|Home » Industry Watch » The Technological » Hall of Monkeys
Spencer Kelly (BBC Click)
Auntie Beeb raising a bar no one thought could be raised.
Spam! You wanna know where all those nuisance emails come from? They come from BOTNETS!
So begins Spencer Kelly's latest in depth look at the evils of Microsoft Windows. And there you have it too - in audible King's English. They come from botnets. And we all know by now who runs the botnets and who populates them - don't we, class?
Too right. But don't say it too loud! Or else the Virtual Knight might ring you up. He has friends in Whitehall and at 10 Downing.
And it doesn't seem to matter they've got Mark Ward working high up there. Mark who once was part of the anti-Redmond resistance at the Telegraph.
What's Spencer doing here? Generating revenues for British state owned television and the Windows security cottage industry. He's certainly not telling the truth.
Put another way: he's 'dissembling' - he's deliberately leading you down the garden path. Those Internet tubes are evil! Let's be careful out there!
What. Un. Adulterated. Bull. Shit.
Hey Spencer. Others can do the job your bosses wouldn't let you do.
- The Internet has NEVER been dangerous. NEVER. It is not dangerous today, it was not dangerous yesterday, and it will not be dangerous tomorrow. So everybody in the UK and elsewhere can relax.
- Microsoft products ARE DANGEROUS. VERY DANGEROUS. ALL OF THEM. Amit Yoran of the US Department of Homeland Security says so. Bruce Schneier says so. The US Government Accountability Office techies condemned Microsoft products years ago as 'endemically flawed, incapable of repair'. Gartner Research agreed. Every f-ing body in security says so. Let's take that again: MICROSOFT PRODUCTS ARE DANGEROUS. Not just some of them - ALL OF THEM. And now the EFF have come out to say the same thing.
Was It Legal?
Spencer Kelly and his friends at the BBC made a botnet, attacking and compromising 22,000 computer users TOTALLY UNAWARE of what was going on. TWENTY TWO THOUSAND. And they then used these computers in botnets to send out spam and to attack a website.
If this exercise had been done with criminal intent it would be breaking the law.
Oh yeah right. Hey it gets better.
The programme did not access any personal information on the infected PCs.
Another juicy one. Who's outsourcing privacy here? Who's guaranteeing it? What's to prevent any of these 22,000 from suing the Union Jack off Kelly's knickers for damages?
Let's Play Spam!
Click click. Click click click. Time to play spam.
Click ordered its PCs to send out spam to two specific test e-mail addresses set up by the programme.
Is this guy nuts? How many good security experts are there in the world who could have provided insight into botnets that already exist without getting anyone else involved?
But hey - in the previous section he claimed none of this was illegal.
But it would have been if...
Hey Spencer. Maybe you don't mind your two test accounts email@example.com and firstname.lastname@example.org getting spam - but how do you know the Internet providers and the governments of the twenty two thousand computers you compromised feel the same about Click sending it out?
Did your Click crew contact each of the 22,000 beforehand and ask their permission? Did your Click crew contact their Internet providers and explain 'this is only a test'? Did you contact their local governments and tell them the computer owners are not guilty of any Internet-related crimes because you say so?
Let's Play DDoS Attack!
Hey this is fun, Spencer must be saying to himself. Now they're going to clobber the website of Auntie's own security consultants.
By prior agreement, Click launched a Distributed Denial of Service (DDoS) attack on a backup site owned by security company Prevx.
OK. Prevx are here. Strange no one at that company said a word about the whole thing. But then again maybe not: they seem to specialise in Windows security solutions. They've got lists and lists of all the Windows viruses they can catch but nobody else can.
It's all Windows. Here's the complete list. They're very proud of this.
OLHRWEF.EXE, KAV320.DLL, SOPIDKC.EXE, GLPS.EXE, MSAS2009.EXE, RN.TMP, INSTALLAVG_77011817[n].EXE, ZHA[n].EXE, LKY.EXE, LVHOST[n].EXE, AHNRPTA.EXE, SDRA64.EXE, DLLSRV.EXE, IIVOPSO.EXE, AV360.EXE, FURIO.EXE, X9Y9D3E5L9Y8.EXE, FRMWRK32.EXE, F9CVUM.EXE, YT8A.EXE, DECODINGHQ.EXE, ADX[n].EXE, FXSTELLER.EXE, GOOGLEE_TOOL_NOTIFICATION.EXE, U93.EXE, MST122.DLL, IERDFGH.EXE, UWEYIWE1.DLL, NVAUX32.DLL, NMDFGDS1.DLL, NMDFGDS0.DLL, W98.COM, X0R.EXE, UMTCDTW.SYS, AFMAIN1.DLL, OPGDE.EXE, URRETND.EXE, NXTEPAD.EXE, LD02.EXE, KAMSOFT.EXE, M0VNONH.BAT, SEEKEEN.EXE, VAMSOFT.EXE, DIGESTE.DLL, AFMAIN0.DLL, E8KJ.EXE, ARF[n].EXE, PREVX CSI 3.0 SERIAL.EXE, GI2KY.EXE, COMIDLE.EXE, KVA8WR.EXE, PRUNNET.EXE, YIAR.EXE, VSE432.EXE, OGARD.EXE, READER_S.EXE, NTDLL64.EXE, NIDLE.EXE, MSRSTART.EXE, VIEWTUBESOFTWARE.40001[n].EXE, XPRE.TMP, WINSCENTER.EXE, M9MA.EXE, A1AGMUR.CMD, XRRCPRXX.EXE, SBICTR.EXE, SCTRI.EXE, SBCTRI.EXE, ~TMPA.EXE, GETMODULE38.EXE, DICTSD32.SYS, COGAD.EXE, URET463.EXE, KMSVC32.DLL, GPOQGXBREDJPNE.DLL, QPHDIN.COM, TMBER8.DLL, FISEZIJU.DLL, PHOTOO.EXE, BOOTMATRIX.EXE, MCENSPC.DLL, VIEWTUBESOFTWARE.40003[n].EXE, DSC00097411-GIF[n].EXE, WINUPGRO.EXE, IGFXSYS.DLL, Y3Q2S3W17M5.EXE, WINLOGNN.EXE, FQIFVN.EXE, XCGUGVN.EXE, XPPOLICE.EXE, ~TMPF.EXE, WYYO.EXE, GADCOM.EXE, GNWAV.EXE, M2NL.BAT, TASKMAGR.EXE, UVSQFGWD.CMD, TBHJE.CMD, NFR.DLL, ETOUCH.EXE, WYYO125.EXE, TUBEPLAYER.VER.6[n].EXE, VBSDFE0.DLL, CV22.CMD, PERCE.JPG.EXE, MSILE.EXE, WINPAD23.EXE, JEORELS.CMD, MSDDLL.EXE, ~TMPB.EXE, VNRPACK26.EXE, LRLRQXV.EXE, WQESVXA.EXE, W2.COM, KJR3IOROJDNBFI43UNJFD.DLL, XCCEFB090305.SCR, SDSDSD.EXE, TVS2.EXE, WEBANABU.DLL, ABK.BAT, XCCEF090305.EXE, WX8O0BT1.COM, ~TMPD.EXE, CLF32.EXE, SVCHO.EXE, CXFAGN.EXE, DUMPREPORT.EXE, MSQPDXSERV.SYS, HIYO_INSTALL[n].EXE, VPKU.EXE, FLYMAIN.DLL, LD01.EXE, DAFILUDU.DLL, POLPME.EXE, RTTRWQ.EXE, NHOST.EXE, QXTY9BE.CMD, I6G6X.CMD, A2H2.COM, HUBO.EXE, ADOBE-MASTER-CS4-KEYGEN.EXE, SENEKANKRGRRSI.DLL, DSC0094413-GIF[n].EXE, LHOST.EXE, SYJBOJWO.DLL, GASRETYW1.DLL, MSWSIVS.EXE, ~TMPC.EXE, 38835126.DAT, SPCMMZMNAK[n].HTM, NFRA.EXE, XLSWIN.EXE, CHR2P[n].EXE, SWIRLY.MMS[n].EXE, XCCDF16_090131A.DLL, XCCEF090131.EXE, ASDSDSD.EXE, SPOOLSVT.EXE, XCCDFB16_090131.DLL, YOUR_DAD_SMOKES_WEEK_LOOL.PIF, ZUP[n].EXE, BYOZPERB.DLL, HS3I7JDGFD.DLL, KAV64.EXE, J60OSK9.CMD, VERBACE.CRACK.EXE, SDSDSHD.EXE, X2TPC.CMD, RCUKD.CMD, WMISYS.EXE, POZZZ.EXE, ISKVIBDD.DLL, PJZHLWZU.DLL, YNHXQUPK.EXE, WHI.COM, YSGSMBOS.DLL, SVMWLL.EXE, TUBEVIEWERFILE[n].EXE, YOUR_DAD_HAS_SHIT_FETISH_TOO.PIF, SRDSHD.EXE, SD4DSHD.EXE, S2DSXDSHD.EXE, CIUYTR0.DLL, RKHAA.EXE, HAOZS0.DLL, FRAME000.EXE, CALLSYSNT.EXE, GASRETYW0.DLL, FACEGAME.EXE, SYSTEMBOOSTER2009_QIPINSTALLER_FREE_EN[n].EXE, MSMP3.EXE, WMISYNC.EXE, HAOZS1.DLL, BC1026[n].EXE, XVN3.BAT, TUBEVIEWER.VER.6[n].EXE, LADY_EATS_HER_SHIT--WWW.YOUTUBE.COM, PLUSVD.EXE, NAXMGR.EXE, FRNSCLI32.DLL
And again - if you're clueless: get a clue. That's all Windows shit. Nobody else gets infected online - nobody. Only Windows. GOT IT?
Spencer Kelly starts an attack on Prevx; someone make sure he doesn't have access to combustibles.
Spencer's pointy headed friends at Click even get McAfee involved. Anyone with any online experience is familiar with the scam: SCARE THE SHIT OUT OF EVERYBODY BUT DON'T MENTION WINDOWS. Scare the shit out of them so they rush to Dixons, Circuit City, Best Buy and PC World to stock up on some good antivirus stuff.
Bunker down for the siege. It's outright pathetic. McAfee's Greg Day gets the word.
We've seen this move from what used to be a hobbyist bit of fun into something now that is very professional.
You go, Greg.
Let's Play with Macs!
So typical of the BBC: at no point do they even intimate this is a Windows issue. It's not a matter of suggesting this is 'mostly' a Windows issue or that in some perverted way this only seems to clobber Windows computers in practice - THIS IS SOLELY A WINDOWS PHENOMENON. AND IT HAPPENS BECAUSE WINDOWS IS PURE CRAP.
And Spencer Kelly should know this. At least judging from these pinups found at the BBC website.
If Spencer is capable of really using a Mac and not grasping the subtle fact that getting off Windows means 'no more malware worries anywhere none whatsoever' then he should be kept on a leash.
The Jury's Motivation
Spencer Kelly is hereby unceremoniously inducted (kidnapped) into the Hall of Monkeys.
Spencer Kelly: your people at the BBC have done many a bad thing over the years. You deliberately withheld information on the cause of the ILOVEYOU worm for over 48 hours - from both your online readers, your radio listeners, and your television viewers - and you were roasted for it.
Over the years you've continued to do the same thing: talk about how dangerous the Internet is without a single time mentioning - merely suggesting - the problem might be Windows.
You and your friends at the BBC have long ago lost all street cred. But this latest stunt on your part raises the bar. To a level no one's going to ever want to challenge. Odds are even your BBC crew won't want to know you anymore after this.
Spencer Kelly: welcome to the Hall of Monkeys. You can start by cleaning the toilets. Get to work.
Now you begin to see why there's so much spam around!
- Spencer Kelly