FTC announces “Operation Spam Zombies.”

This article can be considered a bit of a wake-up call to those who are so innocent that they do not believe anyone would use _their computer_ for illicit purposes such as spamming or attacking other computers from their home computer.

Technicians have long been lamenting on about how easy it is for crackers (evil-intentioned hackers) to utilize other people’s computers. As in _large numbers_ of other peoples computers.

Finally, the problem has become so bad that the FTC is trying to do something about it:

“…the FTC announces “Operation Spam Zombies.” In partnership with 20 members of the London Action Plan and 16 additional government agencies from around the world.”

FTC website “Operation Spam Zombies.”

Of course the FTC is hitting the wrong target, this is to be expected since the fellows that work in the FTC are not computer techies just as I am not a civil servant.

So what is the correct target? Simple - take a look at how these computers are becoming infected and taken over and you’ll find the correct target.

Here is the common scenario with these infected computers:
1. They run Microsoft Windows. (Simple - approximately 90% of the world’s computers run this operating system.)
2. Most of the infected computers are home users.
3. 95% or so of the home users (from our experience) use a stock operating system with very few changes. That is, everything Microsoft Windows standardly installs is there.
4. Microsoft Windows stock installation assumes that the computer is on a Microsoft network and by default installs “Client for Microsoft networks”.

A Microsoft network is a network of computers using the very PROPRIETARY Microsoft network communications. This type of communication is:
a. _NOT_ needed to access _ANYTHING_ on the Internet from a Windows computer, and,
b. The easiest of any network communications type to break into.

5. Most home users have a simple idea of Intenet activity. That is, they plug the DSL/Cable modem directly into their computer, install some software (which is also not needed in most cases) and, viola! They are on the Intenet. With no firewall or any other sort of protection.
6. On home computers serviced by cable providers, we have seen as high as 80 attacks or scans every _FOUR HOURS_. On home computers serviced by DSL providers, we have seen as high as 80 attacks or scans every _TWO HOURS_.
7. As a rough estimate, 85 to 90% of these attacks or scans are SPECIFICALLY AIMED AT COMPUTERS RUNNING MICROSOFT NETWORK SOFTWARE.

And hence, if logic were to be applied here, “Client for Microsoft networks” should not be installed on home computers.

Yet it is by default - on Windows XP Professional, Windows XP Media Edition, Windows XP Home Edition, Windows 2000, Windows NT, Windows ME, Windows 98 SE, Windows 98, Windows 95 and Windows 3.11 (which might be left out as Internet communication was not used much at the time.)

On top of that, there are a _LOT_ of other “services” waiting for connections that the user has no knowledge of, and many of these are exploitable as well.

In Windows 2000 and XP, a “service” is a program that runs in the background, with no indication of it’s running being given to the user via the normal icons on the System Tray or button on the Task Bar, and most are not listed in the Process tab of the Task Manager as well, and they have the purpose of allowing some type of communication to be allowed in the background with no user intervention.

If you’d like to see a list of these “services” running on your computer, right-click the My Computer icon, click on Properties, then in the menu, click on Manage. When the window appears, go to the bottom left side and double-click Service and Applications, then click on Services and finally, on the right-hand side, click on the Status button twice.

This is a list of all the “services” running in the background that Windows doesn’t normally let you know about. For a good read on these services, go to this website.

And of course there is Internet Explorer, of which reams have been written. For example:
The Worm that Didn’t Have To Be

“Other security analysts say threats to IE probably are not over, despite the introduction of Service Pack 2. “We’ve seen more than 160 patches for IE since version six was released,” said Chris Kraft of the security firm Sophos. “To say a service pack will solve everything is always premature”"

IE exploits top web security threat list
Internet Explorer Exploits
Google search for “internet explorer” “use another browser” - 13,000 results.

Now, my purpose in writing this post.

What target is the FTC aiming for with “Operation Spam Zombies”? The home user who has no idea what a spam blocker is.

And what organization has _ACTIVELY PUT_ the home user in this situation?

Microsoft.

To the FTC:

You are aiming for the wrong target.