In a recent blog post entitled “Q1’10 spam & virus trends from Postini,” Google said that a recent spate of botnet take-downs (Waledac, Mariposa, Zeus) has not had a dramatic impact on spam levels. While spam and virus levels did fall below Q4’09 highs, Google’s analytics show that global spam levels were relatively steady during Q1’10.
It’s discouraging. This goes to show that there is no shortage of botnets out there; the criminal spammers simply buy, rent or deploy another botnet when an active one is taken down. Anti-spammers are not going to win this war: we need a fundamental change in all operating systems to make it possible for trusted authorities to remotely disable malicious code the minute it is discovered. Steve Gibson, in Security Now #244, discusses Apple’s approach:
…imagine if Microsoft…were able to just reach out and kill a trojan. Well, they don’t have the ability to do that because there’s nothing like this kind of grip and control that exists on the open platforms. Apple has that. And so I can see, yes, it’s a mixed blessing in that, as you say, Apple could kill off a competitive program. But to me there’s a tremendous advantage that, if something was discovered to be malicious, and arguably that would probably surface very quickly, for Apple to be able to just kill it off throughout the entire ecosystem, I mean, even the fact that that ability exists, I would argue, militates against developers bothering to create something malicious because they just know it’ll have an extremely short life…. The second it becomes known, it’ll get killed.
What do you think? Leave your comment.