What to do about Botnets?

As mentioned on our blog last week (April 25) we cosponsored a Capitol Hill briefing with Microsoft about the growing threat of botnets. (See the post for more information on what botnets are.) Senators Pryor and Bennett made opening remarks about how the Internet is increasingly integrated into society and how computer security is an ever-increasing arms race with new exploits being found, followed by security upgrades, followed by more exploits, etc. It was clear that they understood both the important role technology is playing in society and the value of good computer security. Senator Bennett made the remark that computer security experts clearly had permanent job security.

Ed Felten speaks about botnets

The event featured three experts to talk about different perspectives of botnets. Ed Felten from Princeton University and USACM member described how botnets form, how they are used and a few ideas for dealing with them. He noted that reliable statistics on how many computers are infected by ‘bots are difficult to find, but computer security experts speculate 5-15% of all machines are infects. This equates to a whopping world-wide total of 30 million to 100 million machines. It is clear that botmasters have ample computing resources to carry out attacks, spread spam, and engage in other illegal activities.

Continue reading “What to do about Botnets?”

Hill Tech Happenings, Week of April 30

Part of this week’s House legislative calendar includes the reauthorization bills for the National Institute of Standards and Technology and the National Science Foundation, as well as a concurrent resolution honoring Frances Allen on the occasion of receiving ACM’s Turing Award.

May 1
Hearing/Markup:
The Crime, Terrorism and Homeland Security Subcommittee of the House Judiciary Committee will hold a hearing on, and then mark up pending legislation, including the Internet Spyware Prevention Act of 2007.
1 p.m., 2141 Rayburn Building

May 2
Markup:
The House Judiciary Committee will mark up pending legislation, including the Internet Spyware Prevention Act of 2007.
10:15 a.m., 2141 Rayburn Building

Update
Meeting:
The Committee on House Administration’s Task Force on Contested Election will meet to discuss matters in the Florida District 13 contested election.
10 a.m., 1309 Longworth Building

Competitiveness Bills Advance in Congress; Other Legislation Soon to Follow

Three bills linked to the American Competitiveness Initiative took an important step closer to becoming law this week – they passed one of the houses of Congress.

On Tuesday, the House passed HR 362, the 10,000 Teachers, 10 Million Minds Math and Scholarship Act, as well as HR 363, the Sowing the Seeds Through Science and Engineering Research Act. Both bills are very similar to legislation introduced in the previous Congress that failed to reach the House floor. HR 362 authorizes scholarships for educating future math and science teachers, while HR 363 authorizes appropriations for basic research activities at NSF, NIST, the Department of Energy, NASA and the Department of Defense. HR 363 also authorizes early career research grants at both the NSF and the Department of Energy. Both bills passed by wide margins.
Continue reading “Competitiveness Bills Advance in Congress; Other Legislation Soon to Follow”

Hill Tech Happenings, Week of April 23

Aside from the hearings mentioned below, we expect competitiveness legislation to receive floor attention this week in both chambers.

April 24
Meeting:
The President’s Council of Advisors on Science and Technology will meet.
9 a.m.-5 p.m., The National Academies, 500 5th Street NW, Washington, D.C.

Hearing:
The Senate Commerce, Science and Transportation Committee will hold a hearing on Communications, Broadband and Competitiveness.
10 a.m., 253 Russell Building

The Telecommunications and the Internet Subcommittee of the House Energy and Commerce Committee will continue its hearings on the future of the Internet, focusing this time on broadband.
10 a.m., 2322 Rayburn Building
Continue reading “Hill Tech Happenings, Week of April 23”

Briefing: Learning about the Threats from Botnets

Next Wednesday at 12:00 p.m., ACM and Microsoft are sponsoring a briefing to educate policymakers about the growing threat of botnets. For those not familiar with the issue, ‘bots are malicious software (viruses, worms, etc.) that take over an unsecured computer and place it under the control of a hacker or ‘bot herder’. These computers are then linked into a distributed network that can be used to attack other computers, steal and share personal information, conduct “click fraud”, and send spam, among other illegal activities.

The briefing is open to the press and the public; here are the details:

TITLE: THE ZOMBIES WANT YOUR COMPUTER: HOW BOTNETS GENERATE SPAM AND STEAL YOUR IDENTITY

WHAT: Brown Bag Lunch Briefing

  • Presented by ACM and Microsoft
  • Hosted by the Senate Science and Technology Caucus
  • Hear academic, industry and law enforcement experts
    explore the growing threat of botnets and how they fuel criminal activities

WHEN: Wednesday, April 25, 2007 12:00 noon – 1:15 p.m.

WHERE: U.S. Capitol Senate Chambers
Room SC-4
Constitution Avenue and New Jersey Avenue

WHO:

  • Senator Mark Pryor (D-AR)
  • Senator Bob Bennett (R-UT)
  • Edward Felten, Princeton University, on How Botnets Form and the Scope of the Threat
  • Phil Reitinger, Microsoft, on How Industry is Dealing with Botnets
  • Scott O’Neal, FBI, on How Law Enforcement is Fighting Botnets

WHY: Robots are alive and well today, but they resemble nothing you’ve seen from science fiction or in a lab. They are hiding on millions of computers around the world.

Known as ‘bots,’ they are programs installed on computers without the knowledge of their owners. They can turn computers into ‘zombies’ under the control of a hacker or ‘bot herder’ and are used for malicious activities. When linked, they form a botnet – a network of compromised computers.

These networks are a serious and growing risk to consumers’ privacy, business operations, e-commerce and the Internet itself. They can be used to spam, cripple websites, steal personal information, and attack other computers.

HOW: This is a public event but space is limited.
RSVP to David Bruggeman by April 24
Tel (202) 659-9711 Fax (202) 667-1066
Email david.bruggeman AT acm.org

House Administration Committee Looks Into Sarasota Vote

This morning a Task Force of the Committee on House Administration held a closed meeting regarding the voting irregularities in Sarasota County’s election for the 13th District seat. The Task Force is headed by Representative Charles Gonzalez of Texas. The Task Force was formed in late March, as noted in the committee press release currently on the front page of the committee’s website.

The letter referenced in the press release is discussed further in this Wired.com article. In short, ES&S, the manufacturer of the iVotronic machines used in Sarasota County, notifed the county of a “flaw that sometimes caused machines to respond slowly to a voter’s touch ‘beyond the normal time a voter would expect to have their selection highlighted.'” Given the undervote issue in the Sarasota votes, this is a potential cause for some of those undervotes. If a voter did not touch the machine long enough, due to the flaw, then the vote would not have been registered.
Continue reading “House Administration Committee Looks Into Sarasota Vote”

Hill Tech Happenings, Week of April 16

The House has returned from its April recess. They may consider HR 363, one of this year’s competitiveness bills, at the end of the week.

The Judiciary Committee hearing originally scheduled for April 19 has been postponed.

April 17
Hearing:
The Senate Commerce, Science and Transporation Committee will hold a hearing on the proposed merger of XM and Sirius.
10 a.m., 253 Russell Building

Briefing:
The House Research and Development Caucus is co-hosting a briefing with the Task Force on American Innovation on The Role of Basic Research in Innovation, Economic Competitiveness and National Security.
12 p.m., 2325 Rayburn Building

April 18
Hearing:
The Information Policy, Census and National Archives Subcommittee of the House Oversight and Government Reform Committee will hold a hearing on elections and electronic voting systems.
2 p.m., 2154 Rayburn Building
Continue reading “Hill Tech Happenings, Week of April 16”

Data Mining Bill Voted out of Committee

The Senate Judiciary Committee sent S236, the Federal Agency Data Mining Reporting Act of 2007 to the Senate floor by a voice vote. The bill, which we posted about earlier this year, would require the federal government to report annually on the development and use of technologies that would mine data for patterns of criminal or terrorist activity. Any classified, sensitive or proprietary information on data mining would be placed in an annex not available to the public. According to this afternoon’s edition of Technology Daily, the main debate in this morning’s markup was over penalties for leaking material in the annex. The debate focused not on having penalties, but whether or not existing laws covered such leaks.

This bill specifically focuses on the federal government and technologies that it develops for data mining. No legislation currently covers any commerically developed or implemented technologies, though they would be covered under the bill if the federal government made use of them. The full Senate will consider the legislation at a later date.

ACM Washington Update, Vol. 11.3 (April 6, 2007)

CONTENTS

[1] Newsletter Highlights
[2] Electronic Voting Under Extended Scrutiny
[3] A Deeper Look at E-voting Reform
[4] DHS Releases Proposed Rules for REAL ID Act
[5] New Congress Takes Up Competitiveness Legislation
[6] ACM Computing Contest Demonstrates Global Talent
[7] USACM Members Win ACM Awards
[8] About USACM
Continue reading “ACM Washington Update, Vol. 11.3 (April 6, 2007)”