AW: [alicebot-aiethics] evil chat bots

[Christian Droßmann]

Dekker wrote:

> I was doing some reading today and saw a thread of newsgroup posts from
> people who've been hacked by way of  ICQ. This prompted me to wonder if
> ALICE would have the ability to activate malicious code through a web or
> messaging interface. If so it would be an easy way for prank hackers to
> exploit serious amounts of chat room users simultaneously. Has
> anyone heard
> of any chatbot technology used this way before?

Technically, this should be no problem. If we take webserver exploits as an
example, buffer overflows in particular, then it would be absolutely no
problem to program alice to send out html-requests and attack webservers
that are known to be vulnerable. One could even implement a
"Stacheldraht"-like functionality using the already established bot network
to be used as a flood network to perform DOS-attacks...then the user must
simple tell alice to "Attack 192.0.0.1" or whatever and minutes later the
server will be down...
Many people would use Alice on their computer at home, not knowing they are
being used to gather a giant network with immense flooding power capable of
taking down any server on the net in no time...
Although, it would be a nice feature if Alice would pingflood users
insulting her, as it already is common practice on most IRC servers ;->

> I don't think this type of attack will ever become a huge problem, as any
> technology can exploited to make mischief, but I would be interested in
> knowing if the subject has ever come up before.

I would say that this will be no more hazardous than other automated hacking
utilities used by unreasonable script-kiddies...

Christian