[funsec] Only '...130 malware active in China!'

Fergie fergdawg at netzero.net
Wed Mar 28 21:02:11 CDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- Nick FitzGerald <nick at virus-l.demon.co.uk> wrote:

>Fergie wrote:
>
>> Any ideas what _this_ is all about? I just can't grok it...
>
>I think some important content was lost in translation there...
>
>As I read it, it's the malware equivalent of "publicly name and shame"
- -- a long-standing (and I believe increasingly less effective) means of 
social control of "undesirable if not (yet) illegal" behaviour in 
China.  Started in Mao's early days (??) and still used today, for 
example to "out" prostitutes and their customers (at least according to 
a recent report I saw on BBC World or CNN).
>
>What they're saying (I think) is that because running a botnet, writing 
malware, etc, etc is not technically illegal, although they know who 
130 of these people are, they cannot do anything specific to stop them 
through the legal system.  But they can publicly name these people and 
describe how bad/undesirable/etc what they are doing is.  This news 
story is basically the publication of the authorities' intent/threat 
that if these people do not desist RSN, they (the "Self-Discipline Work 
Commission of ISC") will publicly name them and their "crimes".  The 
idea is that, of those who do not stop voluntarily between now and the 
naming, at least some will as a result of friends, neighbours, 
relatives, etc pressuring them after they are named.
>
>Does that make sense?

Actually, yes, it does make sense.

Having said that, I doubt that alone will be a deterrent. :-)

Cheers,

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFGCx4eq1pz9mNUZTMRAglXAJ4krY61+UsO/3y8j7hIoZo5XhLSywCfQ9p2
3zdOhO79nR+y50aMpnELed4=
=fDwA
-----END PGP SIGNATURE-----

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/




More information about the funsec mailing list