FBI Hijacks Botnet, With Court Order... Then Issues Kill Signal To Millions Of Computers
from the good-samirtan-hacking? dept
While there are obviously good intentions here, and it's definitely a good thing to see a large malicious botnet go dark, there still are really serious concerns about this move, the legality of the move, and the risk of unintended consequences. Do we really want to set a precedent where the FBI can send commands remotely to millions of computers? And how confident are people that the FBI's programming skills won't cause problems, if not this time, at some point in the future? In the filing requesting the right to do this, the FBI even pointed out that a newer version of Coreflood had been released that morning "but that the FBI had tested the kill command against that variant and it had worked successfully." Of course, testing in the lab and deploying to millions of machines in the real world is entirely different. There are also concerns that this is an ongoing effort, since Coreflood apparently reruns every time a machine is rebooted, meaning that the FBI will have to keep sending this kill signal. And while the FBI swears up and down "that this would cause no harm to computers," how confident are you that this is really the case?
Again, I recognize the importance of trying to stop botnets and take them down. Additionally, there don't appear to be any early reports of trouble or unintended consequences from this move. But... when dealing with something like this, where the FBI is sending execution commands to millions of PCs, you have to assume that sooner or later, something bad is going to happen. Does the FBI have a technical support helpdesk to help your grandparents when it kills their computer?