[Scspamcop] Re: OT, Ralsky Indictment (Link)

[Sofa King Tyred of Lar Ting]

Geoffrey Hyde wrote:
> "Mike Easter" <MikeE at ster.invalid> wrote in message 
> news:flm7pu$7m3$1 at news.spamcop.net...
>> Sofa King Tyred of Lar Ting wrote:
>>> Bar0 wrote:
>>>> The Indictment of Ralsky is published at:
>>>>
>>>> http://www.usdoj.gov/opa/pr/2008/January/08_crm_003.html
>>> Three+ years to come up with a 41-count indictment against 11 people.
>> Ralsky's name is on an indictment list.  He isn't arrested and he isn't
>> currently in-country.
> 
> The real question is when is anyone going to stand up and do something about 
> all of these compromized zombie PC's on the internet.  Have any of the news 
> services actually published headlines about infected zombie PC's being 
> cleaned up and removed from the zombie pool?  I'll bet I know why because it 
> hasn't happened, and won't, for quite some time.

Zombies *are* being taken off line every day. It's happening. However, 
the rate that new zombies are created with existing and new malware is 
likely higher than the rate that zombies are being cleaned up. Hence the 
zombie pool is most likely growing globally.

New PCs are coming online constantly, and the versions of an OS "out of 
the box" tend to have security holes until they get patched. Patching 
requires automatic downloads. Not all software is smart enough to do 
that - I always have to manually install my Adobe Flash plugin updates, 
for example. I'm subscribed to the SANS newsletter, which sends out a 
weekly list of security holes so that I can update proactively.

Developing countries will go through the same learning curve for 
"security competence" that European, North American, etc. countries went 
through. It spans across the entire sector: from the ISPs, to the PC 
retailers, to the end users.

There will be zombie "markets" that are available for a long time to 
come, IMO.