The New York Times had an interesting article a few days ago about the ongoing prevalence of botnets. It suggests they are still growing in sophistication and size. The article is worth a read partly because of the amusing quotes like this one:
â€œItâ€™s a huge scientific, policy, and ultimately social crisis, and no one is taking any responsibility for addressing it,â€? said K. C. Claffy , a veteran Internet researcher at the San Diego Supercomputer Center.
Sound familiar? We don’t need a military solution, we need a political one…and then there is this quote about how the security industry has been reacting to botnet risks:
â€œThis is a little bit like airlines advertising how infrequently they crash into mountains,â€? said Mr. Dagon, the Georgia Tech researcher.
Eh? Is that supposed to be a good thing? Some people like security/safety record data, while some just care about legroom and/or price. For example:
Serry Winkler, a sales representative in Denver, said that she had turned off the network-security software provided by her Internet service provider because it slowed performance to a crawl on her PC, which was running Windows 98. A few months ago four sheriffâ€™s deputies pounded on her apartment door to confiscate the PC, which they said was being used to order goods from Sears with a stolen credit card. The computer, it turned out, had been commandeered by an intruder who was using it remotely.
â€œIâ€™m a middle-aged single woman living here for six years,â€? she said. â€œDo I sound like a terrorist?â€?
She is now planning to buy a more up-to-date PC, she said.
Clearly a price-sensitive customer, who perhaps does not appreciate being told she has to purchase a new computer to be safe from the botnets. On the other hand, do the botnets open up the possibility again of the ultimate alibi? They are often nearly impossible for the average user to detect, so will the increase in sophistication and size result in a corresponding rise in claims of plausible deniability?