BBC rents it’s own botnet and brags about it….

Viewing 14 reply threads
  • Author
    Posts
    • #3546
      NickFnord
      Participant

      http://news.bbc.co.uk/1/hi/programmes/click_online/7932816.stm

      The technology programme Click has demonstrated just how at risk PCs are of being taken over by hackers.

      Almost 22,000 computers made up Click’s network of hijacked machines, which has now been disabled.

      The BBC has now warned users that their PCs are infected, and advised them on how to make their systems more secure.

      I’m absolutely speachless……  regardless of intent, this is still very illegal.

    • #23102
      doodleface
      Participant

      I am also speechless and in agreement to the above statement, though they did not create this botnet, they stumbled upon the botnet during a cyber crime investigation in an underground hacker forum, yet that is what it is allegedly stated so who can say.

    • #23103
      NickFnord
      Participant

      yeah, sorry – I got the subject line wrong…..  will edit it.

    • #23104
      timmedin
      Participant

      The UK is becoming scary!

      Police set to step up hacking of home PCs
      http://www.timesonline.co.uk/tol/news/politics/article5439604.ece

      THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant.

      The hacking is known as “remote searching”. It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone’s PC at his home, office or hotel room.

    • #23105
      BillV
      Participant

      There’s another thread here somewhere on that same topic (above post, not original).

      Don’t they teach not to do that in just about every security class? I can’t remember taking/listening to a security class on hacking and not hearing “don’t go around breaking into peoples stuff and using it as an example to teach them about security.”

      if this exercise had been done with criminal intent it would be breaking the law

      Wow! So what is that saying, as long as I don’t have any actual “criminal intent,” it’s ok for me to go around doing what otherwise would be illegal activities? Ridiculous…

      BillV

    • #23106
      Ketchup
      Participant

      @timmedin wrote:

      The UK is becoming scary!

      Police set to step up hacking of home PCs
      http://www.timesonline.co.uk/tol/news/politics/article5439604.ece

      THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant.

      The hacking is known as “remote searching”. It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone’s PC at his home, office or hotel room.

      I think that this is another example of poor choice of words.  Hacking sounds scary, installing keyloggers is something cops do on a day to day basis, including in the USA.  Sniffing wireless and malware are something new, but I think it was only a matter of time. 

      In the USA, cops need a warrant to be able to install a keylogger.  Still, it’s easy for someone to abuse this.

      Regarding testing the waters with a botnet, that’s a little silly.  It’s really along the same lines of someone breaking into a home just to say that they can.  It doesn’t matter if they took anything, it’s still break and entering. 

    • #23107
      jason
      Participant

      Was just reading about the BBC thing. There must be something in the water over there, they’re just plain crazy. It like me killing someone, then saying that it was ok because I just did it for demonstration purposes.

    • #23108
      RoleReversal
      Participant

      I’m interested to see how this plays out, there should be a police enquiry at the minimum. Funny how they are playing the ‘no criminal intent’ card, isn’t this the same [unsuccessful] defense used by McKinnon? Don’t think I can see a difference.

      Think I’ve mentioned in other threads the opportunity found by the Tipping Point team during their analysis of Kraken and resulting debate. Think it says everything that the security researchers hold back on interfering with compromised machines whilst the journalists carry on regardless.

      (but uk.gov will never take action against a large corporation, just another transgression in an ever growing list)

    • #23109
      jason
      Participant

      Some follow on articles to this:

      http://www.scmagazineuk.com/BBC-Click-botnet-attack-criticised-by-industry-experts/article/128686/
      http://www.scmagazineuk.com/BBC-may-face-legal-challenges-over-Click-programmes-hacking-feature/article/128741/
      http://www.out-law.com/page-9863

      From what I’ve read, it seems that most folks agree that they seem to have broken *some* law, but there’s a bit of discussion at to exactly what that might be.

    • #23110
      timmedin
      Participant

      What if Gary McKinnon worked for the BBC when he wanted to find out about UFOs? “Don’t worry NASA, we were just looking for aliens”
      http://news.bbc.co.uk/2/hi/programmes/click_online/4977134.stm

      Intent doesn’t matter. Plain and simple, it was unauthorized access.

    • #23111
      jason
      Participant

      @timmedin wrote:

      Intent doesn’t matter. Plain and simple, it was unauthorized access.

      Exactly so. They claim to have consulted with lawyers before doing this. I can’t imagine a lawyer who would have advised them that this was ok.

    • #23112
      Ketchup
      Participant

      @jason wrote:

      I can’t imagine a lawyer who would have advised them that this was ok.

      Oh, there are some really incompetent lawyers out there.  😀

    • #23113
      timmedin
      Participant

      @jason wrote:

      @timmedin wrote:

      Intent doesn’t matter. Plain and simple, it was unauthorized access.

      Exactly so. They claim to have consulted with lawyers before doing this. I can’t imagine a lawyer who would have advised them that this was ok.

      It doesn’t mean they followed the advice of the lawyer.

    • #23114
      tkennedy
      Participant

      Hi Guys,

      Could anyone please tell me what the Botnet the BBC was using was called.. Cant seem to find that info any where. Was trying to establish if there was a detection for it by any of the major A/V vendors…

      Tom

    • #23115
      jason
      Participant

      It was called Chimera. More info here:

      http://blogs.zdnet.com/security/?p=3045

Viewing 14 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?