Ask HN: Is it illegal to combat DDOS with a virus?

5 points by christophilus ↗ HN
We have the source for the botnet that seems to have caused yesterday's internet outage: https://news.ycombinator.com/item?id=12766950

Is it illegal to use this same code to go clean up infected devices, and also change their passwords to something more secure? I imagine the changing of the password would be illegal. Is there some action such a virus could take that would fix the problem legally?

6 comments

[ 3.7 ms ] story [ 27.5 ms ] thread
Illegal in which country? Botnet's span is unlikely to be limited to USA only.
Good point. USA, specifically, as that's where I live. I wonder if I'd be prosecuted if I tried to help combat this by creating a white-hat version of the software.
Uusually, crime is prosecuted based on where it happened, not where the perceived victim is located.

If you alter other peoples devices FROM the US, US law applies.

You're essentially appropriating other people's computing resources for your own agenda, even if it's a good one, without the owner's permission. That's a crime.

I'd just suggest using the scanning portion to identify unsecured connections that should be added to a firewall's blacklist.

Maybe that could be a good SAAS service that would provide a blacklist of all unsecured IOT devices and printers to everyone interested for blacklisting purposes.

Don't most of these devices send an unique user agent indicating what type of device it's from?

If so why not block based on that?

You'd still need to parse the UA, which takes resources. Plus the attackers have root. What's preventing them from spoofing the UA?