… as usual.
Either with that or with the idea I’m suggesting below.
Knowledgeable users or security experts are free to implement, reject, criticize or comment. I believe that I am a security conscious user and therefore I’m writing this. If you think your online existence is secure, or that you know everything about security, you really should look at what Bruce Schneier has to say.
My aim is just to see someone do something to reduce the number of zombie PCs on the internet sending out spam which burdens the internet, uses up computing power, and creates all sorts of security problems for everyone.
As a simple example that everyone can understand, tell me what you can do if your spouse-to-be has an email account with a password like “password” and uses a malware-ridden Windows PC? All your emails and highly personal discussions are… public knowledge.
Now, there are a number of “bulletproof security” programs running on a system full of backdoors, by design. So, Step 1 would be to switch to Linux. But, that does not guarantee total security.
Assuming that you have done that, we probably need a program or system or device (or a mix of them) to tell the owner of an internet-connected PC, 24x60x60 seconds of the day, the following information :
1. How much data is being transferred across the network from his PC.
2. Which IP addresses it is being sent to.
3. What data is being sent to that PC.
4. Which IPs it comes from
5. Which hardware devices it comes from, if possible.
6. Which software protocol is being used
It would be great to have a public listing of all common websites and their IPs published and updated regularly.
Ideally, it would be nice to be able to receive an email on your laptop or a message or SMS on your smarphone detailing all this data – and giving the user the option of choosing the last-step display in simple form like this:
Time: Last 10 minutes
Status – ON
Email – In – 100 KB, Out – 20KB
Web – In 5MB, Out – 1MB
System – In 1MB, Out – 20KB
or complex form like this:
Batch Start: 18:55:01 UTC
Batch End : 19:00:00 UTC
HTTP: Packets: <N> | Bytes: <N> | Requests : <N> | …
HTTPS: Packets: <N> | Bytes: <N> | Requests : <N> | …
FTP: Packets: <N> | Bytes: <N> | Requests : <N> | …
POP3: Packets: <N> | Bytes: <N> | Requests : <N> | …
SMTP: Packets: <N> | Bytes: <N> | Requests : <N> | …
DNS: <N> Details:<…>
TCP: <N> Details:<…>
or any customizable level of detail in between these two extremes.
The idea is to let people know in real-time, whether their computer is silent or not – which would provide useful data for analysis.
More importantly, publicly allowing such a service or gadget to be bought, at a price, increases the awareness of the casual computer user about security issues.
I’m fed up of spam. And it is very disheartening to read that a part of people’s internet bills are for bytes that they did not use at all.
People are paying for internet access which is used to steal their and others’ data and create all sorts of problems for legitimate users of the internet.
On some thought, you realize that this process is much like making people aware of the ecological issues they create as a by-product of today’s mis-managed high-speed commercialized glitzy lifesyle – no one cares about these things.
It is precisely this problem that this system could help solve. It could be writing a simple GUI front end or an SMS or IM-based paid / subscription service or a device with a big red bulb to show the user “Someone’s messin’ with your net RIGHT NOW! Do something about it quick!”
BEEP! BEEP! BEEP!
Any better ideas?