Monday, December 17, 2007

when is a botnet not a botnet?

when the term botnet is misused... at least misuse seems to be the interpretation allysa myers made... although i'm not sure the headline "fbi: 'botnets' threaten online shopper security" can actually be attributed to the fbi (because the media is well known for twisting things to make a catchy headline) there certainly does seem to be a lot of ambiguity in the way the term botnet is being used...

that said, i really don't think the suggestion of coming up with a new term for what used to be called a botnet is the answer... i'm reminded of another term that got watered down in a similar way... that term was virus... it seems to me that we never tried to come up with an alternative for virus (or if we did it thankfully died a quick death), rather we came up with terms for what the label virus was being misapplied to...

come to think of it, it seems to me that not too long ago the same problem occurred with the term spyware... arguably rootkit as well...

i don't think playing musical chairs with terminology is the proper way to resolve the problem... if people are misusing a term and confusing the issue in the process, abandoning the term in favour of a brand new one isn't going to make the issue any less confusing... instead it will simply introduce a new term that they've never heard of before and are unfamiliar with and they'll wonder why it's being used where botnet was being used before... that seems likely to confuse people, if you ask me...

i think the first thing to consider is what the problem really is - to my mind the root problem (ignoring it's consequences) is terminology misuse... changing terminology to run away from that misuse doesn't actually address the problem... to address the problem we need to know why it happens...

so why does terminology misuse happen? the simple answer is ignorance - people who misuse these terms do so because they don't know any better (or because the audience they're trying to reach don't know any better and they don't care to elevate their audience)... they don't know any better because malware is not a mainstream topic in our society... certain concepts bleed through into the mainstream and get assimilated by mainstream culture... those concepts then get used to try and explain things in the malware field, but with only a few concepts in their repertoire those explanations wind up being a distortion of reality rather than an accurate model...

in this case it seems that people are struggling with the idea of identity theft related malware and how botnets scale that problem up... they're struggling because the general public doesn't have the conceptual currency to properly express these ideas, while a select few (relatively speaking) do... some people are haves, but most are have-nots...

that imbalance is something i've certainly been trying to address for some time by trying to make information more available and accessible and hoping that the knowledge would trickle down (for lack of a better phrase)... obviously that is a rather slow process (and just as obviously, i seem to appeal more to technically minded folks) in part because only those who seek the information will find it... i think what we really need is a revolution in the way we disseminate knowledge, not just a set of new words...

0 comments: