A controversial BBC Click documentary which involved researchers obtaining access to a botnet and sending spam is due to screen this weekend despite a growing storm of criticism.
Security experts - including McAfee, a firm whose representatives appear in the programme - have described the exercise as misguided and unnecessary. Legal experts contacted by El Reg reckon the show potentially breaches the unauthorised modifications provisions of the Computer Misuse Act, the UK's computer hacking law.
BBC programme broke law with botnets, says lawyer
A BBC programme has broken the Computer Misuse Act by acquiring and using software to control 22,000 computers, creating a botnet capable of bringing down websites. A technology law specialist has said that the activity is illegal.
I don't want to address that here, but a different point: that nowhere in the article does the word “Windows” occur. And yet, I'd be willing to bet that none of those 22,000 machines ran GNU/Linux or Mac OS. Because the fact is, that the vast majority of machines on botnets are running Windows, and that this is yet another problem caused by the Microsoft monoculture.
But nothing of this is mentioned in the BBC piece. Instead, it is presented as if botnets were some inevitable part of computing life – something you might get, just as you might catch a cold, because, hey, these things happen.
A new version of the Conficker (aka Downadup) worm is working around attempts to stifle its activity by dramatically increasing the number of domain names used to call home for fresh instructions.
But rather than being educational, the 23-minute episode of its technology programme Click, (report here) which often bordered on the sensational, left one major question unanswered: what kind of computers were these - Windows, Mac, Linux, BSD?
If the programme aimed to be educational, and not sensational, then one needed to know this fact above all. It is well-known that a vast majority of the PCs which are commandeered by cyber criminals - people known as crackers, not hackers - run some variant of Windows, with XP being number one.
The programme began this way: "20,000 computers. All hijacked and waiting for instructions. And all under our control." And all spoken by a presenter with a wide-eyed look of impending doom in his eyes.
Comments
Nick Reynolds (editor, BBC Internet Blog)
2009-03-14 19:45:47
http://www.bbc.co.uk/blogs/theeditors/2009/03/click_botnet_experiment.html
Mike Brown
2009-03-14 23:03:38
I read the "BBC's side of the story" to which you linked. They managed not to mention Windows there too.
They do, at least, link off to a "PC Protection" page, which says:
"Windows is the most popular OS and it is the most vulnerable to these kinds of attacks. "
At last, some admission that Windows might just be part of the problem. But it's written so as to imply that its Windows' popularity that makes it vulnerable - although without actually *saying* that - rather than it just being a badly written operating system. (No way all those MS refugees that washed up at the Beeb are going to allow anything like *that* to be said!)
We're also told:
"Windows XP, Vista and Mac OS-X all have built-in firewalls"
Quite so, but so do nearly all Linux distributions. That's not worth a mention though. In fact, Linux itself isn't worth a mention either.
Roy Schestowitz
2009-03-14 23:25:33
A lot of people I know hate Windows but carry on using it because they are given no choice.
"Ubiquitous" would be a better word to use.
As for the argument about security, Microsoft itself has already admitted that Windows is insecure by design and there is plenty of compelling evidence (including court exhibits) I can put forth to support this, not just extensive studies.
"Our products just aren't engineered for security."
--Brian Valentine, Microsoft executive
It is disappointing to see the BBC reinforcing incorrect consensus which was marketed vigorously by Microsoft. I used to believe the BBC had guts to offer proper reporting, not just recite spin and PR.