Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":226,"date":"2011-10-09T14:07:21","date_gmt":"2011-10-09T14:07:21","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=226"},"modified":"2019-04-17T12:13:53","modified_gmt":"2019-04-17T12:13:53","slug":"u-s-government-time-travels-to-2009-to-fight-botnets-no-one-cheers","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2011\/10\/09\/u-s-government-time-travels-to-2009-to-fight-botnets-no-one-cheers\/","title":{"rendered":"U.S. Government Time Travels to 2009 to Fight Botnets; No One Cheers"},"content":{"rendered":"

$\"waledac-wc\"$
\n<\/strong> In a shocking development for anyone still living in 2009, this week the U.S. Government has decided to tackle botnets head-on. Some have speculated that a high-up mucky-muck over at DHS thought it would be \u2018a pretty neat thing to do,\u2019 considering the timing (Hugh Jackman\u2019s Rocky reboot robot revival Real Steel<\/a> also hit theatres this week). While government spokespeople deny rumors that Optimus Prime is involved in this radical move, most ISPs are groaning, rolling their eyes, and wondering where they put their contact information for Megatron.<\/p>\n

Sigh.<\/em> In a world of the mundane, the lamest is the King of nothing special. Once again this week, the U.S. Government proved that axiom and their incessant ability to underwhelm when it comes to the ever-heated battle of the botnets. Multiple reports<\/a> have cited the Department of Homeland Security (DHS), National Institute for Standards and Technology (NIST), and others as generating a wormhole in space-time this week and stepping back into 2009, when and where they encouraged ISPs to adopt a code of conduct for preventing, detecting, and dealing with botnet activity.<\/p>\n

Okay, the wormhole may be a stretch, but perhaps you now understand the tone of this article. This baffling move on the part of the government is strange, uncomfortable and highly inappropriate, for several reasons. First, it\u2019s not and never should be the role of government to \u2018gently suggest\u2019 (i.e., threaten to legislate) best practices in a business and technology they know nothing about. Let\u2019s face it: the U.S. Government has problems of its own without pointing out to someone else that their fly is open. If you doubt me, look here<\/a>, here<\/a>, and here<\/a>.<\/p>\n

Second \u2013 and not to sound like a conspiracy theorist \u2013 but any time there\u2019s a threat of the government sticking its fingers into people\u2019s personal information, one cannot help but feel uncomfortable. In a request for information<\/a> on the Federal Register on a voluntary \u2018Code of Conduct,\u2019 DHS said that one possible suggestion was to \u201cencourage ISPs to send consumer support queries to a centralized consumer resource center that could be supported by a wide number of players. Such a resource center could reduce the burden on corporate customer support centers by pooling resources.\u201d If you\u2019re anything like me, reading that passage is probably giving you an irritating twitch in your right eye just now.<\/p>\n

Finally, and most importantly, if one is to take a leadership role, one actually must\u2026uhm, how can I put this delicately? Lead<\/em><\/strong>. There it is. The fact is, what the U.S. Government is trying to do seems like a severe act of self-deprecation, if the purpose of the meeting this week was to point out to the world that they weren\u2019t<\/em> aware that the ISPs have been doing just fine, thank you very much, in dealing with botnets over the past few years. Writes Kelly Jackson Higgins on Dark Reading<\/a>: \u201cISPs such as Comcast, which two years ago was one of the first to employ a bot-notification service, notify customers whose machines they spot as bot-infected. Comcast\u2019s free Constant Guard Security program directs the infected user to the antivirus center, where he follows directions to remove the bot malware.\u201d<\/p>\n

Fortunately, I\u2019m not the only one who sees it that way. In fact, there\u2019s a long line of private sector organizations who are ready to tell the government to keep their greasy paws off of something they know nothing about: \u201cThe Messaging Anti-Abuse Working Group (MAAWG), which is made up of ISPs, email providers, and security vendors including AT&T, Cisco, McAfee, Facebook, and Verizon, sees the federal effort as unnecessary and redundant, and is balking at the idea of the government legislating how ISPs handle bot-infected customers.\u201d<\/p>\n

Boo-yah! No kidding. No one can blame the ISPs for getting antsy when government suggests a central repository (it incites thoughts of a suppository. Just saying.) for information on their clients \u2013 us \u2013 and I can\u2019t see this one going too far, based on early reactions from the non-government players.<\/p>\n

So where does that leave us? Well, we can\u2019t dismiss some of the information that came out of this event. According to press release from NIST, there are an estimated 4 million new botnet infections each month. The White House\u2019s Cybersecurity coordinator pointed out in his keynote address that fighting these infections \u201crequires a combination of efforts in which everyone has a role to play.\u201d<\/p>\n

Great, now get out of the way and let the ISPs do what they do best.<\/p>\n","protected":false},"excerpt":{"rendered":"