The fluorescent lights hum overhead in the drop ceiling. An employee is away from his desk. His computer is playing a screensaver of family photographs. The computer—a standard-issue black Chinese-manufactured clone machine running Windows XP—is idle, but still engaging in automatic behavior over its broadband connection. It checks for new email at the server every few minutes, for example. A small but regular trickle of requests and replies move over its always-on connection to the network.
When he opens that attachment, the employee launches the worm to do its covert work. It looks for the popular file-sharing program Kazaa one in the group of popular peer-to-peer programs for sharing media files that included Napster, Gnutella, and Morpheus ; if it finds it, it copies a version of itself to the directory of shared files under one of several names such as strip-girl But the worm has much more to do beyond replicate itself.
It begins quietly shipping information back and forth over the available capacity of its con- nection to the Internet. The instructions given to it are generally along these lines: The computer on the desk in the office cubicle has become a spam-distribution machine and has the capacity to do much more.
It has joined the botnet. They can correlate data, hang out in a chat channel providing the rules of conduct when anyone asks, or search the web for email addresses while their programmers are occupied elsewhere. These abilities make them ideal for an enormous variety of computer tasks—and among them is spamming.
Of course, there were already more efficient means of amassing and mailing to addresses being developed—methods that would culminate in the botnet. In particular, it has the sting in its tail that brings botnets into conversation with the military. This is the normal business of servers, and they are built and configured to handle a certain number of requests for a certain amount of data from a certain number of users, depending on resources and anticipated use.
Spam: A Shadow History of the Internet [Excerpt, Part 3] - Scientific American
Such an event can also be undertaken maliciously. What this command issued by the Mydoom worm meant to do was create a vast phantom population of users requesting the site again and again and again from many thousands of computers all over the world, effectively knocking the site offline for twelve full days, rendering them unable to do business and acting as a devastating blow to their reputation as a company that provides secure servers for enterprise clients.
A coordinated action from a botnet, a global network of machines, to take down a website or a server is called a distributed denial of service DDoS attack. Such an attack can be used to extort money from online companies such as casinos by preventing customers from reaching them, to eliminate security firms or other enemies, and to attack civil and governmental Internet infrastructure: The Mydoom worm contained a poignant message embedded in the code: Once you have the distributed power of many infected computers that are autonomously infecting others in turn, new projects and possibilities arise.
It is the beginning of a new scale of operations. Life as an apprentice botmaster: You now have ten or fifteen thousand compromised computers under your notional control. Their number varies from day to day: People go on vacation, leaving their computers off for a week or two; companies upgrade, and the old machines—your machines—go out to the recycling bin to be palletized and shipped to Accra or Guiyu.
Other worm writers and botmasters create programs designed to take over machines and knock off the infections already present, like yours. From day to day, users of infected machines all over the world power them up or down on cycles of nights, weekends, and lunch breaks. The bot population is shifting and unreliable, and you face the very real problem of making use of all of this distributed computing power you have accumulated.
How do you control it? On the most abstract level, your method is this: IRC has a long history of automated interactions in which chatbots have been responding to commands and relaying messages long before the arrival of more sophisticated technologies. This relatively simple arrangement creates another problem, however: Other botmasters trying to take over your network is the biggest ongoing problem you face. Perhaps you have managed to obfuscate or encrypt some of the critical traffic and code, such as the authentication passwords you use to control your bots.
This trick will keep the other botmasters at bay, for now. The next critical question: As with the development of spam itself, this is all about taking advantage of new affordances: When the security company Finjan seized a server being used to store botnet data, they found 1.
Instead, you bring your data into the thriving underground economy that has formed around online crime. You join yet another IRC channel: You can also try cutting a deal with the cashier to keep more of the profit. You can sell your botnet as a whole for a smaller but quick profit: You can also rent time and capacity on your botnet for all the services it can provide: You can get lists of netblocks ranges of Internet addresses that are notably vulnerable or heavily monitored or that belong to certain organizations that you might want to take advantage of or avoid.
Finally, you can barter for all of these things, transacting any one for any other: After a good spam campaign, with a mix of pharmaceutical messages for a client, paid for in batches of a million and sent to a cheap, inferior list of addresses—and phishing messages for your personal profit, sent to a more precise, targeted list—you can come back to the market with more data to sell, and more money with which to buy work and data from the others. The market is transnationally hopping—though it looks, like so much of your working life as a global criminal, like a window on your screen with text in it.
A variety of typo-ridden languages are in use. Some of the data you have accumulated needs to be turned into money, and the nick PhuckedUp is looking for clients: You have a lot of competitors in this business. You post your notice: Later, as you meet others in this world, you will move on to covert password-protected channels where more serious action happens.
You have joined the twenty-first-century spam economy. A million spam messages sent on behalf of a client costs the equivalent of a hundred U.
Join Kobo & start eReading today
Fifteen dollars for a hour of denial of service attacks; more for a more sustained attack, which requires more cunning to outwit the blocking strategies the target might employ as they catch on. The transactions between parties in the business are done through services like Yandex and WebMoney, services akin to PayPal but with greater market penetration in Russia and Eastern Europe. Not bad at all. There may not be honor among thieves, but there is good customer service. As Holt argues, it makes sense in the short term to lease a botnet rather than build one of your own—you can send spam and do attacks with a somewhat higher profit margin and no maintenance.
But what if you are a truly gifted and visionary programmer? What if you want to build a better botnet? Gods and Green Fingers. Planet Of The Owls. Not On The Cards. Menace from the Past. The Barrier The Teorran of Time. A Ted Hughes Bestiary. Woman Reading to the Sea: Brief Encounters with my Third Eye: Anything Sounds Like a Symphony: Poetry at Maximum Volume. Ready to Dance and Other Poems. Beneath Ceaseless Skies Issue Eternity in a Touch. The Upside Down Mountain.
- girasole: Cronaca di una dieta: L alimentazione dei GS del.-Biblioteca - Wikipedia.
- Meditación, Fuerza Interior y Fe (Spanish Edition).
- Große Gestalten der Antike (German Edition).
- es war einmal eine schildkröte (German Edition).
- Des Lebens Lust (German Edition).
Thin Air of the Knowable. How to write a great review. The review must be at least 50 characters long. The title should be at least 4 characters long. Your display name should be at least 2 characters long. At Kobo, we try to ensure that published reviews do not contain rude or profane language, spoilers, or any of our reviewer's personal information.
You submitted the following rating and review. We'll publish them on our site once we've reviewed them. Item s unavailable for purchase. Please review your cart. You can remove the unavailable item s now or we'll automatically remove it at Checkout. Continue shopping Checkout Continue shopping. Chi ama i libri sceglie Kobo e inMondadori. Free eBook Add to My Books. Ratings and Reviews 0 0 star ratings 0 reviews. Overall rating No ratings yet 0.
How to write a great review Do Say what you liked best and least Describe the author's style Explain the rating you gave Don't Use rude and profane language Include any personal information Mention spoilers or the book's price Recap the plot. Close Report a review At Kobo, we try to ensure that published reviews do not contain rude or profane language, spoilers, or any of our reviewer's personal information. Would you like us to take another look at this review? No, cancel Yes, report it Thanks!
You've successfully reported this review. We appreciate your feedback. April 11, Imprint: You can read this item using any of the following Kobo apps and devices: