Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The BBC could face legal challenges if any botnet computers used for the Click programme were located in Finland.
Olli-Pekka Niemi, leader of Stonesoft's virus research team claimed that while the BBC purchasing a botnet for around £6000 (A$12800) from a cybercriminal to send spam is unethical, the problem is that it used the 22,000 computers without permission.
In Finnish law, this is illegal, and Niemi said that there was no way that this could be considered to be ‘white hat hacking' or ethical in anyway. He said: "I don't see anyway to do this in a legal way, if they wanted to warn the users that they are in a botnet they should have contacted the service providers or authorities to let them know that they were going to do it."
He claimed that there was a success in showing people how a botnet and hacking works, and the BBC did succeed in raising awareness of the situation, but did it in a totally unethical way.
Niemi said: "People can now see how easily it is done, the jurisdiction didn't state where the computers were based and I don't know when they approved this. They may have broken laws in many countries, in Finland this would be illegal and I am not an expert on the laws of other countries but this could cause problems."
David Harley, director of malware intelligence at ESET, claimed that it was ‘well-intended, I'm sure. Sensational(ist), perhaps. Effective in raising public awareness, hopefully. But it sounds to me a lot like conscious exploitation of unauthorised access and unauthorised modification: exactly the issues around which the Computer Misuse Act revolves'.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.