You'll need a better indicator of human status than 8GB of flash to preclude this kind of activity. If all this seems horribly critical, I apologise. I'd like it if you could convince me otherwise.
Well, this is the real issue isn't it? How do you tell if a computer is a zombie or not? The botnet controller has the source code....
Capchas? They can be rerouted and are annoying.
8Gb of flash is 1. Cheap 2. Available everywhere 3. A start...
It can be 16, 32 or 64 Gb of flash....
I think you overestimate the power of the botnets or their interest in mining coins... the main issue is click fraud... that's their real money earner, nearly 2 million zeroaccess zombie machines will only earn $2k of bitcoins a day, so $700k a year.... click fraud is tens of millions of dollars a year
http://www.symantec.com/connect/blogs/grappling-zeroaccess-botnetNow obviously it's an issue and something you want to avoid but if a simple $10 device means the botnet controller has to do more work, he won't bother...
It's not horribly critical... but I would love to hear solutions to problems that might arise in 10+ years time... there's got to be a better way that ASIC farms and 4 pools with 80% of the hashing power....
*btw the computer used in symantecs test case is :
Test computer specifications:
Model: Dell OptiPlex GX620 Pentium D 945 3.4GHz 2GB (Max TDP 95W) which I believe would be a pretty powerful machine for most botnet nodes, a lot are probably ancient. I would be surprised if zeroaccess was even making 1/4 of the amount symantec say is possible from mining*