The benign botnet

Publication date: 28 May 2008
Originally published 2007 in Atomic: Maximum Power Computing
Last modified 03-Dec-2011.


At first, botnets - centrally-controlled collections of Internet-connected virus-infected "zombie" PCs - didn't do anything very imaginative.

The bot-herders used, and still use, their countless slaves to send spam. A botnet can also swamp other people's systems with traffic - a "distributed denial of service" attack.

One other profitable but uncreative technique is to install whatever pieces of slime-dripping adware make the bot-herders the most money on every zombie PC. Or the botnet can just fake clicks on ads which the owners of the infected PCs never actually even saw.

Until recently, that was about all botnets did.

Now, though, botnets are not just sending you spam, but actually hosting the sites they're spamming about. In this "botnet hosting", the zombie that hosts the site changes from minute to minute, and the nameservers that tell your browser where the host-zombie is are, themselves, also zombies.

If you can overlook the minor detail that it's all stolen property, these botnets are the best-value distributed hosting solution ever created.

Nobody seems to have come up with a good solution to the botnet problem, yet. ISPs and governments around the world are well aware of it, but few-to-no ISPs actually take action against zombified customers. Unlike BitTorrent fiends, zombie users don't actually cost the ISP any money; the traffic to and from most zombies is pretty light, and nobody's launching any lawsuits at bot-enabling ISPs. (Yet.)

No politician is going to win many votes by making laws that force people to clean their zombie PCs, either. OK, all of the sysadmins would vote for that, but they're greatly outnumbered by the hordes of clueless users who own (physically, at least...) the zombies. I pity the ISP that cuts tens of thousands of customers off from teh intarwebs for reasons the customers can't even understand. I think that'd be a good week for the ISP to just give their whole support department a holiday.

Every time a new wave of malware sweeps across the Net, someone new comes up with the brilliant idea of a "white hat" version of the same thing.

It seems like a reasonable idea on the face of it, after all. Make your own worm, that takes advantage of the same weaknesses as the real malware - or perhaps just sits there waiting to be probed by some other worm, then lashes out. When the white-hat worm infects a new PC, it plugs the very hole it came in through, installs a bunch of other security patches, and then plays a brief patriotic song.

There are two fatal problems with the white-hat-virus idea.

One: Distributing a "friendly" virus breaks the same laws as distributing any other virus. "Breaking and decorating" - breaking into someone's house with the intention of tidying it up and improving the furniture - is still breaking into someone's house.

Two: Curing a modern malware infestation without reinstalling from scratch can be close to impossible even if you're a knowledgeable user. There's already a pretty serious arms race running between the makers of the various evil botnets, and those guys have money to pay programmers. Good luck beating them with your SourceForge project.

So I have a modest proposal: Benign botnets.

There are lots of very worthy distributed computing projects out there.

Everybody knows about SETI@Home and Folding@Home, and olde timey geeks are still running, but there are tons of others. Climate prediction, drug modelling, cancer tissue microarray analysis - the list goes on and on.

None of these projects are interesting to botnet operators, because none of them pay their participants. But, apart from that, existing distributed projects are ideal candidates to be sneakily, and anonymously, installed behind unknowing users' backs.

Distributed computing developers already cope with networks that're unreliable, non-homogenous, insecure and variable in topology, after all. A botnet's not much worse than a normal distributed network!

Distributed-computing apps are also "slopsuckers" - they run at the lowest possible priority, so any other task gets CPU time before they do. This means their impact on the performance of a PC is barely measurable at the best of times. It's not measurable at all, if the PC's the kind of spyware cesspit that usually participates in a botnet.

There's other software that could be installed in the same way. Free anonymous data networks like Tor and Freenet haven't really taken off, because participation is entirely voluntary. Sneak Freenet and Tor nodes with small disk space and bandwidth quotas onto a million unpatched Windows boxes, though, and the Great Firewall of China would never know what hit it.

A benign botnet would still be illegal, and it would still definitely qualify as theft of resources. If nothing else, it'd be stealing electricity, by pegging CPU utilisation at 100%.

But a benign botnet really could work. It wouldn't have to try to attack the impossible task of automatically cleaning away other infections; it could just quietly install itself next to them, and consume no resources that the other infections cared about.

It wouldn't so much be breaking and decorating. More like breaking and setting up a small medical research lab in the attic.

Other columns

Learning to love depreciation

Overclockers: Get in early!

Stuff I Hate

Why Macs annoy me

USB: It's worth what you pay

"Great product! Doesn't work!"

The virus I want to see

Lies, damned lies and marketing

Unconventional wisdom

How not to e-mail me

Dan's Quick Guide to Memory Effect, You Idiots

Your computer is not alive

What's the point of robot pets?

Learning from spam

Why it doesn't matter whether censorware works

The price of power

The CPU Cooler Snap Judgement Guide

Avoiding electrocution

Video memory mysteries

New ways to be wrong

Clearing the VR hurdles

Not So Super

Do you have a license for that Athlon?

Cool bananas

Getting rid of the disks

LCDs, CRTs, and geese

Filling up the laptop

IMAX computing

Digital couch potatoes, arise!

Invisible miracles

Those darn wires

Wossit cost, then?

PFC decoded

Cheap high-res TV: Forget it.


Dan Squints At The Future, Again

The programmable matter revolution

Sounding better

Reality Plus™!

I want my Tidy-Bot!

Less go, more show

In search of stupidity

It's SnitchCam time!

Power struggle

Speakers versus headphones

Getting paid to play

Hurdles on the upgrade path

Hatin' on lithium ion

Wanted: Cheap giant bit barrel

The screen you'll be using tomorrow

Cool gadget. Ten bucks.

Open Sesame!

Absolutely accurate predictions

The truth about everything

Burr walnut computing

Nothing new behind the lens

Do it yourself. Almost.

The quest for physicality

Tool time

Pretty PCs - the quest continues

The USB drive time bomb

Closer to quietness

Stuff You Should Want

The modular car

Dumb smart houses

Enough already with the megapixels

Inching toward the NAS of our dreams

Older than dirt

The Synthetics are coming


Game Over is nigh

The Embarrassingly Easy Case Mod

Dumb then, smart now

Fuel cells - are we there yet?

A PC full of magnets

Knowledge is weakness

One Laptop Per Me

The Land of Wind, Ghosts and Minimised Windows

Things that change, things that don't

Water power

Great interface disasters

Doughnut-shaped universes

Grease and hard drive change

Save me!

Impossible antenna, only $50!

I'm ready for my upgrade

The Great Apathetic Revolution

Protect the Wi-Fi wilderness!

Wi-Fi pirate radio

The benign botnet

Meet the new DRM, same as the old DRM

Your laptop is lying to you

Welcome to super-surveillance

Lemon-fresh power supplies


Internet washing machines, and magic rip-off boxes

GPGPU and the Law of New Features

Are you going to believe me, or your lying eyes?

We're all prisoners of game theory

I think I'm turning cyborg-ese, I really think so

Half an ounce of electrons

Next stop, clay tablets

A bold new computer metaphor

Won't someone PLEASE think of the hard drives?!

Alternate history

From aerial torpedoes to RoboCars

How fast is a hard drive? How long is a piece of string?

"In tonight's episode of Fallout 4..."

How hot is too hot?

Nerd Skill Number One

What'll be free next?

Out: Hot rods. In: Robots.

500 gig per second, if we don't get a flat

No spaceship? No sale.

The shifting goalposts of AI

Steal This Education

Next stop: Hardware piracy

A hundred years of EULAs

The triumph of niceness

The daily grind

Speed kings


Game crazy

Five trillion bits flying in loose formation

Cannibalise the corpses!

One-note NPCs

Big Brother is watching you play

Have you wasted enough time today?

The newt hits! You die...

Stuck in the foothills

A modest censorship proposal

In Praise of the Fisheye


The death of the manual

Of magic lanterns, and MMORPGs

When you have eliminated the impossible...

Welcome to dream-land

Welcome to my museum

Stomp, don't sprint!

Grinding myself down

Pathfinding to everywhere

A deadly mouse trap

If it looks random, it probably isn't

Identical voices and phantom swords


Socialised entertainment

Warfare. Aliens. Car crashes. ENTERTAINMENT!

On the h4xx0ring of p4sswordZ

Seeing past the normal

Science versus SoftRAM

Righteous bits

Random... ish... numbers

I get letters

Money for nothing

Of course you'd download a car. Or a gun!

A comforting lie

Give Dan some money!
(and no-one gets hurt)