The permission problem (as far as many of the people who don't know they're currently hacked is concerned) is not a difficult one: there would be various means to enable large scale adoption.
I don't think the idea is that far-fetched. Wasn't there some talk of Microsoft considering a botnet of their own? It would be easy for companies like them to ask users to also have Remote UpdatingTM. A kind of ultra-unstoppable Windows Update botnet ;) (I'm sure that would be popular with some).
IMO whether or not it would be a good idea is just as important a question as if it's currently legal.
I'm not sure about that as an ethical justification. I imagine for most people the repercussions on potential victims would sway them as to whether or not this was ethical behaviour.
Remember that botnets undertake denial of service and various other large-scale attacks, that can cause a lot of damage to significant amounts of people.