As evidence of their presence on the computers, the BBC apparently changed the desktop wallpaper of affected computers to display a message from BBC Click. As Graham Cluley of Sophos described, other steps in this "investigation" included:
"BBC reporter Spencer Kelly and security company PrevX took over an existing botnet of approximately 22,000 computers, and used them for their spam experiment - ordering the innocent third-party computers to send 500 spam messages each to Hotmail and Gmail accounts under the control of the BBC."As someone who helps in the security forums helping people clean their computers of malware, I am of the strong opinion that this so-called investigation by BBC Click was, if not against the Computer Misuse Act, at the very least highly in appropriate. I am surprised there is not more censure of PrevX for their participation.
You can follow the comments in Twitter using the hash code #bbcbot
- BBC News: Is your PC doing a hacker's dirty work?
- BBC Program Click: BBC team exposes cyber crime risk
- OPSI: Computer Misuse Act 1990 (c. 18)
- Computerworlduk: Did BBC break computer misuse act with botnet?
- OUT-LAW.COM: BBC programme broke law with botnets, says lawyer
- Sophos: Did BBC break the law by using a botnet to send spam?
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...