.

Kraken Cracked; Now What?

<<

CadillacGolfer

Newbie
Newbie

Posts: 36

Joined: Thu Dec 14, 2006 1:58 pm

Post Fri May 09, 2008 11:38 am

Kraken Cracked; Now What?

Now that researchers have reverse-engineered and potentially gained control of the Kraken botnet, the question becomes what to do next.

Their ability to control the infected computers gives them the power to redirect the computers and even send them updates through the Kraken protocol to remove the zombie.  Some are in favor of the idea, while others question the ethics behind removing something, even malware, from someone's computer without their consent.

http://www.theregister.co.uk/2008/04/29 ... filtrated/ <http://www.theregister.co.uk/2008/04/29/kraken_botnet_infiltrated/>

http://www.eweek.com/c/a/Security/Krake ... cs-Debate/ <http://www.eweek.com/c/a/Security/Kraken-Botnet-Infiltration-Triggers-Ethics-Debate/>

http://www.computerworld.com/action/art ... ss_topic17 <http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9081258&source=rss_topic17>


Interesting ethical/legal question.  Most folks I've talked to at my organization are on the side of the potential unintended consequences are too great, not to mention potential liability issues.
<<

oneeyedcarmen

User avatar

Full Member
Full Member

Posts: 233

Joined: Thu Jul 05, 2007 2:13 pm

Location: Baltimore, MD USA

Post Fri May 09, 2008 12:07 pm

Re: Kraken Cracked; Now What?

[quote=Ryan Narine's eWeek article the CadillacGolfer referenced]Andrew Hay, product manager at Q1 Labs, a network security management company, said the concept of tampering with a user’s machine without consent, even if it’s to remove malicious software, is “ethically questionable.”

“I couldn’t in good conscience send any command to a machine without the user’s knowledge and approval,” Hay said. “Ethically speaking, we just can’t make that decision regardless of if it’s right or whether it’s the best thing to do for the good of the Internet.”[/quote]

Andrew is a occasional contributor to EH-Net, and his blog can be found here.
Reluctant CISSP, Certified ASS

Return to News from the Outside World

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software