AT&T Doesn't Want to Improve Botnet Efforts Right Now, Thanks As Comcast's Livingood Testifies Before Congress Friday Mar 09 2012 10:29 EDT Tipped by FFH5 Last month FCC boss Julius Genachowski gave a speech in which he urged ISPs to beef up their security practices, citing Comcast and CenturyLink as two companies that did things right in regards to handling botnets and other menaces. ISPs probably didn't need advice from a politician on this front, most knowing precisely what threats are out there -- but sometimes just choosing not to pay to properly deal with them. We've heard complaints from more than a few ISP security folks over the years than beancounters often leave them high and dry on funding. Comcast has been fairly aggressive on the security front, being the first to fully employ DNSSEC and other improvements like the botnet alert system they launched in 2009. Comcast engineer and Broadband Reports forum regular Jason Livingood testified before Congress this week (pdf) highlighting all of the things Comcast has accomplished, while noting that no matter what Comcast does, fully securing the network from threats (and human stupidity) is simply not possible: quote: There is no one silver bullet or quick fix, especially because the risks and threats change so very frequently and dramatically as new technology is developed and as bad actors in cyberspace continue to innovate. They constantly adapt to the latest counter-measures and employ new techniques and tools. As a result, our security protections will never be complete; we must continuously learn, adapt, and work to improve and develop new capabilities to meet the everchanging threats. Indeed, there is no realistic possibility that any network will ever be "completely” secure.
Still, Comcast puts a significant amount of effort into trying, using things like walled gardens to manage infected PCs. Contrast that to AT&T, who says they really don't want to ramp up their botnet efforts because "detection mechanisms are imperfect" (something that doesn't seem to stop Comcast): quote: "We'll see if you're infected if your machine is a live connection," said Amoroso, explaining that what AT&T and other ISPs frequently do now is email the customer with a notification that their machine appears to be infected. But going further to offer advice about cleaning up the machine, or even somehow cleaning the desktop, are not steps that AT&T regards as something it wants to get involved in."The detection mechanisms are imperfect," said Amoroso, noting it's unclear how AT&T would recommend detailed malware eradication instructions to every individual whose PC became infected with any of the vast array of malware types out there. In some instances, "You might actually have to re-image the machine," he pointed out.
It's curious that AT&T would be keen on the costs, liability and legwork involved in letting the NSA tap into absolutely all of their traffic and helping the FBI break wiretap and privacy laws repeatedly, but thinks that some additional botnet protection services would be taking things too far. As usual with AT&T it comes down to money, and investor returns and executive compensation are almost always placed ahead of the health of the network. You see it in their last mile re-investment plans, their treatment of rural DSL, their customer service, and now in botnet security. |
FFH5 Premium Member join:2002-03-03 Tavistock NJ 1 edit |
FFH5
Premium Member
2012-Mar-9 9:24 am
Not perfect, but best Botnet tool is fire walling themAs Comcast's Livingood says, no Botnet blocking attempts will be perfect. But the best tool ISPs have is to block access to the Internet of Botnet affected machines on the ISPs network. Comcast does this by putting the customer device in to a walled garden where you can only get to Comcast and nowhere else until your machine is cleaned. And while help on cleaning by the ISP is limited, at least it cuts down on botnets that Comcast has to deal with. Ultimately, given some advice, it is still the customers responsibility to get their machine cleaned. AT&Ts attitude is very poor. And since this is all playing out in Congress it is possible that a law will be passed forcing ISPs to be more proactive in policing their networks for malware infected customers. No ISP wants to disconnect customers from the net( losing customers and money can be the result ), but they may be forced to if ISPs like AT&T refuse to develop better methods on their own. | |
| | KearnstdSpace Elf Premium Member join:2002-01-22 Mullica Hill, NJ |
Kearnstd
Premium Member
2012-Mar-9 11:10 am
Re: Not perfect, but best Botnet tool is fire walling themthe lockdown and then what is needed is customer education. Mainly bring up the education part because when I worked at Comcast in tech support people would call in and claim that Comcast gave their computer the virus(their evidence.. Their internet comes from comcast so the modem must have had the virus and given it to the computer) | |
| | | JoelC707 Premium Member join:2002-07-09 Lanett, AL |
JoelC707
Premium Member
2012-Mar-9 6:30 pm
Re: Not perfect, but best Botnet tool is fire walling themI know exactly where you're coming from. I know someone who flatly refuses to use or have anything to do with Google. His reasoning? He "got a virus" from from. This was long before I was in the picture so I have no idea if he even got a virus at that time but I can guarantee you it didn't come from Google. What's next? Bing? Yahoo? I have no doubt he had a virus based on his surfing habits but damn. At least blame it on someone other than a search engine. | |
|
| jlivingood Premium Member join:2007-10-28 Philadelphia, PA
2 recommendations |
to FFH5
It had me scratch my head too. In my verbal remarks I said this, which I think pretty much sums up my / our philosophy: While there is no perfect solution to security, that does not mean there are no good solutions. So our focus has been to quite simply roll up our sleeves and get to work, chipping away at the security threats day in and day out, quickly learning and adapting. | |
| | | |
Re: Not perfect, but best Botnet tool is fire walling themI give you folks props for this one, I am not a big fan of comcast for my own reasons. But at least you guys are trying to help fight the good fight here. | |
| | | jlibuszowski Premium Member join:2005-10-25 Hoffman Estates, IL |
to jlivingood
said by jlivingood:It had me scratch my head too. In my verbal remarks I said this, which I think pretty much sums up my / our philosophy: While there is no perfect solution to security, that does not mean there are no good solutions. So our focus has been to quite simply roll up our sleeves and get to work, chipping away at the security threats day in and day out, quickly learning and adapting. Well Mr. Livingood yes I can understand why you maybe scratching your head. Let's just say that the installation contractors and workers that you employ at Comcast are treated vastly different than those working for AT&T. I have met several Comcast tech's and they are very happy with their job conditions, are proud to work for the company and do a really good job. However that is not the case for AT&T premise install technicians. Perhaps the easiest way to explain things is perhaps visually and through AT&T's actual settlements with their IT workers nationwide. » whyattdestroysjobs.wordp ··· -or-att/If you can imagine 12hr days, no lunch and 10 micro-managers for every worker you may be able to understand why AT&T cannot reasonably offer managed offerings to clean up malware/viruses on clients/customers computers. Outside of a person overseas that is going to tell them to reformat their hard drive, in the instance that they could not solve the problem remotely in 15minutes or there about. Perhaps that is what Mr. Amoroso meant when he stated something similar. I don't know I am sure you have your own guesses and could probably fill us in. Since, AT&T doesn't seem to like to do anything of the sort. » Known outage in Chicago?Heck AT&T cannot even manage to have a hot fail-over for their DSL / Uverse authentication servers. Let's be realistic anyone that has worked in IT for any period of time knows that accidents happen. Some IT worker inadvertently wipes out the router tables, ect... However, every couple of months like clockwork AT&T's whole regional authentication servers bring entire Metropolitan area's like Chicago down. That mean's businesses can't run, lawfirms miss filing dates, cpa's and accountants can't access audits and returns, suppliers can't get paid, trucking outfits can't provide gas dispatch, restaurants can't process credit card and other transactions.... The list goes on and on. It's a real big mess. Sorry but I have worked for every big box retail store while with major pc manufactures as well as most major ISP's in the US and have never seen a company as terribly managed as the "new AT&T". Personally, what really needs to happen is the US DOJ / US Department of Labor open up another antitrust investigation into the AT&T Monopolistic company. Quite frankly it has been 7 years since the approval of the SBC/AT&T acquisition. » news.cnet.com/SBC-closes ··· 206.htmlAnd MA bell is back at it again only this time worse than the MAbell AT&T we all remember in the 70's. Their Own CEO Randall Stephenson has remarked their flagship DSL and Uverse product is a relic and inferior and they "AT&T CEO: to chase comcast we built dsl, it is obsolete now". » gigaom.com/broadband/oh- ··· bsolete/ | |
|
| Oh_NoTrogglus normalus join:2011-05-21 Chicago, IL |
to FFH5
Comcast and centrylink pay a backbone provider for internet access. They probably benefit from reducing unecessary traffic from their network.
ATT is their own backbone provider. They could care less if they use more bandwidth since they dont pay a 3rd party for internet access. | |
| | | SimbaSevenI Void Warranties join:2003-03-24 Billings, MT ·StarLink
|
Re: Not perfect, but best Botnet tool is fire walling themsaid by Oh_No:Comcast and centrylink pay a backbone provider for internet access. I really hope you did a little bit of research before posting that. | |
| | | | Oh_NoTrogglus normalus join:2011-05-21 Chicago, IL |
Oh_No
Member
2012-Mar-10 2:33 pm
Re: Not perfect, but best Botnet tool is fire walling themComcast is not a tier 1 isp, they pay for internet access through a 3rd party.
For centurylink, I never heard of them, but I see qwest was bought by centurylink last year. Qwest was a tier 1 isp so now centurylink is. Less than 1 year ago centurylink was not a tier 1 provider so I still stand by my statement. Looks like you did not do any research at all. | |
|
| | |
researchplz to Oh_No
Anon
2012-Mar-10 2:18 pm
to Oh_No
I will say, this is why the Internet is a poor source of reliable information. You need to heed the warning of posting information that is inaccurate could lead down a very bad road. You are incorrect at least about CenturyLink. There are peers that are used just like every other company to create what is called the Internet, but at least CenturyLink (cannot comment on Comcast) does not use some third parties backbone for their main network. Maybe even taking a look at the CenturyLink website will allow you some more insight? Try this: » www.centurylink.com/busi ··· ist.html | |
|
|
A Step ISPs Can TakeAnd a step they should take, IMO.
When an ISP has detected, with a high degree of confidence, that one of their residential customers is the source of network abuse, they should wall that customer off promptly. Business customers should be alerted (emailed? texted?) and given a reasonable amount of time to see and act upon the alert. (I don't know as I'm prepared to define "reasonable time," right off.)
The reason for the difference is that business customers are far more likely to have responsive IT people aboard that can and will address the (suspected) problem in a timely manner. | |
| | |
axus join:2001-06-18 Washington, DC |
axus
Member
2012-Mar-9 10:02 am
Good job ComcastNice to see them getting credit for doing the right thing! | |
| |
Clueless peopleLet's see, IBM released their original PC in 1981, which was 31 years ago, people started to go online en masse around 1995, which was 17 years ago, and the ILOVEYOU worm, which was all over the news, hit back in 2000, which was 12 years ago, yet people don't seem to have learned a damn thing about keeping their computers clean. And it really isn't that hard. Having an up-to-date antivirus program will catch probably at least 95% of this stuff, maybe more. And you don't even have to pay for one, since AVG, Avast, Avira, and Microsoft Security Essentials are all free, not to mention that many ISP's offer McAfee or Symantec as part of their service packages.
I wonder, in the first 31 years after cars came on the market, did people regularly forget to change the oil and let their engines burn up, or did they not fix their tires when they started to leak? I bet not.
What is it about computers that makes so many people so stupid?
Sorry for the rant. I'm just feeling a little crabby this morning for some reason. | |
| | n2jtx join:2001-01-13 Glen Head, NY |
n2jtx
Member
2012-Mar-9 11:00 am
Re: Clueless peoplesaid by ISurfTooMuch:Let's see, IBM released their original PC in 1981, which was 31 years ago, people started to go online en masse around 1995, which was 17 years ago, and the ILOVEYOU worm, which was all over the news, hit back in 2000, which was 12 years ago, yet people don't seem to have learned a damn thing about keeping their computers clean. Back in the early 1990's, I was working for a large corporation and we were getting hit with floppy based viruses such as Michelangelo and Monkey. This was before we were connected to the Internet. People were bringing in their viruses from home and AV software was not really mainstream yet. I was amazed at how viruses would propagate through the finance department as they were constantly swapping floppies to work on spreadsheets. Network connectivity helped cut down on sneaker net infections but then introduced us to the worm. | |
| | KearnstdSpace Elf Premium Member join:2002-01-22 Mullica Hill, NJ |
to ISurfTooMuch
said by ISurfTooMuch:Let's see, IBM released their original PC in 1981, which was 31 years ago, people started to go online en masse around 1995, which was 17 years ago, and the ILOVEYOU worm, which was all over the news, hit back in 2000, which was 12 years ago, yet people don't seem to have learned a damn thing about keeping their computers clean. And it really isn't that hard. Having an up-to-date antivirus program will catch probably at least 95% of this stuff, maybe more. And you don't even have to pay for one, since AVG, Avast, Avira, and Microsoft Security Essentials are all free, not to mention that many ISP's offer McAfee or Symantec as part of their service packages.
I wonder, in the first 31 years after cars came on the market, did people regularly forget to change the oil and let their engines burn up, or did they not fix their tires when they started to leak? I bet not.
What is it about computers that makes so many people so stupid?
Sorry for the rant. I'm just feeling a little crabby this morning for some reason. Because people knew that a car was a complex machine. the problem is a computer is a nice black or white box that sits on a desk or table. people see it no different as a DVD player, TV or Microwave oven. plug and and forget. | |
| | | Desdinova Premium Member join:2003-01-26 Gaithersburg, MD |
Re: Clueless peopleI agree. Add to that how cars have been around in more or less the same form for quite a while and several generations grew up around them, learning how they worked and what was needed to KEEP them working. I'm a hardcore techhie and I've built dozens of custom computers for clients (including all the Watchout servers for Attack Of The Show on G4) and even though I know computers pretty well, I still sometimes find myself looking at one and thinking (usually when I'm drunk) "Hmmm...Magic Box is displeased." | |
|
| mmay149q Premium Member join:2009-03-05 Dallas, TX |
to ISurfTooMuch
said by ISurfTooMuch:I wonder, in the first 31 years after cars came on the market, did people regularly forget to change the oil and let their engines burn up, or did they not fix their tires when they started to leak? I bet not.
What is it about computers that makes so many people so stupid?
Sorry for the rant. I'm just feeling a little crabby this morning for some reason. Don't be sorry, it's true, and I feel the same way as you even though I charge people $50 for virus cleaning and malware removal (in fact I've charged the same people $50 a number of times, and have even tried to educate them so I wouldn't have to spend so much of my free time at their house fixing their problems... To which they always respond "Well I have you for that, and you're awesome, plus you're getting paid!") I would think the same thing about computers as I would cars now a days, I mean it's almost a necessity to have one to pay all of your bills, view your bank account to make sure you didn't go over the limit, and keep in touch with friends via social media or email, or even to work from home in some cases. In my experiences it seems that the reason why people continue to fall into viruses is because after getting one they refuse to change their habits (Most of the ones I clean are from porn related websites.....) Maybe one day we'll all live in a technological society where at least 95% of the population knows how to take care of their computer, or knows the basics in how to fight viruses... But right now we are just still in the infant stages, and man is it a PITA. Matt | |
| | Oh_NoTrogglus normalus join:2011-05-21 Chicago, IL |
to ISurfTooMuch
said by ISurfTooMuch:What is it about computers that makes so many people so stupid?
Sorry for the rant. I'm just feeling a little crabby this morning for some reason. The smart bot net programmers dont let the end user know their PC is infected. They dont lock up other programs or cause ads to popup. So from the end users side they know their email, facebook, and youtube work so they dont care about anything else or have any idea anything is wrong. Fixing their bot net problem does not change anything they are doing on their computer. Now making sure your car is fixed means you can get to work. | |
| | jlibuszowski Premium Member join:2005-10-25 Hoffman Estates, IL |
to ISurfTooMuch
said by ISurfTooMuch:I wonder, in the first 31 years after cars came on the market, did people regularly forget to change the oil and let their engines burn up, or did they not fix their tires when they started to leak? I bet not.
What is it about computers that makes so many people so stupid?
Sorry for the rant. I'm just feeling a little crabby this morning for some reason. It depends, I had a college educated friend that worked at hooters as a waitress. Not the smartest girl - since she figured that she could just apply to a different school and not have to list all the school she attended when she took the CPA exam. In anycase, the same actually destroyed a brand new $20k+ car because she did not know it required oil. Obviously very attractive woman so that made up for it but a little ditsy. The same woman, took her car to get the brakes fixed - end result the mechanic charged her $1000+ to replace all the pads and new rotors on all four wheels (front and back). The only issue was when she showed me what a great job they did on her vehicle, the back set brakes were drum brakes. Let's just say I had a not so kind talk to the manager of the brake shop that returned all of her money. Now if she just was aware that you need to change the cars oil. PS: The internets tell me there is a local hooters down in Tuscaloosa, AL there and Nascar is on. Either way I'm going back to watching Nascar. Hope you are having a little better day - ~JL | |
|
|
Improviz
Anon
2012-Mar-9 10:30 am
Comcast/BotnetsThis is interesting, because starting last year, Comcast begin sending me emails saying "a computer on your network is infected with a bot!". I take security very seriously (and all the computers that access my network have Comcast-provided security, so a little ironic), so one by one, I took down 2 desktops, 2 laptops, and 2 netbooks. I booted each into Safe Mode and scanned them. I installed Secunia. I even scanned them using the bootable AVG thumb drive that I made, so they weren't even in Windows while being scanned. NOTHING. While I realize there's still a chance one machine could be infected, the odds seemed pretty slim. So, I called Comcast directly and asked them why they thought I had a bot? After a lot of hemming and hawing, they said "because a machine on your network has accessed an IP address associated with botnet activity." Fine, says I. Tell me the IP address and I'll block it on my router. "We can't tell you the IP address for legal reasons" was the Comcast reply. WTF? | |
| |
This is interesting, because starting last year, Comcast begin sending me emails saying "a computer on your network is infected with a bot!". I take security very seriously (and all the computers that access my network have Comcast-provided security, so a little ironic), so one by one, I took down 2 desktops, 2 laptops, and 2 netbooks. I booted each into Safe Mode and scanned them. I installed Secunia. I even scanned them using the bootable AVG thumb drive that I made, so they weren't even in Windows while being scanned. NOTHING. While I realize there's still a chance one machine could be infected, the odds seemed pretty slim. So, I called Comcast directly and asked them why they thought I had a bot? After a lot of hemming and hawing, they said "because a machine on your network has accessed an IP address associated with botnet activity." Fine, says I. Tell me the IP address and I'll block it on my router. "We can't tell you the IP address for legal reasons" was the Comcast reply. WTF? | |
| | tshirt Premium Member join:2004-07-11 Snohomish, WA |
tshirt
Premium Member
2012-Mar-9 10:57 am
Re: Comcast/BotnetsSo what was their solution to fixing the problem? | |
| | jlivingood Premium Member join:2007-10-28 Philadelphia, PA
1 recommendation |
to UncleScotty
said by UncleScotty:This is interesting, because starting last year, Comcast begin sending me emails saying "a computer on your network is infected with a bot!".
Tell me the IP address and I'll block it on my router. "We can't tell you the IP address for legal reasons" was the Comcast reply. WTF? Yeah, not a great response. We've done a lot since then to educate our care reps and in most cases these days you will just get routed to the experts on our Customer Security Assistance (CSA) team. We knew we'd hear some feedback like that when we launched but felt even if we did not know which computer on the LAN some info is better than none - and many people once they had the info would find 'Oh, I bet it's that PC in the kitchen that'd been running so slowly lately' or otherwise be able to track it down. Admittedly imperfect, but better than not providing any info. So yes, we heard a lot of feedback asking for info about which computer on the home LAN has the issue. Unfortunately since (most) customers have a NAT router we cannot see the traffic from each IP address so we're limited. But, we've done a few things to try to address it. First is we have a beta of 'Am I Botted?' at » amibotted.comcast.net that can provide time and date stamps of infection, which customers usually find very helpful in identifying which computer it was. In addition, we are experimenting with customized notices and tools for different malware. So for example the DNS Changer malware is a customize Constant Guard alert and one of the (3rd party) tools we refer you to (DNS-Okay) can be run from each computer and can often tell you which one has the issue. And, we're working on other tools as well to help but these are not yet ready to see the light of day (but we're working on it!). | |
| | | FFH5 Premium Member join:2002-03-03 Tavistock NJ |
FFH5
Premium Member
2012-Mar-9 1:33 pm
Re: Comcast/Botnetssaid by jlivingood So for example the DNS Changer malware is a customize Constant Guard alert and one of the (3rd party) tools we refer you to (DNS-Okay) can be run from each computer and can often tell you which one has the issue.
»www.dns-ok.us/ | |
|
rradina join:2000-08-08 Chesterfield, MO |
In the metered-billing frontal lobe of the AT&T brain trust, perhaps the best action is no action when infected PCs use more bandwidth and generate additional revenue...
Am I just being too cynical? | |
| | |
Re: Does AT&T See RevenueI think that the increased cost of support probably eats up any additional revenue. After all, when people's computers get infected, they usually start exhibiting problems, such as slow performance and connectivity, not to mention pop-ups, and, when these things happen, people are going to start calling tech support.
I think the reason you see inaction is simply because the ISP's don't see an easy way out. The reasoning goes that, if you start blocking infected computers, the customers are going to tie up the lines to tech support because they won't know what they're reading or how to deal with it, or they may leave for another provider. Either way, the ISP loses money.
I used to think that this problem could be at least partially solved if we geeks all went out there and each helped a few people clean their computers. Well, I don't know about anyone else, but I'm burned out on fixing others' computers for free when, after I'm done cleaning them up, they don't take responsibility for them, and within a few months, they're right back where they started, and my phone is ringing again. I'll still do it, but I'll avoid it if I can. | |
| | | rradina join:2000-08-08 Chesterfield, MO |
Re: Does AT&T See RevenueI see your point. However, they could auto-sandbox the user's connection and route all web requests to one of the Internet scan-n-fix sites. ISPs could even arrange kick-back fees for routing users to preferred sites. Once the fix it site cleans them, preferred sites could send a message to the ISP which could then automate the removal of the sandbox. | |
|
CamaroQuestion everything Premium Member join:2008-04-05 Westfield, MA |
Camaro
Premium Member
2012-Mar-9 12:09 pm
"Choosing not to pay". | |
|
1 recommendation |
» cr.yp.to/serverinfo.htmlPersonally, I'd much rather not have to deal with another Zawacki, telling me that my «machine is "compromised" and is "scanning on port 25"», to quote DJB. Don't see why AT&T has to be blamed here. Better blaim Microsoft for providing systems so prone to viruses and botnets. | |
| David Premium Member join:2002-05-30 Granite City, IL |
David
Premium Member
2012-Mar-9 3:07 pm
said by ConstantineM:»cr.yp.to/serverinfo.html
Personally, I'd much rather not have to deal with another Zawacki, telling me that my «machine is "compromised" and is "scanning on port 25"», to quote DJB.
Don't see why AT&T has to be blamed here. Better blaim Microsoft for providing systems so prone to viruses and botnets. I agree, and lack-of-security-itus (been watching too much house!) seems to be the larger issue. People expect PC's to be like their TV, they turn it on and it works. Pretty much what they get from an Iphone, Ipad, android pad, android phone, etc.. said by ISurfTooMuch:I think that the increased cost of support probably eats up any additional revenue. After all, when people's computers get infected, they usually start exhibiting problems, such as slow performance and connectivity, not to mention pop-ups, and, when these things happen, people are going to start calling tech support.
I think the reason you see inaction is simply because the ISP's don't see an easy way out. The reasoning goes that, if you start blocking infected computers, the customers are going to tie up the lines to tech support because they won't know what they're reading or how to deal with it, or they may leave for another provider. Either way, the ISP loses money.
I used to think that this problem could be at least partially solved if we geeks all went out there and each helped a few people clean their computers. Well, I don't know about anyone else, but I'm burned out on fixing others' computers for free when, after I'm done cleaning them up, they don't take responsibility for them, and within a few months, they're right back where they started, and my phone is ringing again. I'll still do it, but I'll avoid it if I can. Agreed- I don't know how many systems I have been told to "clean up" just for it to be infected again. | |
| | |
Re: thoughtsIndeed. And I agree with another post that much of it is because many people are doing things that get them infected, such as visiting porn sites, and they don't want to stop doing these things. Or they will simply click any damn thing that pops up in their browser without even stopping to think about the consequences. | |
| | David Premium Member join:2002-05-30 Granite City, IL |
David
Premium Member
2012-Mar-9 8:20 pm
The good thing I did was I kept an image on what I repaired for 5+ years so if it did come back to me, I could restore it back to a day when I knew it was fixed and basically collect quick pay. I have more than enough storage space for a while. | |
|
jlibuszowski Premium Member join:2005-10-25 Hoffman Estates, IL |
Pretty much, basically I watched most of the testimony and a couple points stuck out. Here is the full 2hr testimony if you missed it » www.c-span.org/Events/IS ··· 28851-1/1) Politicians who really have no clue about security are trying to create laws that govern how ISP's mitigate threats and protect THEIR networks. Note: I said ISPs networks: not the US government's, not those that connect to them. Simply put if you allow private corporations to address the security issues and NOT have government sticking their noses into things, you will be a lot better off. Case in point would be the TSA - they've really done a great job over the years... Sadly that is not the case and there have been many instances where civil liberties have been taken away with no greater security. Second of all the whole malware threat scenario is constantly changing and while you can credit some software technology to help stop the spread of malware, viruses and other threat vectors. As Mr. Amoroso a/k/a 'Dr. Sunshine' testified and I'll paraphrase "it's not an exact science and the threats are constantly changing" so it's not that AT&T is choosing to do nothing, it's they are taking a different approach. Here is virus/malware's EST's review on Comcast's Constant Guard » blog.eset.com/2011/05/13 ··· %9D-workAnd with the ever changing number of 0day infection(s) and new viruses in the wild everyday, it seems like this is just another piece of bloatware to run on your machine. Not to mention that many viruses today are masterfully coded that will disable many virus protection software on install. That said, i'll give credit where credit is due. Clearly hat's off to Comcast and Mr. Jason Livingood for doing their part to attempt to stem the malware infections. I just question whether it's just another piece of bloatware to sell additional services or truly an effective piece of software. 2) Politicians about 1hr 6minutes into discussions raised the point of allowing private mobile devices (namely smartphones, blackberry, iphones,ect) and allow ALL federal agency employees to bring their own devices to work. So now you have a security threat issue, since you do not know anything about the device, they could easily have rootkits installed on them whether known to the user or unknown. These are the same security issues raised with federal government purchases, when some vendors advocate buying from say Cisco refurbished suppliers, where in some cases the gear had backdoor vulnerabilities installed there by the Chinese. Sorry but the last thing we need is say Homeland Security, FBI, NSA or even federal employees who have sensitive data being allowed to put their own personal devices onto government networks... About all that I took away from all of this was the fact that the US government really has no clue about real world security, and they are playing a ketchup game where they are living in the last century in terms of understanding IT infrastructure. In which even the Government Accountability Office yet again for another straight year has labeled the security weaknesses. "For fiscal year 2008, almost all 24 major federal agencies had weaknesses in information security controls" And further went on to say "Over the past few years, 24 major federal agencies1 have reported numerous security incidents in which sensitive information has been lost or stolen, including personally identifiable information, which has exposed millions of Americans to a loss of privacy, identity theft, and other" » www.gao.gov/new.items/d09546.pdf | |
| | NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
1 edit |
NetFixer
Premium Member
2012-Mar-9 5:15 pm
Re: Is this really the US cyber defense best hope?said by jlibuszowski:Here is virus/malware's EST's review on Comcast's Constant Guard
»blog.eset.com/2011/05/13/will-th···%9D-work
And with the ever changing number of 0day infection(s) and new viruses in the wild everyday, it seems like this is just another piece of bloatware to run on your machine. Not to mention that many viruses today are masterfully coded that will disable many virus protection software on install. That said, i'll give credit where credit is due. Clearly hat's off to Comcast and Mr. Jason Livingood for doing their part to attempt to stem the malware infections. I just question whether it's just another piece of bloatware to sell additional services or truly an effective piece of software. Both the blogger and you have missed the point of Comcast's bot detection system. The modified downloadable Norton suite that Comcast calls "Constant Guard" is only one facet. Comcast still monitors their customers' connections for bot activity whether the customer uses the "Constant Guard" product or not. Comcast is partly to blame for the confusion because they use the same "Constant Guard" name for both the downloadable security suite and their internal security program. If simply supplying a brand name security suite to customers was all that was necessary, then AT&T could claim that they were on a par with Comcast, since AT&T supplies a customized version of McAfee to their customers. | |
|
dvd536as Mr. Pink as they come Premium Member join:2001-04-27 Phoenix, AZ |
dvd536
Premium Member
2012-Mar-9 8:46 pm
Doesn't want to do anything because a bot pingflooding or other attacks 24/7 is chewing through the users cap, then come the very lucrative overages. so its good for their bottom line to leave infected people alone. | |
| dib22 join:2002-01-27 Kansas City, MO |
dib22
Member
2012-Mar-9 11:37 pm
AT&T mobile broadband cards are already monitored for botnet activity. I have received an email warning me of 'botnet' like activity with a couple of my P2P network clients before... they don't shut it down they just email a warning and if they get no reply then they lock it down.
I am guessing this is referring to wireline service? | |
| | jlibuszowski Premium Member join:2005-10-25 Hoffman Estates, IL 1 edit |
Re: Att wireless or wireline?said by dib22:AT&T mobile broadband cards are already monitored for botnet activity. I have received an email warning me of 'botnet' like activity with a couple of my P2P network clients before... they don't shut it down they just email a warning and if they get no reply then they lock it down.
I am guessing this is referring to wireline service? said by dib22:AT&T mobile broadband cards are already monitored for botnet activity. I have received an email warning me of 'botnet' like activity with a couple of my P2P network clients before... they don't shut it down they just email a warning and if they get no reply then they lock it down.
I am guessing this is referring to wireline service? No based on testimony given my AT&T's CIO and our own experience from clients, they provide notice both on wireline /broadband network as well as mobile services. Both Comcast as well as AT&T as Netfixer also pointed out provider their own branded versions of antivirus/ malware solutions. A few of the questions raised by congress as it relates to DDOS attacks and botnet activities which are often relates. Is what is the responsibility that network providers and ISP's have to not only stop the spread of malware, but also potentially remove it from users machines? Which herein lies the problem - since there is no one size solution to getting rid of anti-viruses and malware, not to mention you also have to consider the legal implications of doing so. People and corporations take their data pretty seriously; client data, images, videos, ect... Now what happens if the ISPs start attempting to remotely fix clients computers and end up destroying data (which is bound to happen). Quite frankly I don't know any attorney or insurance underwriter that would want to create an acceptable risk policy for a $30-50 broadband service. Areas that can be improved: In the instance of AT&T would be the security of their Yahoo email service that they rely on to provide customer email. Here is a service that many politicians and attorneys and federal employees use in the course of their normal work and several large scale breaches have shown security SERIOUSLY lacking. Furthermore, numerous customers have complained about the utter lack of support from yahoo directly and the fact that AT&T third party contractors many of which operate out of potentially foreign controlled adversary countries have the ability to reset passwords. Case in point : US Politician Sarah Palin's yahoo email account hacked. If I recall correctly wasn't Mrs. Palin the vice presidential running mate of Mr. McCain in 08'. So I would figure Mr. McCain the US Senator that called some of these talks, would know her well... » www.time.com/time/politi ··· ,00.htmlor US Embassador Ray's yahoo email also hacked » www.zimeye.org/?p=41632 . I of course could go on and on... Or if you want and Equally troubling issue that Everyone including all the ISP's their counsel and attorneys should be alarmed at. Would be the fact that "The Stored Communications Act, passed in 1986, says that the government may obtain any e-mail stored on a server for longer than 180 days by court order or administrative subpoena without showing probable cause" -SAM GLOVER Lawyerist » lawyerist.com/is-e-mail-secure/Now, I know a number of both lobbyist and staff attorneys that work for both Comcast as well as AT&T and or are of counsel for a number of other ISP's and they too use free email accounts at AOL,Hotmail,Yahoo,Comcast,Google et cetera in their ordinary life of receiving and replying to email. Many of them have just grown up with an old AOL or Yahoo/AT&T or Comcast email account and that is what they know how to use and that is what they use. Not to mention to be entirely frank the ability for anyone to subpoena email that is older than 180 days old because it's considered "abandoned" is clearly something that needs to be updated ASAP! The fact remains that it's not 1980, and BBS and 300 baud modems are a thing of the past, so the belief that any email past 180 days is no longer protected under current privacy statutes and laws, needs to be updated. Now I am all for tracking down and prosecuting criminals, but there needs to be a balance between email privacy and protection. Which in the day and age of gigabytes of email storage and archived email going back years or decades, the legal notion that email over 180 days old is "abandoned" and attorney client privileged data can be potentially exposed to some member of law enforcement without a court order is unfathomable. Regards JL | |
|
|
hspcd
Anon
2012-Mar-13 7:32 am
Like in a lot of areas of every day life, there are those who are involved in this issue who want the Internet to be another thing under the control and management of the government. What we need is not more government regulations and control, but a nation of people who embrace personal accountability. It's not the job of the ISPs to secure our personal computers. Their job is to provide fast, reliable Internet service.
If we keep crawling back to the federal government lime this, soon we'll have control and individual ownership of NOTHING. | |
|
| |
|
|