Forwarded from: Aj Effin Reznor <ajat_private> http://www.cs.berkeley.edu/~nweaver/0wn2.html -aj. by Nicholas Weaver "Any attacker who can control 100,000 machines is a major force on the internet, while someone with a million or more is currently unstoppable: able to launch massively diffuse DDOS attacks, perform needle in a hayfield searches, and commit all sorts of other mayhem. We already understand how worms could be used to gain control of so many machines. Yet the recent revelation that Brilliant Digital Media has bundled a small trojan with KaZaA has underscored another means by which an attacker could gain control of so many machines: poorly secured automatic updaters. If an attacker can distribute his own code as an update, he can take control of millions of machines. Brilliant Digital plans to create Altnet, a distributed, "secure" network of clients to harness the unused storage, bandwidth, and computation residing on the machines of users across the country, in a manner which prevents the clients from altering or even reading the information. An entertaining if horribly flawed business model [1], except for the means they have selected to build their network." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Apr 09 2002 - 03:32:05 PDT