CircleID

Well, at this point, the government is well on its way to bailing out Wall Street from its own incompetence, putting taxpayers on the hook for $700 billion. The worst part is that as Treasury Secretary Hank Paulson puts it, "You're worried about taxpayers being on the hook? Well, guess what? They're already on the hook!" I read that and said "Aw, crap..."

Anyhow, Wall Street should maybe learn something from botnet operators. For you see, botnets are not just for sending spam anymore. The bots have diversified their holdings:

• Sending spam - botnets curse and plague us with piles of spam in our inboxes every single day. Spamming is big business and by randomizing the location of where the mail is coming from, spammers can evade reputation filters for a little while.
• Signing up for webmail accounts - Google, Yahoo and Hotmail all have problems with spammers creating free accounts, sending spam and avoiding each other's reputation filters. The thing is, it's bots that are creating these free webmail accounts. So instead of sending spam directly, these bots are doing automated account creation and using a loophole to send spam — that of evading a reputation filter by hijacking someone else's.
• Creating landing pages - Not only do bots sign up for email accounts, they sign up and create landing pages, like a spammy Live Spaces account or Google Blogspot account. They break the CAPTCHA's these services have and create the landing pages so that when they do eventually spam, these spam messages have links to free web pages. Again, it's reputation hijacking.
• Other nefarious purposes - There are other things that bots do, like engage in cyber-warfare against nations (this happened to Estonia in 2007), DDOS attacks, and so forth. In other words, bots are used for things other than sending spam.

My whole point in this is that botnet operators have diversified. They are not just for sending spam so taking out one particular activity doesn't necessarily take them out of the game.

Contrast this with Wall Street. Clearly, they made some bad investments. Really bad, like $700 billion worth. Perhaps if they diversified their holdings a bit and didn't overload in one particular area (like subprime mortgages) they/we wouldn't be in this mess.

Botnet operators may be evil, but they aren't stupid.

By Terry Zink, Program Manager. Visit the blog maintained by Terry Zink here.

Related topics: Policy & Regulation, Spam