In article <telecom24.173.9@telecom-digest.org>, TELECOM Digest Editor
noted in response to T. Sean Weintz <strap@hanh-ct.org>:
>> [TELECOM Digest Editor's Note: As for myself, I cannot really picture
>> 'five hundred thousand zombie computers scattered across three
>> continents'. If so, under whose coordination? A gang of crackers all
>> working in concert to cheat some advertiser's competitor, by running
>> up his advertising bill? Seems sort of improbable to me. PAT]
> There are easily that many zombies available out there. Doesn't need
> any real coordination at all to use them -- there are automated
> scripts available to find and use them.
> I figure probably 1 in 50 home users' PC is "zombified" without them
> knowing it.
For the U.S. that might be only a little low.
For some other locales, like South America and parts of the Pacific
Rim, you're *under-estimating* the problem by an order of magnitude.
I've seen numbers like 1 in *8* for some areas. *groan*
> Anyway, my point is one bright 13 yr old could do the whole operation
> alone.
> [TELECOM Digest Editor's Note: I guess not everyone takes the trouble,
> as I do, to automatically run Grisoft AVG in the early morning hours
> on my machines, and 'Ad Aware' and 'Spybot Smash and Destroy' once per
> week or so. PAT]
That should be "obvious" -- given that there are fairly reliable estimates
of 200,000+ 'zombie' machines on *one* large North American cable ISP.
[TELECOM Digest Editor's Note: One thing I really love about Cable One
for internet is how they go to the trouble to sort email for their
customers. I've quoted some stats here, and those stats are _only as
they apply to massis and Telecom Digest_ . My personal email comes via
Cable One, TerraWorld, and University of California at Berkeley, but
Cable One picks it all up via POP for me and sorts it nicely, putting
all the known viruses and the suspected spam into a separate folder
called 'my spam'. Then it sends me email telling me to please check
out 'my spam' when something arrives there (which is sort of an
overkill; viri and spam arrive there constantly also.) When I go to
look there, its all laid out nicely, 24 lines at a time with the
subject, who it is from, the date, etc, and nice little convenient
check boxes to one side and a box at the bottom saying 'check all'.
As fast as I can scan those 24 lines and hit the 'check all' box, it
all goes away. In the event there _is_ something there I want to keep
rarely, I 'check all' then go back and uncheck the one I want to keep.
Anything I uncheck to keep then is shown on the training page: do you
want to have this sender/subject automatically approved henceforth?
I just wish that SBC's DSL had been that courteous. Under some very
misguided belief that "we do not get involved in our customer's email"
they just dumped it, spam, viri and all into a common bin and left it
for me to sort out. Of course, SBC does _not_ allow customers to run
cgi-bin or any shells of their own, or any scripts, so I had to go
through it all manually. Out of desparation once, I asked the SBC
help desk (when I used to have DSL instead of cable) to please give me
a shell. "Oh no," said the tech, "SBC does not let customers have
shells to use. You are only authorized to use what software we give
you." That's back when I was debating whether or not to stay with SBC
for DSL only, if they had allowed such a thing. Cable One is such an
improvement by comparison, and I have never seen any downtime. In
addition to their own virus and spam detectors -- frequently updated --
they encourage people to run their own as desired also. PAT]
Robert Bonomi (bonomi@host122.r-bonomi.com)