BBC rents it's own botnet and brags about it....

<<

NickFnord

User avatar

Full Member
Full Member

Posts: 117

Joined: Fri Sep 05, 2008 5:25 am

Post Thu Mar 12, 2009 10:01 am

BBC rents it's own botnet and brags about it....

http://news.bbc.co.uk/1/hi/programmes/c ... 932816.stm

The technology programme Click has demonstrated just how at risk PCs are of being taken over by hackers.

Almost 22,000 computers made up Click's network of hijacked machines, which has now been disabled.

The BBC has now warned users that their PCs are infected, and advised them on how to make their systems more secure.


I'm absolutely speachless......  regardless of intent, this is still very illegal.
Last edited by NickFnord on Thu Mar 12, 2009 10:35 am, edited 1 time in total.
<<

doodleface

User avatar

Newbie
Newbie

Posts: 34

Joined: Mon Jan 12, 2009 6:26 pm

Post Thu Mar 12, 2009 10:29 am

Re: BBC creates it's own botnet and brags about it....

I am also speechless and in agreement to the above statement, though they did not create this botnet, they stumbled upon the botnet during a cyber crime investigation in an underground hacker forum, yet that is what it is allegedly stated so who can say.
CISSP, OSCP, C|EH, E|CSA, C|HFI, GXPN, GCFA, GCIA, GREM, GWAPT, GCIH
GSEC, GISP, FCNSP, MCITP:EA, MCSE Security, CCNA, JNCIA, JNCIA-FWV, A+
Network+, Server+, Security+
<<

NickFnord

User avatar

Full Member
Full Member

Posts: 117

Joined: Fri Sep 05, 2008 5:25 am

Post Thu Mar 12, 2009 10:35 am

Re: BBC creates it's own botnet and brags about it....

yeah, sorry - I got the subject line wrong.....  will edit it.
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Thu Mar 12, 2009 11:41 am

Re: BBC rents it's own botnet and brags about it....

The UK is becoming scary!

Police set to step up hacking of home PCs
http://www.timesonline.co.uk/tol/news/p ... 439604.ece
THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant.

...

The hacking is known as “remote searching”. It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone’s PC at his home, office or hotel room.
twitter.com/timmedin | http://blog.securitywhole.com
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1911

Joined: Mon Dec 11, 2006 3:23 pm

Post Thu Mar 12, 2009 4:01 pm

Re: BBC rents it's own botnet and brags about it....

There's another thread here somewhere on that same topic (above post, not original).

Don't they teach not to do that in just about every security class? I can't remember taking/listening to a security class on hacking and not hearing "don't go around breaking into peoples stuff and using it as an example to teach them about security."

if this exercise had been done with criminal intent it would be breaking the law


Wow! So what is that saying, as long as I don't have any actual "criminal intent," it's ok for me to go around doing what otherwise would be illegal activities? Ridiculous...

BillV
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Thu Mar 12, 2009 4:10 pm

Re: BBC rents it's own botnet and brags about it....

timmedin wrote:The UK is becoming scary!

Police set to step up hacking of home PCs
http://www.timesonline.co.uk/tol/news/p ... 439604.ece
THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant.

...

The hacking is known as “remote searching”. It allows police or MI5 officers who may be hundreds of miles away to examine covertly the hard drive of someone’s PC at his home, office or hotel room.



I think that this is another example of poor choice of words.  Hacking sounds scary, installing keyloggers is something cops do on a day to day basis, including in the USA.  Sniffing wireless and malware are something new, but I think it was only a matter of time. 

In the USA, cops need a warrant to be able to install a keylogger.  Still, it's easy for someone to abuse this.

Regarding testing the waters with a botnet, that's a little silly.  It's really along the same lines of someone breaking into a home just to say that they can.  It doesn't matter if they took anything, it's still break and entering. 
~~~~~~~~~~~~~~
Ketchup
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Thu Mar 12, 2009 9:05 pm

Re: BBC rents it's own botnet and brags about it....

Was just reading about the BBC thing. There must be something in the water over there, they're just plain crazy. It like me killing someone, then saying that it was ok because I just did it for demonstration purposes.
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 929

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Fri Mar 13, 2009 6:58 am

Re: BBC rents it's own botnet and brags about it....

I'm interested to see how this plays out, there should be a police enquiry at the minimum. Funny how they are playing the 'no criminal intent' card, isn't this the same [unsuccessful] defense used by McKinnon? Don't think I can see a difference.

Think I've mentioned in other threads the opportunity found by the Tipping Point team during their analysis of Kraken and resulting debate. Think it says everything that the security researchers hold back on interfering with compromised machines whilst the journalists carry on regardless.

(but uk.gov will never take action against a large corporation, just another transgression in an ever growing list)
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Sun Mar 15, 2009 10:38 pm

Re: BBC rents it's own botnet and brags about it....

Some follow on articles to this:

http://www.scmagazineuk.com/BBC-Click-b ... le/128686/
http://www.scmagazineuk.com/BBC-may-fac ... le/128741/
http://www.out-law.com/page-9863

From what I've read, it seems that most folks agree that they seem to have broken *some* law, but there's a bit of discussion at to exactly what that might be.
Last edited by jason on Mon Mar 16, 2009 7:30 pm, edited 1 time in total.
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Mon Mar 16, 2009 4:20 pm

Re: BBC rents it's own botnet and brags about it....

What if Gary McKinnon worked for the BBC when he wanted to find out about UFOs? "Don't worry NASA, we were just looking for aliens"
http://news.bbc.co.uk/2/hi/programmes/c ... 977134.stm

Intent doesn't matter. Plain and simple, it was unauthorized access.
twitter.com/timmedin | http://blog.securitywhole.com
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Mon Mar 16, 2009 7:32 pm

Re: BBC rents it's own botnet and brags about it....

timmedin wrote:Intent doesn't matter. Plain and simple, it was unauthorized access.


Exactly so. They claim to have consulted with lawyers before doing this. I can't imagine a lawyer who would have advised them that this was ok.
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Mon Mar 16, 2009 9:24 pm

Re: BBC rents it's own botnet and brags about it....

jason wrote:I can't imagine a lawyer who would have advised them that this was ok.


Oh, there are some really incompetent lawyers out there.  :D
~~~~~~~~~~~~~~
Ketchup
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Mon Mar 16, 2009 10:45 pm

Re: BBC rents it's own botnet and brags about it....

jason wrote:
timmedin wrote:Intent doesn't matter. Plain and simple, it was unauthorized access.


Exactly so. They claim to have consulted with lawyers before doing this. I can't imagine a lawyer who would have advised them that this was ok.


It doesn't mean they followed the advice of the lawyer.
twitter.com/timmedin | http://blog.securitywhole.com
<<

tkennedy

Newbie
Newbie

Posts: 1

Joined: Sat Mar 21, 2009 12:46 am

Post Sat Mar 21, 2009 12:56 am

Re: BBC rents it's own botnet and brags about it....

Hi Guys,

Could anyone please tell me what the Botnet the BBC was using was called.. Cant seem to find that info any where. Was trying to establish if there was a detection for it by any of the major A/V vendors...


Tom
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Sat Apr 11, 2009 10:09 pm

Re: BBC rents it's own botnet and brags about it....

It was called Chimera. More info here:

http://blogs.zdnet.com/security/?p=3045

Return to News from the Outside World

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software