Re: [Full-Disclosure] Why is IRC still around?
From: Nick FitzGerald (nick_at_virus-l.demon.co.uk)
To: Mailing List - Full-Disclosure <email@example.com> Date: Sat, 20 Nov 2004 09:02:07 +1300
> Well, it sure does help the anti-virus (anti-malware) and security
> consulting business, but besides that... is it not safe to say that:
> 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
> 2) A considerable amount of "script kiddies" originate and grow through IRC?
> 3) A wee bit of software piracy occurs?
> 4) That many organized DoS attacks through PC zombies are initiated through IRC?
> 5) The anonymity of the whole thing helps to foster all the illegal
> and malicious activity that occurs?
> The list goes on and on...
> Sorry to offend those that use IRC legitimately (LOL - find something
> else to chat with your buddies), but why the hell are we not pushing
> to sunset IRC?
> What would IT be like today without IRC (or the like)? Am I narrow
> minded to say that it would be a much safer place?
I daresay the world would not be much different.
The early dedicated DDoS systems had their own inter-agent
communication channels of varying complexity and sophistication. I'm
sure if something easy and convenient such as IRC were not around for
the skiddie copycats that came along later to usurp, at least one or
two of said copycats would probably have managed to scrape together
just enough talent to roll their own simple, lightweight distributed
messaging system to use as a communication and coordination channel for
their bot armies and thus we'd have ended up more or less where we are.
Likewise, other methods of more or less "anonymous" intercommunication
between like-minded skiddies would have evolved had IRC not, as the
nature of the underlying structure of the Internet is essentially
anonymous communication (recall that this is a completely unintended,
and perfectly expected, effect of the purpose of the underlying network
technology -- it was to be used for a physically closed network, where
the fact a machine was on the network _meant_ that machine was supposed
to be there _and_ that its location _AND_ the names and whereabouts of
the ranking officers responsible for the techies running it would be
Ditto, s/w piracy would have found other largely untraceable online
outlets such rooted FTP and web servers, compromised SOHO machines with
fast connections and totally clueless "admins", P2P, etc, etc...
In short, without IRC I'd expect we'd be pretty much exactly where we
are anyway (save we would have had one less inane question to answer on
some mailing list).
-- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html