Thursday, March 12, 2009

Was BBC Use of Botnet Against UK Law?

With the reported assistance of PrevX, the BBC program "Click" obtained a "low-value botnet" via chatrooms on the internet. This botnet was used to hack into 22,000 PCs in a special investigation the program was conducting of the kind of damage that can result from a network of compromised computers.

As evidence of their presence on the computers, the BBC apparently changed the desktop wallpaper of affected computers to display a message from BBC Click. As Graham Cluley of Sophos described, other steps in this "investigation" included:
"BBC reporter Spencer Kelly and security company PrevX took over an existing botnet of approximately 22,000 computers, and used them for their spam experiment - ordering the innocent third-party computers to send 500 spam messages each to Hotmail and Gmail accounts under the control of the BBC."
As someone who helps in the security forums helping people clean their computers of malware, I am of the strong opinion that this so-called investigation by BBC Click was, if not against the Computer Misuse Act, at the very least highly in appropriate. I am surprised there is not more censure of PrevX for their participation.

You can follow the comments in Twitter using the hash code #bbcbot


References:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: