DNSChanger Danger: Damned if you do, Damned if you don’t

Jul 10, 2012
3

How much warning is too much warning? At what point does an excess of caution evolve into fear, uncertainty and doubt? That the DNSChanger malware failed to down internet connections across the globe on Monday, despite increasingly shrill warnings that the FBI was preparing to pull the plug on the temporary servers keeping them afloat, is undoubtedly A Good Thing. However, it highlights one of the persistent issues facing computing: the challenges in balancing caution and panic.

DNSChanger was undoubtedly a high-risk issue, certainly before the FBI weighed in. The trojan changed user DNS settings so as to rely on compromised servers, serving up pages with malware, sites that secretly collected user-data, and adverts for fake products. The FBI seized the network and a temporary - and safe - DNS replacement system was set up for those unknowingly relying on the dangerous one.

All good things must come to an end, though, and on July 9 the FBI's mandate to run the replacement servers ran out. With hundreds of thousands of computers still relying on the makeshift DNS provisions to bridge browsers and sites, that meant warning those users that they'd need to take an active role in their system security if they wanted to stay online.

[aquote]We lack a single point of communication - instead we have a hosepipe of hysteria[/aquote]

Problem is, the sort of users who were inadvertently infected and didn't realize might not be the sort who would also go hunting for the latest news in malware. What we lack is a single point of communication to highlight security problems; instead, we have a pretty much all-or-nothing hosepipe of rising hysteria.

Microsoft has attempted something like that single point, with its Security Center in Windows. Apple, late to the game when it comes to malware and virus threats, hasn't a centralized security hub in OS X, though the company has been doing more to prevent insidious apps working their way into the platform.

Windows Security Center is too easily overlooked. Third-party security firms individually push alerts to their blogs - and to their (generally paid) software packages - but there's no all-inclusive feed that distills all of that to the user's desktop in an easily understood way.

It's a problem with no easy solution. In the aftermath of the DNSChanger anticlimax, there's likely to be no shortage of accusations that the malware was "over-hyped" and its potential impact "overstated" so as to drive pageviews. Still, while we've gotten off easy now - a somewhat breathless and clogged news-cycle notwithstanding - there's the distinct possibility that the next big security crisis could be made exponentially worse when contingency gives way to uncontrollable FUD and users' eyes glaze over.


Must Read Bits & Bytes