05.21.09

BBC Wants to Build Another Windows Botnet

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 10:26 am by Dr. Roy Schestowitz

Microsoft BBC

Summary: The BBC wants to hijack loads of Windows PCs (again) while hiding their inherent vulnerability from the British public

Going a couple of months back, the BBC got slammed for breaking the law and paying botmasters in order to create entertainment (a television show) in which not a word was truly or properly said about Microsoft Windows being a culprit. We wrote about this in:

The BBC seems not to have learned its lessons about recruiting malicious people who can spam the Internet and take down Web sites. It did, however, learn something about asking for permission before hijacking innocent people’s computers.

The BBC has followed its recent controversial botnet demonstration with a new filmed demo of how a Trojan attack works – except this time it made sure to ask nicely.

Looking at this morning’s news at the BBC, there is this article about malware, but Windows and Microsoft are not mentioned even once! This is part of a disturbing pattern which shows that the BBC is not willing to educate people. Microsoft is the BBC’s technical partner and it shows. For some background see:

The latest from the BBC:

The struggle between computer security firms and hi-tech criminals has often been likened to an arms race.

Does it affect GNU/Linux? How about Apple Macs? Are they merely victims of spam and DDoS attacks that arrive from Windows botnets? The article says not a word about operating systems. To the BBC, it’s as though they don’t exist and Windows is just synonymous with (and embedded into) a computer.

In other security news, it is turning into chaos in China, but they fail to realise that criminalisation does not result in prevention.

A year ago, when a Time Magazine reporter told Tan Dailin that he’d been identified as someone who may have hacked the Pentagon, he gasped and asked, “Will the FBI send special agents out to arrest me?”

The answer, it turns out, was, “No, the Chinese government will.”

Dailin, better known in Chinese hacker circles as Withered Rose, was reportedly picked up last month in Chengdu, China, by local authorities. He is now facing seven years in prison under a new Chinese cybercrime law that was passed in late February.

Prevention would come from changes in infrastructure, not law and enforcement.

Writing in relation to the economic stimulus, one reader tells us that Conficker alone cost 9.1 billion dollars in damage and still growing. From today’s news:

Conficker still infecting 50,000 PCs per day

The Conficker worm is still infecting systems at a brisk rate and continues to snag computers in Fortune 1000 companies, according to security researchers.

“Even Microsoft still has infections,” he claims, “which puts a bullet in the myth that the company’s products can be secured if one “knows enough”. The number of Microsoft Office users is reckoned [PDF], rightly or wrongly, to be about 500 million. We can speculate that that’s slightly greater than the number of Microsoft Windows desktop users. So the damage comes out to…”

Your guesstimate. █

More on Conficker: