26 January 2007

There is no War on...Botnets

After the War on Drugs, and the War on Terror, now, it seems, we are to have a War on Botnets:

Mr Toure said that whatever the solution, the fight against botnets was a "war" that could only be won if all parties - regulators, governments, telecoms firms, computer users and hardware and software makers - worked together.

But it is a truth universally acknowledged, that as soon as you declare "war" on some amorphous entity like "drugs" or "terror" or "botnets", you've already lost, because you shift from the practical to the rhetorical.

This is all about security theatre: talking tough instead of acting intelligently. Sorting out botnets does not require a "war": it's simply a matter of telling Windows users the truth about their bug-infested system, getting them to use a firewall and anti-virus software and - maybe, one day - getting them to understand that downloading or opening unknown software is hugely risky.


Shlomi Fish said...

I agree with you that you shouldn't declare a "war" on botnets. However, one thing I'd like to add for the countermeasures is that ISP block all the botnet hosts from the inside until they are cleaned from the botware, and their owners are better educated to either switch to a more secure OS or take the necessary measures to secure their OS.

This way, the damage done by the botnets can be easily reduced.

Glyn Moody said...

A very easy and practical thing ISPs could do is to point their users at a decent firewall - which, like your solution, blocks the problem where it starts, but even earlier.