Skip to main content

Government Remotely Disables Software on Personal Computers

The FBI remotely disabled software installed on privately owned personal computers located in the United States.

If this isn’t controversial, it should be.

The software is presumed to be malicious, having been accused of stealing account information and passwords from hundreds of thousands of people.

Does that make it less controversial?

Hundreds of thousands of computers have one less bot on them. That’s certainly a good thing. Hundreds of thousands of computer owners had their computers remotely manipulated by law enforcement. Is that a good thing? A dangerous precedent?

Interesting, for sure.

Update: Gary Warner has an excellent write-up.


  1. I think it's a big difference between the FBI taking control of a criminal botnet that's already installed vs. "remotely disabling" software on personal computers, which implies they did some sort of mass hack. This doesn't even open up any sort of "slippery slope", as the lines here are very clear.

  2. A few extra packets to my PC is just another drip in the bucket along all those Chinese addresses portscanning my poor home router ;)

    Any perception of sovereignty we have with our electronic property (or in general?) is a crutch to feel like we're still in control... Not worth getting worked up over; we're already walked on. Someone can sign a paper because I fit a profile, maybe sent a sarcastic email to someone and I can have all my 'rights' (temporarily) stripped...

    The alternative could be worse if they decided to start holding owners of computers accountable; queue: "Internet insurance", and we'll all be forced to buy!

  3. In this case, the machines were already hacked anyway, so I don't really see a problem with it. If you don't want anyone to be able to change anything on your computer, then you better lock it down. In that case, should you trust automatic updates? Should you install anything that isn't open source? Should you connect to the internet? Should you even turn the dang thing on?

  4. Dave, orev -

    I treat government action differently than the action of a private software company whose software I installed and presumably clicked an 'I agree' somewhere along the line. If I install MS's Malicious Software Removal Tool, I almost certainly explicitly gave them permission to remove malicious software from my computer. I don't know for sure - I didn't read it. ;)

    Likewise, when I clicked the 'I agree' on my Andriod or iPhone, I probably gave Google (Apple) permission to do all sorts of perverse things to my phone, malicious software removal included. I don't know - didn't read them either.

    I do know that I did not give government agents permission to manipulate software on my computer. There was no 'I agree'.

    Having said that, I'm not against what the FBI did. I'm merely pointing out that this action is something that should be discussed, as I believe that for a agency of the government to remotely disable functionality of any kind is precedent setting.

    And the headline was written so that people would read it. ;)

    Justin - the port scanning on our (your) state wide network is in the tens of millions of denied packets per day. The noise is unbelievable, the signal very weak, our syslog servers are busy.

    Your other points are well taken.

    In the case where a law enforcement agent witnesses a crime occurring in my house while I'm home, can the agent enter my house without knocking?

    Some would say yes.

    The way I see it, that's what happened here.


Post a Comment

Popular posts from this blog

Cargo Cult System Administration

Cargo Cult: …imitate the superficial exterior of a process or system without having any understanding of the underlying substance --Wikipedia During and after WWII, some native south pacific islanders erroneously associated the presence of war related technology with the delivery of highly desirable cargo. When the war ended and the cargo stopped showing up, they built crude facsimiles of runways, control towers, and airplanes in the belief that the presence of war technology caused the delivery of desirable cargo. From our point of view, it looks pretty amusing to see people build fake airplanes, runways and control towers  and wait for cargo to fall from the sky.
The question is, how amusing are we?We have cargo cult science[1], cargo cult management[2], cargo cult programming[3], how about cargo cult system management?Here’s some common system administration failures that might be ‘cargo cult’:
Failing to understand the difference between necessary and sufficient. A daily backup …

Ad-Hoc Versus Structured System Management

Structured system management is a concept that covers the fundamentals of building, securing, deploying, monitoring, logging, alerting, and documenting networks, servers and applications. Structured system management implies that you have those fundamentals in place, you execute them consistently, and you know all cases where you are inconsistent. The converse of structured system management is what I call ad hoc system management, where every system has it own plan, undocumented and inconsistent, and you don't know how inconsistent they are, because you've never looked.

In previous posts (here and here) I implied that structured system management was an integral part of improving system availability. Having inherited several platforms that had, at best, ad hoc system management, and having moved the platforms to something resembling structured system management, I've concluded that implementing basic structure around system management will be the best and fastest path to…

The Cloud – Provider Failure Modes

In The Cloud - Outsourcing Moved up the Stack[1] I compared the outsourcing that we do routinely (wide area networks) with the outsourcing of the higher layers of the application stack (processor, memory, storage). Conceptually they are similar:In both cases you’ve entrusted your bits to someone else, you’ve shared physical and logical resources with others, you’ve disassociated physical devices (circuits or servers) from logical devices (virtual circuits, virtual severs), and in exchange for what is hopefully better, faster, cheaper service, you give up visibility, manageability and control to a provider. There are differences though. In the case of networking, your cloud provider is only entrusted with your bits for the time it takes for those bits to cross the providers network, and the loss of a few bits is not catastrophic. For providers of higher layer services, the bits are entrusted to the provider for the life of the bits, and the loss of a few bits is a major problem. These …