rc3.org

Strong opinions, weakly held

Links for August 24

Trying yet another format for daily links. Here we go:

  • This is accountability.
  • Footnotes for last night’s Mad Men. If you like those, there’s a whole blog of Mad Men footnotes by the same author.
  • I wanted to second this notion from Matthew Yglesias that it’s stupid to blame Obama’s mistakes for the trials and tribulations of passing health care reform. This is an incredibly complex, emotionally charged issue, and trillions of dollars are at stake. Plus the opposition party is willing to lie constantly to scuttle reform for political reasons. There is no simple road map to reform.
  • The next World of Warcraft expansion (due sometime in 2010) will feature an in game launch event. The theme of the expansion is that an evil dragon unleashes an event that rips the original game world apart, so it’ll probably be worth renewing your game account just for that event when the time comes.
  • How rich are the super rich? Richer than ever.
  • Security researchers are looking at ways that botnets can be controlled through Google or Twitter. As far as I know, right now the most common approach is via IRC. Honestly, it strikes me that the simplest approach would be to set up a blog on BlogSpot and have all of the zombie PCs subscribe to the RSS feed.

5 Comments

  1. Re the Botnets: except that you want to keep the botnet control mechanism non-obvious and distributed so it can’t merely be overridden by, say, Blogspot taking control of that account. Avoid single points of failure.

    As a simple first pass, having the botnet do a search for some cryptographically difficult to anticipate string that appears only on web pages that exist on free hosting sites, that may actually be interspersed with legitimate content, and use control codes then embedded in those pages, means both that Google has to anticipate those strings (or shut down non-dictionary words, which is fraught with problems, and the bot makers can then escalate to non-dictionary phrases), and that all the pages on which those strings appear have to be controlled.

    The war has escalated far beyond “subscribe to an RSS feed and wait for commands”.

  2. I can think of some ways to make the RSS feed approach more secure and robust, for sure.

  3. An RSS feed is only one way. Using Twitter it can be many to many, allowing the botnet to avoid being disabled via a single point of failure.

  4. I’m reluctant to give anyone any ideas, but there are ways to ensure that only messages from the original source are accepted as valid, which would help prevent hijacking. The major problem would seem to be the ability of administrators to block the addresses that the botnet attempts to connect to.

    The use of Google prevents blocking any single source of the control messages, since nobody wants to block Google. You’re essentially using Google as a name resolver, where the resolution to a particular site is not under anyone’s control at Google. Definitely a problem when dealing with low-pagerank results (e.g. based on spurious combinations of words) where it’s easy to get into the index.

  5. Yesterday I started writing up how I’d communicate with a botnet if it were up to me, but then I realized that only bad could come from posting it. Still, it’s an interesting problem to think about as a design exercise.

Leave a Reply

Your email address will not be published.

*

© 2024 rc3.org

Theme by Anders NorenUp ↑