Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Secretly Beheads Notorious Waledac Botnet

CmdrTaco posted more than 4 years ago | from the if-you-cut-off-one-head-do-two-grow-back dept.

Botnet 381

Barence writes "Microsoft has quietly won court approval to deactivate 277 domain names that are being used to control a vast network of infected PCs. The notorious Waledac botnet is being used by Eastern European spammers to send 1.5 billion spam messages every day, and infect hundreds of thousands of machines with malware. In a suit filed in the US District Court of Eastern Virginia, Microsoft accused 27 unnamed defendants of violating federal computer crime laws. It further requested that domain registrar Verisign temporarily deactivate the domains, shutting down the control servers being used to send commands to the machines. The request was secretly approved by District Judge Leonie Brinkema, allowing the action to be taken covertly, preventing Waledac's operators from switching domains."

cancel ×

381 comments

Sorry! There are no comments related to the filter you selected.

"East European" (-1, Offtopic)

benjfowler (239527) | more than 4 years ago | (#31271322)

Just gotta love euphemisms.

It's like in Australia, whenever a Lebanese Muslim commits a crime, the media describe the suspect of being "of Middle Eastern appearance".

They're not "East Europeans". THEY'RE RUSSIANS. Just cut to the chase please.

Eat Yellow Snnow Ballmer ! (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31271344)

Eat the snnnow Ballmer Eat the snnow !

Microsoft Secretly Beheads... (0)

Anonymous Coward | more than 4 years ago | (#31271534)

What a title! At first glance, I thought Microsoft was outed cutting off people's heads, but no, they just shut down a botnet.

It pains me to say this... (5, Funny)

MrNaz (730548) | more than 4 years ago | (#31271592)

... but HOORAY FOR MICROSOFT!

Re:"East European" (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31271360)

This is yet another win for Open Source Software. If people used Open Source Operating Systems such as Linux, this would never have happened, as people would have inspected the source and stopped it before someone checked the trojan into the Git repository.

Microsoft's Git repository for Windows is not public and so people cannot inspect the source, leading to this kind of thing.

Please, people, dump your Proprietary Operating Systems and use superior OSS software instead.

Re:"East European" (0)

Anonymous Coward | more than 4 years ago | (#31271390)

I think my sarcasm meter needs fine-tuning.

Re:"East European" (1, Insightful)

lordandmaker (960504) | more than 4 years ago | (#31271418)

This has nothing to do with malicious code in the OS. It's to do with malicious code exploiting crap code in the OS. And all software has *some* crap code in it.

Re:"East European" (3, Interesting)

FyRE666 (263011) | more than 4 years ago | (#31271466)

It's not crap in the OS that causes the vast majority of infections. It's crap in the user's heads.

Why not just add code to check for an infection in the next Windows update. If found, then the user is presented with a dialogue at every boot that they must ok, and prevents them from logging in for 5 minutes for the first boot, increasing by 1 minute for each subsequent boot. Even lazy idiots will eventually get sick of this and do something about their machines.

Re:"East European" (1, Funny)

Anonymous Coward | more than 4 years ago | (#31271558)

like download a "patch" for the "bug" or install antivirus 2010 to remove the "virus"

Re:"East European" (3, Informative)

Anonymous Coward | more than 4 years ago | (#31271578)

MS has the "malicious software removal tool" that shows up monthly in Automatic Updates and it will take care of it - but unfortunately WAY too many people don't have the automatic updates enabled or just refuse to run them. If they would run them a couple of these botnets would be gone.

Re:"East European" (4, Informative)

jtdennis (77869) | more than 4 years ago | (#31271680)

This can also be started manually by running "MRT.exe" from the run prompt. The month of the update is in the title bar, so it's easy to tell if you're current or not.

Re:"East European" (3, Insightful)

Tom (822) | more than 4 years ago | (#31271632)

It's not crap in the OS that causes the vast majority of infections. It's crap in the user's heads.

Cheap cop-out.

You're in a mass-market. You can not expect the majority of users to know anything about computers. You can debate that point all you like, but that's how it is. Saying otherwise is like saying only car mechanics should be allowed to drive cars.

Re:"East European" (0)

Anonymous Coward | more than 4 years ago | (#31271684)

Given that the average computer user regularly does the equivalent of driving their "car" straight into a wall, I'm not sure if at least some of the blame shouldn't fall their way. I mean, would *you* open an executable attachment sent to you by a Nigerian prince? Most users would.

Re:"East European" (5, Insightful)

fuzzix (700457) | more than 4 years ago | (#31271734)

Cheap cop-out.

You're in a mass-market. You can not expect the majority of users to know anything about computers. You can debate that point all you like, but that's how it is. Saying otherwise is like saying only car mechanics should be allowed to drive cars.

No, it's more like saying "people should know how to drive before taking their car on public roads"

Re:"East European" (4, Insightful)

Bakkster (1529253) | more than 4 years ago | (#31271752)

You're in a mass-market. You can not expect the majority of users to know anything about computers. You can debate that point all you like, but that's how it is. Saying otherwise is like saying only car mechanics should be allowed to drive cars.

But you can tell them to perform preventative maintenence like fluid changes, etc. Then it is their fault if they think they know better and ignore the manufacturer's recommendations.

An example would be brake pads. If you're lazy, you might never replace your brake pads, making you a hazard to everyone else on the road. So, brake pads have metal filings in the last portion of the pad to make an obnoxious grinding noise when it's time to change them. What better way to get people to take care of their car/computer than to annoy them until they fix the issue?

Re:"East European" (1)

Krneki (1192201) | more than 4 years ago | (#31271776)

Maybe it is time to allow only mechanics to drive cars. At least it will solve congestion problems.

Re:"East European" (1)

Andy Dodd (701) | more than 4 years ago | (#31271710)

If it were that easy to check for and find all infections, we wouldn't have them.

Re:"East European" (1)

Krneki (1192201) | more than 4 years ago | (#31271786)

If it were that easy to check for and find all infections, we wouldn't have them.

This ain't the problem. The problem is that you are not allowed to fix a computer that isn't yours without the explicit consent of the owner.

Re:"East European" (1)

poetmatt (793785) | more than 4 years ago | (#31271918)

this is not an explanation that's really going to help people understand why linux is overall a better bet (specifically for longevity) than windows.

Try explaining things more simple:

it's more secure
you know what the program does (nothing hidden)
everything is free (and high quality)
if you don't know how to do something it can easily be google'd to find the answer.

etc.

explaining MS's closed repositories is not even a compelling reason for folks who are programmers.

Re:"East European" (0, Offtopic)

Pojut (1027544) | more than 4 years ago | (#31271370)

"It's not a purse...it's EUROPEAN!!!"

Re:"East European" (0)

Anonymous Coward | more than 4 years ago | (#31271372)

Just gotta love euphemisms.

It's like in Australia, whenever a Lebanese Muslim commits a crime, the media describe the suspect of being "of Middle Eastern appearance".

They're not "East Europeans". THEY'RE RUSSIANS. Just cut to the chase please.

The Ukranians, Poles, and Chechs called. They're insulted that you're lumping them in with the Rooskies, and they're rooting your box.

Re:"East European" (1, Funny)

Anonymous Coward | more than 4 years ago | (#31271620)

The Ukranians, Poles, and Chechs called. They're insulted that you're lumping them in with the Rooskies, and they're rooting your box.

The insulted Czechs are now rooting your box.

Re:"East European" (5, Funny)

nacturation (646836) | more than 4 years ago | (#31271742)

The Ukranians, Poles, and Chechs called. They're insulted that you're lumping them in with the Rooskies, and they're rooting your box.

The insulted Czechs are now rooting your box.

That explains all the spam. The Czechs are in the mail.

Re:"East European" (1)

MrNaz (730548) | more than 4 years ago | (#31271650)

The Chechs called. They want to know why they don't exist.

Good work... (3, Funny)

avarus (610800) | more than 4 years ago | (#31271328)

...but where will I get all my v14gra now??

Re:Good work... (0)

Anonymous Coward | more than 4 years ago | (#31271528)

I'd guess at one of those Canadian on-line Pharmacies?

Thanks to this post I hurried to get my 5th on-line diploma, and I'm waiting for shipping. But now, where am I going to get my Rep1icaWatches

Re:Good work... (1)

MrNaz (730548) | more than 4 years ago | (#31271660)

Have you tried a Canadian on-line watch shop?

Re:Good work... (1)

secondhand_Buddah (906643) | more than 4 years ago | (#31271546)

Send me your email address. I'm sure I could arrange something..

Microsoft (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31271330)

Cue comments about how this is somehow evil...

Re:Microsoft (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31271600)

Microsoft forcing domains off the web in total secrecy? How could that possibly be evil ...

After all, Microsoft has such a shiny track-record of only disconnecting sites that are truly evil *coughcryptomecough*

Let's just cheer at them while they clean up the internet.

One step toward active botnet fighting? (4, Interesting)

jeffmeden (135043) | more than 4 years ago | (#31271340)

This is nice (if reactionary) but how long before we can get a court order to legally fight the botnet by 'infecting' the target computers with a patch, or at least some sort of message that warns the user to seek help?

Would Microsoft ever go that far? Would that be admitting that the only solution to the holes in Windows is vigilantism?

Re:One step toward active botnet fighting? (1)

bhamlin (986048) | more than 4 years ago | (#31271454)

Honestly, were I writing malware, the first thing I'd do after something like that came out was try and figure out how to disable it. You can't trust anything on a compromised computer.

Sure, it might catch a few. Most likely the user will just ignore the warning, hoping it'll go away; then once the malware has an update that disables the warning, it will go away. Problem solved.

About the only thing that will fix the current spyware/malware problem would be smarter computer use and privilege separation. But in my experience users will click on anything just to get their shiny pointers.

Re:One step toward active botnet fighting? (4, Informative)

Saint Fnordius (456567) | more than 4 years ago | (#31271626)

It actually has come to the point where botnets are actively removing other malware from the infected computer, much like a parasite killing off other parasites so that it has sole possession of the host.

Re:One step toward active botnet fighting? (0)

Anonymous Coward | more than 4 years ago | (#31271462)

This is nice (if reactionary) but how long before we can get a court order to legally fight the botnet by 'infecting' the target computers with a patch, or at least some sort of message that warns the user to seek help?

Would Microsoft ever go that far? Would that be admitting that the only solution to the holes in Windows is vigilantism?

It has already been done, all be it without any permission. At least here in the UK by the BBC when they paid cybercrims to obatin access to a botnet for reporting purposes.

http://www.theregister.co.uk/2009/03/12/bbc_botnet_probe/
http://www.theregister.co.uk/2009/03/16/bbc_botnet_bought/

Reactionary? (1)

aussersterne (212916) | more than 4 years ago | (#31271480)

I do not think that word means what you think it means.

Re:One step toward active botnet fighting? (1)

characterZer0 (138196) | more than 4 years ago | (#31271492)

When you can prove that your patch will in no way adversely affect any computer that it is installed on.

MS is already doing that. (2, Informative)

leuk_he (194174) | more than 4 years ago | (#31271690)

Ever heard of Malicious Software Removal Tool [microsoft.com] that is rolled out in in the monthly patch cycle. It kills software MS deems bad. No court approval for that.

Re:MS is already doing that. (1)

maxume (22995) | more than 4 years ago | (#31271722)

Yeah, because they have implicit user approval.

Re:MS is already doing that. (1)

gparent (1242548) | more than 4 years ago | (#31271802)

Not just implicit. The first time I ran it on XP, I had to explicitly accept.

Contingencies (4, Interesting)

flink (18449) | more than 4 years ago | (#31271346)

Even if the control machines loose DNS resolution, might not the botnet be configured to fall back to connecting to well known IP addresses to accept commands? Seems like the logical thing to do if you are creating an illegal network...

Re:Contingencies (1)

FlyingBishop (1293238) | more than 4 years ago | (#31271398)

They probably have a number of redundant measures. Most of the nodes communicate with each other directly, and only accept commands signed by the owner. So if the owner can get new orders out to a head node, the rest of them can easily be updated.

This will at the least result in a momentary lull though.

Re:Contingencies (4, Interesting)

TheLink (130905) | more than 4 years ago | (#31271612)

If I wrote malware (I don't), I'd use google, other search engines and maybe even twitter (but that's probably covered by search engines nowadays) to search for new instructions :). So you could post the instructions "anywhere" in the world along with keywords. The search engines would find it. Naturally you'd check the signatures to see if the instructions are valid.

I'd also write the malware in perl. Pretty easy to do such stuff with perl - can also fork and run the instructions in an eval (if you think people are going to crack your malware). It'll be interesting to see how the AV people cope with TIMTOWTDI. Probably trivial to whip up equivalents in python or similar.

Such malware could run on windows, Linux, *BSD, OSX :).

Re:Contingencies (1)

Cyner (267154) | more than 4 years ago | (#31271406)

1. If they were smart it's easier to make money legally than illegally.
2. They have quite a few domains for a reason, and normally they don't all go dark at the exact same well-coordinated time.

Re:Contingencies (4, Insightful)

Clover_Kicker (20761) | more than 4 years ago | (#31271434)

1. If they were smart it's easier to make money legally than illegally.

Really?

Re:Contingencies (3, Insightful)

L4t3r4lu5 (1216702) | more than 4 years ago | (#31271656)

Indeed. I was just thinking "Hey, I could go out to work for a month, do 8 hours a day in a confined space staring at a computer screen, being breathed on by a boss who thinks that 30 seconds on /. is a sackable offence, stressed out of my mind as my skillset is quite over-subscribed at the moment and if I lose my job I'll be in a highly competitive workplace, or I could pull a kitchen knife from my home, go around to the closest atm, wait for someone to stick in their pin, and have all of their money!"

Work isn't easy. If it was, we wouldn't be paid to do it.

Re:Contingencies (1)

140Mandak262Jamuna (970587) | more than 4 years ago | (#31271730)

1. If they were smart it's easier to make money legally than illegally.

Really?

Yes, really. Just ask Tim Gaitner, Hank Paulson or any of the Chief Embezzling Officers or anyone working for Morgan Stanley.

Re:Contingencies (1)

Akido37 (1473009) | more than 4 years ago | (#31271460)

1. If they were smart it's easier to make money legally than illegally.

It's really not. If you've ever been involved with, or known anyone involved with selling illegal drugs, you'd know how false that statement is.

Re:Contingencies (2, Funny)

characterZer0 (138196) | more than 4 years ago | (#31271500)

It's really not. If you've ever been involved with, or known anyone involved in politics, you'd know how false that statement is.

Re:Contingencies (1)

pHus10n (1443071) | more than 4 years ago | (#31271530)

Politics? We already covered "how to do it illegally".

Re:Contingencies (0)

Anonymous Coward | more than 4 years ago | (#31271610)

It's really not. If you've ever been involved with, or known anyone involved with selling health insurance, you'd know how false that statement is.

Fixed that for you.

Re:Contingencies (4, Insightful)

Ifni (545998) | more than 4 years ago | (#31271634)

I tend to wonder at the accuracy of that assumption. I think that drug dealing is a lot like acting - people see all the famous actors and say "I can get rich as an actor", but don't notice that it is only the top one percent or so that truly make it - the rest struggle to get by, or make a moderate living at best. Additionally, as a drug dealer, you also have to avoid the law - being wildly successful for 5 years then getting caught and put in jail for ten to twenty makes flipping burgers more profitable an endeavor over the long term. Not to mention the rather short life expectancy of many of the most successful due to "competition".

So, short term, yeah, dealing (or many types of crime) is easier than making money legally. But long term, you either have to be really good, and thus invest much effort in staying one step ahead of both the law and those looking to "replace" you, or you lose the advantage that crime had, and then some. And if you are investing the required effort successfully, you likely could have done equally well working legitimately. Sure, there are the Dons and Columbian drug lords that are the exception, but again - only the top 1% or less enjoy that privilege.

Re:Contingencies (0)

Anonymous Coward | more than 4 years ago | (#31271652)

http://www.ted.com/talks/steven_levitt_analyzes_crack_economics.html

Steven Levitt would like to have a few words with you.

Re:Contingencies (1)

TheLink (130905) | more than 4 years ago | (#31271856)

In terms of $$$$$$$ obtained, I think the finance bunch have been doing pretty well. And lower risk too. When they supposedly screwed up they still got bonuses.

All it takes is to not have a conscience or being able to fool yourself that you are actually adding lots more value than you are taking out.

As the title of one book says: "Where Are the Customers' Yachts? or A Good Hard Look at Wall Street".

Re:Contingencies (0)

Anonymous Coward | more than 4 years ago | (#31271738)

1. If they were smart it's easier to make money legally than illegally.

You must have been home schooled and/or grown up with the Amish.

Re:Contingencies (1)

Afty0r (263037) | more than 4 years ago | (#31271806)

1. If they were smart it's easier to make money legally than illegally.

Even if I wasn't handing over around half my income to the gubmint, I doubt this would be true. If it were true there wouldn't be many crims left...

Re:Contingencies (1)

tokul (682258) | more than 4 years ago | (#31271414)

Even if the control machines loose DNS resolution, might not the botnet be configured to fall back to connecting to well known IP addresses to accept commands? Seems like the logical thing to do if you are creating an illegal network...

Hardcoded IP address allows to trace bot master. Fallback to master's address is not logical. It is dangerous and unsafe. Logical thing would be to start new botnet when original botnet is targeted by authorities.

Re:Contingencies (1)

snemarch (1086057) | more than 4 years ago | (#31271644)

Who said anything about a hardcoded IP leading to the bot-master's own computer? It's not as if DNS entries would magically obscure the IP anyway, so a handful of hardcoded IPs for hacked or "safely setup colo" boxes could be employed.

Why rely on master control servers anyway? Hide control commands on blog comments, twitter updates, et cetera - might be slow crawling around finding these, so perhaps not super feasible for "flood that sucker now" commands... but could be used to supply new control server DNS/IP, updates, you name it.

Re:Contingencies (2, Interesting)

maxume (22995) | more than 4 years ago | (#31271784)

Slashdot comments would be a great place to put a bot domain lookup (you could check every story for anonymous comments containing domains, check every story in a certain section for anonymous comments containing domains, or even check a certain account).

The relatively strict attitude about 'freezing' things means that they probably wouldn't disappear, compared to blog comments, where a given blogger might zap stuff or not.

Re:Contingencies (1)

tokul (682258) | more than 4 years ago | (#31271852)

Who said anything about a hardcoded IP leading to the bot-master's own computer?

It is a lot easier to trace IP address and to identify bot owner. If "owner" is just another victim, it can be shut down just like domains. Domains can jump from one location to another. Safer way is to generate new domain name. Then authorities must block new domains in order to make sure that botnet remains disabled.

Blog controls might require more advanced bot client.

Re:Contingencies (1)

mindstrm (20013) | more than 4 years ago | (#31271876)

I'm sure they do/will - but you fight each attack with the tools necessary.

If taking a few domains offline temporarily totally crippled a massive botnet, that's great, as much as the possible future slippery-slope or abuse of power by using DNS for abuse-enforcement bothers me........ we don't want court-orders against DNS providers to become the way to shut sites down globaly all the time.

IT does, however, in the case of these viruses and whatnot, seem like a very logical choice, and places the core DNS infrastructure in a unique position to mitigate a huge amount of damage, fast.

Re:Contingencies (1)

Tom (822) | more than 4 years ago | (#31271586)

Even if the control machines loose DNS resolution, might not the botnet be configured to fall back to connecting to well known IP addresses to accept commands?

You'd have to store that IP somewhere, which means in the clients, which means it'll be found and either disabled or lead them right to your door.

Re:Contingencies (5, Insightful)

Jahava (946858) | more than 4 years ago | (#31271630)

Even if the control machines loose DNS resolution, might not the botnet be configured to fall back to connecting to well known IP addresses to accept commands? Seems like the logical thing to do if you are creating an illegal network...

Well, here are a few thoughts:

  • Microsoft probably thoroughly reverse-engineered the botnet client code prior to seeking the court's assistance. Therefore, they have a very good understanding of the botnet's control algorithms. They probably derived those domain names and took those specific measures in response to their understanding of those algorithms.
  • For a botnet, hard-coding IP addresses could be riskier than DNS names. If someone is trying to shut you down, it's easier on their part to pick a specific set of IP addresses and (with cooperation of their respective ISPs) get them shut down or (without said cooperation) firewalled.
  • For a botnet, it's much faster and easier to change your IP address and update a DNS entry, leaving the botnet code alone. If you have to change those hard-coded addresses, you have to not only rebuild and push new code, but update every infected system (and any network admin on a legit controlled network knows that there can be issues with this). With the DNS entry they have a central point to update.
  • I'd not be surprised if Microsoft chose this specific botnet because it had a vulnerability that was within the reach of a court to address

As others have pointed out, this teaches every other botnet author a lesson on what can be done. The problem ain't solved by a longshot, but maybe the Internet is safe for another night (cue Batman music).

Re:Contingencies (0)

Anonymous Coward | more than 4 years ago | (#31271754)

Even if the control machines loose DNS resolution, might not the botnet be configured to fall back to connecting to well known IP addresses to accept commands? Seems like the logical thing to do if you are creating an illegal network...

What if it was a tight DNS resolution?

contingencies (1)

symes (835608) | more than 4 years ago | (#31271416)

Probably a one off - botnet designers will now write in contingencies so that access can be re-established in the event of visible domains being taken off-line. In fact - i'd be surprised if Waledac didn't rise from the dead.

Re:contingencies (1)

nacturation (646836) | more than 4 years ago | (#31271874)

I would have it passively scan well-known websites for hidden messages. For example, browse Slashdot at -1 and pick up posts which contained a specifically formatted payload. Once the message was decoded, verify the message's signature against a public key and execute the payload.

Or on places which allow for image uploading. Use steganography to embed the payload into the images. Or Twitter status messages... look for specific hashtags such as #flamewar or something relatively obscure then follow the URL for the payload. The payload could be obscured via steganography as well... imagine a Twitter status saying "Awesome flame war on this forum" and someone's sig contains an image with the payload embedded.

Tons of possibilities and there's no way you can take down every site or scan every hidden message.

Can they recover from this? (1, Insightful)

jonwil (467024) | more than 4 years ago | (#31271428)

Presumably if Microsoft have done their homework, they have identified every possible machine that these bots could try to contact to receive new instructions (such as new SPAM messages to send) and had VeriSign disable every domain name so it cant be registered or used.

Does this mean the botnet is dead?
If so, great. And lets hope people are working to repeat the excercise and block the domain names used for control of any other botnets that talk to specific servers by name for instructions.

most likely not dead (1)

someone1234 (830754) | more than 4 years ago | (#31271506)

If i was a botnet author, i would keep a list of my zombies and code the bots in a way they respond to a secret password.
Thus it doesn't really matter if a command center is down, i could just start a new one and it reclaims all orphaned zombies.

Cutting a few command centers is futile.
The only solution is to burn all zombies overnight and prevent reinfection.

Re:most likely not dead (1)

Tom (822) | more than 4 years ago | (#31271566)

If i was a botnet author, i would keep a list of my zombies

Which would leave a trace back to you, because that list has to be assembled somewhere.

Re:most likely not dead (0)

Anonymous Coward | more than 4 years ago | (#31271766)

Or some poor twats open wireless AP...

I'd say hand in geek card, but you have a triple digit ID, so instead I will give you solid bars of gold.

  _
/_\
Screw it, you're only getting one... maybe, i'm too lazy to bother fixing it. Please don't kill me.

Re:most likely not dead (1)

jonwil (467024) | more than 4 years ago | (#31271718)

Given the way these worms/trojans spread and the sort of PCs they are most likely to infect, even if you COULD compile a list of valid IP addresses its a good bet that those machines would be
A.No longer infected (because its been cleaned by the Windows Malicious Software Removal Tool or by anti-virus or by a re-image of the computer from a recovery partition/CD/DVD or a standard corporate disk image)
B.Firewalled off (corporate networks etc)
C.Running behind NAT (again corporate networks using NAT or home users with a router and a single world-routeable IP address from their ISP)
or D.Running on a different IP address (home broadband users with no computer know-how at all, a PC directly connected to the internet via a broadband modem in bridge mode, no firewall and a dynamic IP address assigned by their ISP are one of the biggest groups when it comes to bot infected PCs)
 

Methods - Ends Justify the Means? (-1, Flamebait)

Cyner (267154) | more than 4 years ago | (#31271436)

While I applaud all serious efforts to take down botnets; the fact that it was all done secretly by private corporations (and a little government nod) smacks of corporate warfare, and I have to wonder what kind of president this sets.

Re:Methods - Ends Justify the Means? (1)

BhaKi (1316335) | more than 4 years ago | (#31271472)

It's not "president". You probably meant "precedent".

Re:Methods - Ends Justify the Means? (4, Funny)

OzPeter (195038) | more than 4 years ago | (#31271814)

It's not "president". You probably meant "precedent".

No he really does mean "president". You see, now that Bill isn't there, Microsoft has this big tank of goop out in the back, and whenever they need a new VP to make a bold policy change they open a valve and flow the goop into a person shaped mould. Then they have to let it harden or "set". After which time they decant the new president and set him to work

Thus the OP was expressing his concern for the Zombie like creatures that this policy has brought to (semi) life

He must be a member of PETZ

Re:Methods - Ends Justify the Means? (0)

Anonymous Coward | more than 4 years ago | (#31271484)

I'm all for corporate warfare. It's what keeps our insurance rates high and phone contracts long.

Re:Methods - Ends Justify the Means? (0)

Anonymous Coward | more than 4 years ago | (#31271504)

While I applaud all serious efforts to take down botnets; the fact that it was all done secretly by private corporations (and a little government nod) smacks of corporate warfare, and I have to wonder what kind of president this sets.

A black one, apparently...

ZING! That's two puns in one, bitches!

Re:Methods - Ends Justify the Means? (0)

Anonymous Coward | more than 4 years ago | (#31271520)

Sets up the CEO more than the president I'd say.

Did you mean precedent by any chance?

Re:Methods - Ends Justify the Means? (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31271524)

... I have to wonder what kind of president this sets.

* gluing shut mouth to stop self from making lame jokes *

Nice job, but... (0)

gravyface (592485) | more than 4 years ago | (#31271508)

if Waledac's been so successful (and is still valuable), how hard would it be for the authors to push out some DNS hijacking hacks that quietly redirect those domains to another host?

Law Enforcement (-1)

mcelrath (8027) | more than 4 years ago | (#31271536)

Wouldn't it be nice if law enforcement successfully operated on the intertubes? Why does it take a lawsuit by Microsoft to perform this kind of action? Why does my mail server still have 95% of incoming mail criminal in nature?

A man can dream...

Re:Law Enforcement (0)

Anonymous Coward | more than 4 years ago | (#31271698)

What the fuck are you smoking? Do you really want trigger-happy law enforcement officers to shut domains down left and right with no judicial review whatsoever? Like oh let's say cryptome.org or wikileaks.org.

M$ did the right thing here--kudos to them.

Another Baby Step Towards Total Control (0, Troll)

Anonymous Coward | more than 4 years ago | (#31271540)

The internet is being taken over by Government and their corporate buddies.

Welcome to 1984.

Re:Another Baby Step Towards Total Control (1)

happy_place (632005) | more than 4 years ago | (#31271778)

In 1984 only the government owned the internet. It was called Darpa.

So much for "covert"... (1)

rclandrum (870572) | more than 4 years ago | (#31271556)

I wonder if the spammers follow Slashdot?

Re:So much for "covert"... (0)

Anonymous Coward | more than 4 years ago | (#31271636)

It was done on the 22nd of Feb, it's now the 25th... I don't think /. reporting the article 3 days later qualifies as spilling the beans... it's okay to talk about covert operations after they're over...

I have a feeling (1)

BhaKi (1316335) | more than 4 years ago | (#31271570)

that VeriSign is not going to approve.

drones (1)

Max_W (812974) | more than 4 years ago | (#31271582)

1,5 billions of spam messages per day. Multiply each message by 10 seconds of working time it takes to activate e-mail window and delete the spam-message, and it becomes clear what damage to the word economy it brings. Let alone disrupted work-flow.

It is the weapon of mass economic destruction.

Such spammers should be warned, once, twice, and if they do not cool down a drone should come above their building and shoot a "Hellfire" missile right into the server room.

Or at least black-clad agents should enter the server room and sprinkle some special solution into the spam-servers, which becomes conductive after some time and shortcut.

This I would call a mild government response.

Deactivated? (2, Insightful)

gmuslera (3436) | more than 4 years ago | (#31271588)

New set of domains acquired and botnet spamming again in 3..2..1..

Secret courts, secret orders, ... (1, Insightful)

J'raxis (248192) | more than 4 years ago | (#31271594)

So Microsoft secretly filed a suit against 27 unnamed individuals, and got a secret order taking 277 domain names away from them, all based on a mere accusation.

Oh, but since we're fighting spam, I guess that's okay.

Wait until Microsoft starts doing this to go after copyright violations. Will y'all be cheering then?

Re:Secret courts, secret orders, ... (1)

flimflammer (956759) | more than 4 years ago | (#31271886)

First of all, I doubt it was strictly "They're doing something bad; can we put a stop to it?"

Second, do you own the world supply of tin foil? Spread the wealth, my good man.

Re:Secret courts, secret orders, ... (1, Insightful)

nacturation (646836) | more than 4 years ago | (#31271916)

So Microsoft secretly filed a suit against 27 unnamed individuals, and got a secret order taking 277 domain names away from them, all based on a mere accusation.

I take it you've read the court proceedings and are intimately familiar with the evidence Microsoft presented before the judge?

Re:Secret courts, secret orders, ... (1)

mindstrm (20013) | more than 4 years ago | (#31271936)

I agree - very slippery slope - but it seems very logical in this case - I'm wrestling with how I feel about that.

The domains were suspended, not taken away - presumably a legitimate owner can get the domain back with no problem (it is a requirement that your registration information be legitimate, and the owner exists. Had the domains had proper registered owners, that information would have been public and the owners could have been hit legally, directly.

99% of Businesses Fail Because? (2, Funny)

LifesABeach (234436) | more than 4 years ago | (#31271596)

No one knows they exist.

And sometimes, that's a good thing...

A new business model for MS (-1, Troll)

Noughmad (1044096) | more than 4 years ago | (#31271736)

1. Write crappy software 2. Wait for it to get taken over by botnets 3. Sue to get the infected machines off the internet 4. ??? 5. Profit!

I must have missed the memo (4, Funny)

OzPeter (195038) | more than 4 years ago | (#31271756)

Is today the day we like Microsoft?? I just want to make sure I have that right. Its not some trick to cover them acting like vigilantes is it??

Standing (1)

Adrian Lopez (2615) | more than 4 years ago | (#31271788)

As glad as I am when botnets are crippled or shut down, I can't help but ask: Why is Microsoft the one pursuing this in court, rather than the government? Under what legal principle does Microsoft, a private corporation, have standing to sue for control of these domain names?

Re:Standing (1)

tnk1 (899206) | more than 4 years ago | (#31271854)

You must have missed where Microsoft bought out the government. Please report to your local Microsoft (Re)Education Center for more details. Bring your passport.

Has anyone else noticed... (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31271900)

that "secret" and "covert" might not be the right choice of words since Microsoft blogged about the whole thing?

In the words of Inigo Montoya: "You keep using that word. I do not think it means what you think it means."

mod parent up (1)

argent (18001) | more than 4 years ago | (#31271934)

I was going to say...

Cyber war initiated by DOJ (3, Interesting)

RichMan (8097) | more than 4 years ago | (#31271922)

At least that is what the headline could be. Disabling foreign internet service is a big deal.

Could be a serves them right for registering as .com rather than .country. But this is one branch of the US government disabling some foreign infrastructure.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?