Security Limitations of Dialup
Most of the security discussions that I have involving infected hosts on the Internet tend to be focused around broadband users. It’s true: DSL, Cable modem and other high speed access technologies have given miscreants who own bot armies unbelievable amounts of bandwidth with which to launch attacks. This area should be the focus of most of the security initiatives being put in place. However, focusing solely on broadband leaves a large part of the Internet community unprotected. It’s the part that often gets overlooked by much of the industry but still presents a number of significant security challenges to maintaining the Internet. I’m referring to the dial-up space. Yes dial-up is slow and it would take a lot of V.92 based zombies to mount any real type of attack.
Consider the following points:
1) Dialup devices are less likely to have decent security measures in place. Many of the preventative measures that you can take to keep the computer from having problems to begin with are hard to accomplish over dialup. Operating system, browser, and application updates take hours to download and can only do so when a dialup session is established. The auto-update mechanisms that Microsoft and the AV vendors put in place aren’t really effective under the circumstances. I personally have family members who are still on dialup and are still running Windows 2000 service pack 2. Updating that computer will involve at least 12 hours of downloading/installing software while tying up the phone line. Its not something that they’re willing to do.
2) Dialup devices are less likely to be routed through a Linksys, Netgear or other low end router providing NAT services. Generally, when a dialup user connects, the device is exposed to the world.
3) When dialup devices do get infected, it is often more difficult to diagnose and clean them. Most of the things that you need to troubleshoot non-trivial issues on a computer are readily available on the Internet but aren’t something you necessarily carry around with you:
– AV updates – check
– Anti-spyware software – check
– Updated hardware drivers – check
– IRC with your buddy that works in IT – check
– Google – check
Working with dialup to get at this data is a painfully slow process.
4) Measures put in place by service providers to track infected PCs are generally limited to a certain number of “top talkers” and are therefore more targeted towards broadband users. Dialup users don’t have the bandwidth to bubble to the top very often. True, dialup providers do provide pop up blocking, AV on email and some provide firewall capabilities, but these measures aren’t always accepted by users and their not available from every provider.
According to various studies including http://www.websiteoptimization.com/bw/0604/ and
http://www.pewinternet.org/pdfs/PIP_Broadband_trends2006.pdf, over 70% of American adults use broadband and there are roughly 75M broadband users currently in the US. Assuming the numbers are close to accurate, that would mean that there are roughly 25M dialup users in the US alone. This populous poses a significant security exposure and one that is not easily checked.
There are some silver linings. Broadband adoption continues to grow worldwide and it eats into dialup usage. The consumer market in need of guidance has led to the formation of many companies that provide consumer PC services. Thankfully, the same limitations that keep all these dialup users from becoming fully secure also limit what damage they can do on the Internet as a whole. It takes a lot more zombies at 30kps upload speeds to bring down a major Internet web site than it would take in DSL and cable modem users at 2Mbps+ speeds.