I've been watching this whole hacker / spammer / denial of service attack thing for years, and I've been thinking, there's a solution for this , a fairly easy one.
The world should be broken up into zones, say one zone for each continent, maybe one zone for each country or for a small group of countries.
When a user signs onto the internet he signs onto his own zone only. He may choose to sign onto a single other zone at a time , say to chat with his uncle in the UK, free of charge of course.
Point being , if you're not in the zone , you cannot send / receive data from the zone.
This has no effect on email , of course , because most email goes through your isp's mail server, and your isp is going to be signed on to every zone in existance , of coure.
But most "zombie nets" , that is to say users who's computers have unknowningly been hijacked by a virus or trojen, are signed into only one zone. If they got a virus by email from yugoslovia , and they're in New York , guess what ? That trojen cannot receive command and control signils from most computer's in new york, because only a few new yorkers will sign into yugoslovia to chat with their relatives. Most are not from there, they're from a dozen other different countries and zones, and they'll be signed into those zones instead.
This works the otherway too. Your new york cannot launch a denial of service attack on Amazon.ca (the canadian site) because it's in a different country. A different zone. You have to span three zones to do that , and you only have two to work with (Yugoslovia for receiving orders from the hacker, new york where the penetrated computer lives, and canada where the target lives)
The basic theory of all of this is simply that the world is too large a ball to play with. You must break it down into pieces. Smaller pieces mean smaller bot nets. Smaller pieces means that off shore hacker STAYS off shore, only a very very limited number of people go to that zone and are therefore potentially susceptable to being hacked by him. And guess what ? 10 or 20 computers being remote controlled from yugoslovia isn't going to cut it. Thats not a bot net. You need 20 thousand if you're going to bring down one of the big boys, twenty thousand suckers with low or no security happy to leave their connection on all the time ,AND connected to yugoslovia. And even then , they can only attack new york or yugoslovia , no where else.
It's all a game of numbers. And you must think in numbers to win it. The inconvenience of a user having to go through a free sign in is nothing next to the extra security it provides.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment