide flexibility by ISPs to implement them to the extent they can," Markus Heyder, an FTC legal adviser, said on Friday. "We have vetted them extensively with other partners and industry members."

Heyder said the commission plans to send letters to ISPs outlining the suggested antispam steps: "This is intended to provide a range of possible measures that can be taken if appropriate."

The FTC also wants Internet providers to prevent e-mail from leaving their network unless it flows through their own internal servers. That makes spam zombies easier to catch. That technique is called blocking port 25, the port number used by the venerable Simple Mail Transport Protocol.

Full Story.

Again - the eyes should be on Microsoft

If Micorsoft would secure their operating system this crap wouldnt be happening.

I know

I know, I know what you mean. It's ridiculous what the internet environment has come to due to the insecurity of the microsoft operating systems. But place blame where due, they are only an enabler, the assholes responsible are the assholes responsible. You know what I mean? Just cuz I leave my front door unlocked don't mean it's okay for someone to come in and swipe my stereo.
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

And More Security Leftovers

  • The NyaDrop Trojan for Linux-running IoT Devices
  • Flaw resides in BTB helps bypass ASLR
  • Thoughts on the BTB Paper
    Though the attack might have some merits with regards to KASLR, the attack on ASLR is completely debunked. The authors of the paper didn't release any supporting code or steps for independent analysis and verification. The results, therefore, cannot be trusted until the authors fully open source their work and the work is validated by trusted and independent third parties.
  • Spreading the DDoS Disease and Selling the Cure
    Earlier this month a hacker released the source code for Mirai, a malware strain that was used to launch a historically large 620 Gbps denial-of-service attack against this site in September. That attack came in apparent retribution for a story here which directly preceded the arrest of two Israeli men for allegedly running an online attack for hire service called vDOS. Turns out, the site where the Mirai source code was leaked had some very interesting things in common with the place vDOS called home.

Blockchain and FOSS

Ubuntu Leftovers

  • Celebrating 12 years of Ubuntu
    Founder Mark Shuttleworth announced the first public release of Ubuntu – version 4.10, or “Warty Warthog” – on Oct. 20, 2004. The idea behind what would become the most recognizable and widely used Linux distributions ever was simple – create a Linux operating system that anybody could use. Here’s a look back at Ubuntu’s history.
  • Happy 12th Birthday, Ubuntu!
    Yup, it’s twelve years to the day since Mark Shuttleworth sat down to tap out the first Ubuntu release announcement and herald in an era of “Linux for human beings”.
  • A Slice of Ubuntu
    The de facto standard for Raspberry Pi operating systems is Raspbian–a Debian based distribution specifically for the diminutive computer. Of course, you have multiple choices and there might not be one best choice for every situation. It did catch our eye, however, that the RaspEX project released a workable Ubunutu 16.10 release for the Raspberry Pi 2 and 3. RaspEX is a full Linux Desktop system with LXDE (a lightweight desktop environment) and many other useful programs. Firefox, Samba, and VNC4Server are present. You can use the Ubuntu repositories to install anything else you want. The system uses kernel 4.4.21. You can see a review of a much older version of RaspEX in the video below.
  • Download Ubuntu Yakkety Yak 16.10 wallpaper
    The Yakkety Yak 16.10 is released and now you can download the new wallpaper by clicking here. It’s the latest part of the set for the Ubuntu 2016 releases following Xenial Xerus. You can read about our wallpaper visual design process here.
  • Live kernel patching from Canonical now available for Ubuntu 16.04 LTS
    We are delighted to announce the availability of a new service for Ubuntu which any user can enable on their current installations – the Canonical Livepatch Service. This new live kernel patching service can be used on any Ubuntu 16.04 LTS system (using the generic Linux 4.4 kernel) to minimise unplanned downtime and maintain the highest levels of security.
  • How to enable free 'Canonical Livepatch Service' for Linux kernel live-patching on Ubuntu
    Linux 4.0 introduced a wonderful feature for those that need insane up-time -- the ability to patch the kernel without rebooting the machine. While this is vital for servers, it can be beneficial to workstation users too. Believe it or not, some home users covet long up-time simply for fun -- bragging rights, and such. If you are an Ubuntu 16.04 LTS user (with generic Linux kernel 4.4) and you want to take advantage of this exciting feature, I have good news -- it is now conveniently available for free! Unfortunately, this all-new Canonical Livepatch Service does have a catch -- it is limited to three machines per user. Of course, home users can register as many email addresses as they want, so it is easy to get more if needed. Businesses can pay for additional machines through Ubuntu Advantage. Want to give it a go? Read on. "Since the release of the Linux 4.0 kernel about 18 months ago, users have been able to patch and update their kernel packages without rebooting. However, until now, no other Linux distribution has offered this feature for free to their users. That changes today with the release of the Canonical Livepatch Service", says Tom Callway, Director of Cloud Marketing, Canonical.
  • KernelCare Is Another Alternative To Canonical's Ubuntu Live Kernel Patching
    Earlier this week Canonical announced their Kernel Livepatching Service for Ubuntu 16.04 LTS users. Canonical's service is free for under three systems while another alternative for Ubuntu Linux users interested in a commercial service is CloudLinux's KernelCare. The folks from CloudLinux wrote in to remind us of their kernel patching solution, which they've been offering since 2014 and believe is a superior solution to Canonical's service. KernelCare isn't limited to just Ubuntu 16.04 but also works with Ubuntu 14.04 and other distributions such as CentOS/RHEL, Debian, and other enterprise Linux distributions.

More Security News (and FUD)