Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Conducts Massive Botnet Takedown Action

Soulskill posted more than 3 years ago | from the practice-for-fighting-skynet dept.

Botnet 302

h4rm0ny writes "Microsoft, in cooperation with Federal agents, conducted what the Wall Street Journal described as 'sweeping legal attacks' as they entered facilities in Kansas City, Scranton, Pa, Denver, Dallas, Chicago, Seattle and Columbus, Ohio to seize alleged 'command and control' machines for the Rustock botnet — described as the largest source of spam in the world. The operation is intended to 'decapitate' the botnet, preventing the seized machines from sending orders to suborned PCs around the world."

cancel ×

302 comments

Sorry! There are no comments related to the filter you selected.

Microsoft helps the internet (4, Insightful)

viablos (2018696) | more than 3 years ago | (#35528524)

I think this shows that Microsoft cares about the internet. It's not really Microsoft's problem, but they still help to solve it. Fact is, you cannot change stupid people and they will get their computers infected no matter what. Windows 7 is just as secure as Mac OSX or Linux, but it's the users what is the problem. Good job Microsoft, for taking care of the internet.

Re:Microsoft helps the internet (3, Insightful)

ledow (319597) | more than 3 years ago | (#35528602)

"It's not really Microsoft's problem, but they still help to solve it."

Wiki says: The Rustock botnet (founded around 2006) is a botnet that consists of an estimated 150,000 computers running Microsoft Windows.

It could be suggested that, at some level, it *IS* a Microsoft problem, in the same way that it would be Nintendo's problem if everyone's Wii suddenly started joining a botnet. Yeah, partly the user and partly the malware author, but also quite a bit the OS insecurity too.

Re:Microsoft helps the internet (2, Insightful)

Phoshi (1857806) | more than 3 years ago | (#35528638)

Except that you can have as much security as you want, but there'll still always be people who click yes to every message box because they want... I dunno, whatever the craze is these days. 100 free animated cursors or whatever. It's not the fault of people like us, who would know how to spot a botnet, it's the fault of people that don't know, and don't care. The same would happen on *nix if you had huge quantities of people who would give anything and everything root just because it asked. What MS really need to do is educate people - instead of an intimidating dialogue that says "DO YOU WANT TO ALLOW THIS YES | NO" there needs to be an explanation of the consequences.

Re:Microsoft helps the internet (2)

AJH16 (940784) | more than 3 years ago | (#35528704)

They have started doing this but it still doesn't matter. I watched my brother in law launch a virus directly before I could say anything. The dialog popped up explaining the risk quite clearly and he just clicked yes without even reading it.

Re:Microsoft helps the internet (3, Insightful)

Buggz (1187173) | more than 3 years ago | (#35528722)

What MS really need to do is educate people - instead of an intimidating dialogue that says "DO YOU WANT TO ALLOW THIS YES | NO" there needs to be an explanation of the consequences.

If they don't care, they don't read it. For those people, any kind of message box is in the way of them getting to what they wanted to do and thus they click on YES just to get rid of the it.

Re:Microsoft helps the internet (0)

h4rm0ny (722443) | more than 3 years ago | (#35528770)

What MS really need to do is educate people - instead of an intimidating dialogue that says "DO YOU WANT TO ALLOW THIS YES | NO" there needs to be an explanation of the consequences.

If they ever do that, I'm going to write a virus which replaces the "OK" box with a "TL;DR" box, just to prove a point. I'd bet 80% of the computers it reached would fall victim in the brief period before the anti-virus programs updated and killed it.

Re:Microsoft helps the internet (3, Insightful)

Joce640k (829181) | more than 3 years ago | (#35528676)

How can you secure an OS against users who click "yes"?

Windows is already a total pain in the butt trying to nanny/protect people but it's made no difference whatsoever to the amount of spam arriving here.

Re:Microsoft helps the internet (5, Insightful)

Bert64 (520050) | more than 3 years ago | (#35528734)

Make cut down systems with limited functions aimed at end users (eg ipad), this will serve end users much better since they no longer have to worry about the complexity of a general purpose os...

Advanced users can still use more complex computers, on the basis that advanced users are far less likely to fall for social engineering tricks, you don't see many such attacks aimed at people using a cli based unix system.

Too true (4, Insightful)

Kupfernigk (1190345) | more than 3 years ago | (#35528932)

I completely agree. For the great majority of users, computers have become just too complicated and confusing to operate, and the great majority of users are also stupid. Microsoft is part of the problem because, in its effort to gain consumer market share, it has just allowed those users to do far too much, in ignorance.

The same thing happened with cars; when they were rare and and expensive, the people who bought them either employed someone to drive them or were sufficiently interested to learn to do it properly themselves. When the mass market really took off, driving licences followed, along with compulsory insurance. But, at the same time, the "user interface" got simplified and standardised.

The iPad, or a laptop equivalent, is what most people actually want. But Microsoft's entire consumer business model is currently based around not giving it to them. It looks as if we are going to have to rely (currently) on Apple, HP and perhaps Motorola to come up with a reasonably secure solution to letting the monkeys into the banana plantation, since most of us are never going to be in a position to force them to use Windows 7 with a non-Administrator account.

Re:Too true (2, Insightful)

ciderbrew (1860166) | more than 3 years ago | (#35529114)

I would mod you troll or flamebait for a comment like "great majority of users are also stupid"; but the rest of what you wrote is right. These people are not stupid, they just have interests other than computers. I've no idea what that may be; but they seem to have them.

Re:Too true (4, Insightful)

recoiledsnake (879048) | more than 3 years ago | (#35529164)

I completely agree. For the great majority of users, computers have become just too complicated and confusing to operate, and the great majority of users are also stupid. Microsoft is part of the problem because, in its effort to gain consumer market share, it has just allowed those users to do far too much, in ignorance.

The same thing happened with cars; when they were rare and and expensive, the people who bought them either employed someone to drive them or were sufficiently interested to learn to do it properly themselves. When the mass market really took off, driving licences followed, along with compulsory insurance. But, at the same time, the "user interface" got simplified and standardised.

The iPad, or a laptop equivalent, is what most people actually want. But Microsoft's entire consumer business model is currently based around not giving it to them. It looks as if we are going to have to rely (currently) on Apple, HP and perhaps Motorola to come up with a reasonably secure solution to letting the monkeys into the banana plantation, since most of us are never going to be in a position to force them to use Windows 7 with a non-Administrator account.

I call BS. Anytime MS even tries to look at that route, Slashdot screams bloody murder.

Read the comments:

http://tech.slashdot.org/article.pl?sid=09/02/16/2259257 [slashdot.org]
http://it.slashdot.org/story/08/07/30/204241/Dual-Boot-Not-Trusted-Rejected-By-Vista-SP1 [slashdot.org]

And the iPad comes with a 30% tax on developers and services like Netflix which they or users have to pay. Do you want a future where companies can reject their competitors' apps 'just because' ? See what happened to Google Voice on the app store, and how an Android magazine app was banned. Do you really want to go that route? There would be no Firefox or Chrome, or even podcast players for 'duplicating functionality' because that would confuse users.

Re:Too true (1)

Anonymous Coward | more than 3 years ago | (#35529182)

Have you ever tried using Windows with a non-administrator account? I do it on my living room PC - it's a miserable existence with catch 22 update scenarios where you must be an administrator to do something, so you have to log out, log in as admin, give the account admin access, log out, log in to the temporarily admin enabled account, do the update, reboot, log out, log in as admin, remove admin access from the account, log out and log in again... once a week if you keep up with all the updates.

Wonder why people don't keep up with all their updates?

Re:Too true (0)

Anonymous Coward | more than 3 years ago | (#35529262)

perhaps 'they' are stupid, but they won't stand being treated as such. ipad type of walled garden wouldn't allow warez and many other things. TPM is not a solution.

Re:Too true (5, Insightful)

h4rm0ny (722443) | more than 3 years ago | (#35529264)

For the great majority of users, computers have become just too complicated and confusing to operate,

I think a part of that is people just don't accept that they have to learn how to use a computer. If they actually accepted that maybe they couldn't just sit in front of this complicated piece of equipment and magically do everything, then perhaps they'd take a few moments to think or read about it and then it wouldn't be so complicated and confusing to them.

There was someone extremely irritating at a place I worked some years ago, who asked me to help them line up the paragraphs in Word (some older version than the latest). After helpfully pressing a few buttons to line things up on the left again, accompanied by the cooing wonder of this ...person... and their inane comments of "oh, I'm so bad at computers", I made the mistake of pointing out the Help option in Word and saying: "you know, there's documentation on this. It would be worth taking an hour to read through it all.". Instant snappy nastiness ensued. I seemed to have called them a liar when they said that they were bad with computers and somehow implied that it was their fault. Goodness me! How dare I?

If someone who uses Word every working day of their life can't be bothered to spend an hour (less, really) reading through a little bit of documentation or a tutorial, then what hope is there? Must we all suffer from locked down, dumbed down systems because some people expect everything in life to be super-easy?

I see the point you're making. I fully understand it. But those of us who actually use our brains despise a looming future in a world where we're not able to because some people might injure themselves if they tried.

Re:Microsoft helps the internet (2, Informative)

ledow (319597) | more than 3 years ago | (#35529334)

Don't give them the option to click Yes to incredibly stupid things like "Run this program every time I start my computer, with no easy way to monitor it or stop it from loading" (the latest one I've seen is viruses that replace the user's shell value in the registry - somewhere not listed in startup lists - and then re-execute explorer).

Or "Allow this program to spam the hell out of everyone with no controls on what they are doing on the Internet on SMTP ports and whatever it likes, as much as it likes, with no easy way of knowing what's accessing the Internet from my PC"

Or "Allow this program to hide itself in the filesystem once it's loaded by overriding certain function hooks" - even if you ARE admin.

And if the user DOES click Yes, make it easy to remove that privilege later, i.e. don't have antivirus controls which are basically stuck because they CAN'T remove a file with that particular permissioning, or sometimes can't even see it in the filesystem, or can't remove it because when they do the process just recreates it immediately, or has two processes watching and respawning each other which can't be killed simultaneously.

The problem is Windows security is NOT people running in an account with the ability to install programs. It's the OS not providing a way to recover from bad decisions and separating "user" and "admin" too much. Most users *are* admins of their machines and need to install, remove, manage stuff. But they do NOT need the ability to install a filesystem hook except once in a blue moon. And anything they install should NOT affect other users at all. "User" needs to become a lot more powerful, and a lot more isolated from other users, while still requiring admin rights (and then make it truly impossible to execute things as admin without logging on as that directly - and make the "admin" account USELESS for day-to-day-use, no browser or shortcut access should do the trick).

And this is why MS decided LAST WEEK to turn off Autorun in XP by default. Duh. The setting that ANYONE with a brain has had switched off since day one (i.e. ten YEARS ago). That was a bad decision all along, even if it "helped" users (doesn't help anyone I know, because they click "Remember this" the first time and then never see the dialog again and then wonder why their DVD's only ever open in Media Player rather than PowerDVD, etc.)

MS are supposed to have dozens of usability and interface guys. I've yet to see a single convincing example of this - most of their stuff is just useless eye-candy that people can't grasp without being shown by someone who knows.

Re:Microsoft helps the internet (1)

h4rm0ny (722443) | more than 3 years ago | (#35528742)

It is a MS problem to some extent because there's still a heck of a lot of XP installs out there. In a sense, we're still paying for past wrongs. Even with XP, it's still primarily the users fault (I looked after some XP boxes for others and they were always fine), but it's security model wasn't as good as any Linux distro you care to name. With Windows 7 though, they're equivalent. The only difference is that most Linux distros will ask you to enter your password and click OK, whilst Windows 7 will display a big yellow-topped box and just ask you if you're sure. But in either case, both OS's have reached the stage where there's little more you can do to secure the system without reaching the point where you're taking control of the OS away from the user. And the latter is a whole other debate.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35529166)

The model is mostly the same. The default configuration is what was changed.

(UAC is almost a simple UI change from Run As...

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35529364)

No, you really have that wrong. It is entirely on the user. If the users had automatic updating on (or installed updates themselves every month) then they would not be infected. MS has a malicious software removal tool that comes out with their patches and updates every month that would remove this. These users are just like car owners who never change their oil. They are the ones not allowing Microsoft to maintain the machine for them so they have taken on the responsibility themselves and abrogated it. It is totally on them.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35528612)

Yes. This is conclusive proof that Windows users are more prone to getting their machines infected than Mac or Linux users.
Glad we got to the bottom of that.

Re:Microsoft helps the internet (0)

cpu6502 (1960974) | more than 3 years ago | (#35528624)

If Windows NT 6.1 (seven) is secure, how can the users cause problems?

And why don't users of OS X or Ubuntu Linux cause similar havoc with viruses/spybots? Perhaps because X and L are better designed.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35528674)

Perhaps it is because their marketshare is so low that no one bother writing viruses for them.

Re:Microsoft helps the internet (3, Interesting)

Bert64 (520050) | more than 3 years ago | (#35528794)

Linux marketshare is huge everywhere but the desktop...

Supercomputers - 80-90% linux, who wouldnt want to hack into a top500 supercomputer?
Phones - android linux, iphone running an osx derivative..
Servers - linux is pretty big in the server market, servers make far more attractive targets for hackers since they're usually more powerful and have more bandwidth.
Embedded - linux is pretty big in the embedded market too, lots of networking equipment runs linux, lots of pvr devices too, ip telephony handsets, all kinds of stuff.

In terms of overall installs, i wouldn't be surprised to find that linux actually outnumbers windows quite considerably.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35528908)

The thing you are missing is that in most of those cases, there isn't going to be an idiot clicking "Yes, please give me a virus because I have no idea what I am doing." Besides, doesn't Android already have malware? I'm pretty sure there's been a few articles in the last month or so about it.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35528988)

WHAT!!?? how does that have any bearing on the discussion? How many people download animated cursors or screen savers or browse facebook or twitter on a fucking super computer or server?! how many end users have servers or super computers? I bet the ratio of servers on the net to desktops is staggering. not to mention these machines are usually under the control of competent admins and behind corporate firewalls. I would love to put grandma and grandpa behind a $10k plus Palo-Alto pa-2020 I'm sure they would pretty safe with that. The problem is uneducated users make up the vast majority of the web and for reasons unknown to the educated users they tend to all gravitate towards Windows. I understand that you were trying to make the point that linux is everywhere but it has nothing to do with this. They don't write the virus's for the OS they write them for the user and the users they are targeting happen to be on Windows.

Re:Microsoft helps the internet (2)

AJH16 (940784) | more than 3 years ago | (#35528736)

Or perhaps because the users are more educated in general and less viruses target them as they are not the lions share of systems out there. Unless you make it impossible for a user to run programs on their system, a virus will always be able to ask nicely on any system and get a user to run it because users are idiots. (In general principal) when it comes to technology. One system may be more difficult to exploit than another, but a large percentage of virus infections really are not even based on exploits, but rather simply making users do stupid things.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35529136)

Or perhaps because the users are more educated in general...

cpu said Mac users AND Linux users, not OR.

Re:Microsoft helps the internet (1)

heathen_01 (1191043) | more than 3 years ago | (#35529318)

Yes, users may be idiots but I don't think that this is the problem here. I place the blame with Microsoft. You'll probably never achieve a completely secure system, however Microsoft could have done many things to vastly minimise the problem. With all their experience and money the best they could come up with is a completely unhelpful warning box "warning this programs wants to make modifications. ok. cancel.". How is a normal user ever going to know if that is a safe operation or not? If they always choose cancel they may as well toss the pc out as it will never have anything running on it.

Even if Microsoft didn't have any novel ideas of their own they could take a look around. Well before vista there were many examples such as: sandboxes; installs handled by the OS (instead of running an exe to install); application stores. As well as this the OS could offer further help the user by fine grained permissions when installing. For example: Permission to run at startup; Permission to access the internet; Permission to read/write to various file system locations. Further more for "power users" benefit the OS could also track and display exactly what a application is doing, especially with regard to read/writes and network activity.

Assuming that you had an OS with these features the standard attack vectors would be greatly reduced. Of course "Make it idiot-proof, and someone will make a better idiot". However you should be trying to empower users with the information to make the correct choice and not just throw up stupid dialog boxes for every piece of software and desensitise the user.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35528804)

Only a moron would think that an OS can stop spam from coming to your inbox. This story is about stopping a network of spam, nothing was mentioned that they are only seizing PC's with Windows installed. If I wanted to push spam on the world most likely I would set up a Linux server to push my bots and virii (I would want to do that efficiently at least).

Also, if 100% of the world was using Windows 7, the problem may not be so great, but at least 60% of the world is still stuck on Windows XP and below, and a large percentage of those people do not apply security patches or service packs. So while I agree that Microsoft is responsible for releasing previously non-secure OS'es, they are taking huge steps to lock down security on new Windows versions, but they can only do so much. There is so much FUD about Windows out their that it causes people to be skeptical about everything Microsoft does, when all they are really doing is making their products designed better.

There are still tonnes of security patches for X and L, if they were so well designed, then why do I get a weekly security update for X?

Re:Microsoft helps the internet (1)

The MAZZTer (911996) | more than 3 years ago | (#35528632)

Don't forget that botnets that infect Windows machines make Microsoft look bad, so they do have a personal interest in taking them down.

Re:Microsoft helps the internet (1, Informative)

realityimpaired (1668397) | more than 3 years ago | (#35528636)

It really is Microsoft's problem. The majority of the systems in the compromised botnet are running their software, and since they don't allow their customers to upgrade to Win7 for free, they're still responsible for patching security holes in old systems. If they have in any way made it difficult to apply these updates, or if they're discouraging people from applying these updates (WGA anybody?), then they're directly responsible for the insecurity of these systems.

That they're helping to track and destroy these networks does make them a good corporate citizen, but I would hesitate to suggest that it's not their problem.

Re:Microsoft helps the internet (1)

Anonymous Coward | more than 3 years ago | (#35528700)

Interesting point. "Oh, everyone, IE6 is now Officially Bad, so everyone upgrade to IE9 NOW! No, not you with the Windows XP, you need to pay us for a new copy of Win7 first." Indeed MSFT is responsible, at the minimum, for sitting on its hands W/R/T IE6, going "there is no security problem la la la I can't hear you" for __years__.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35529158)

Huh, I guess its really a shame that MS stopped offering updates for the more secure and better performing IE8 on XP. Oh, they didn't? Huh.

Re:Microsoft helps the internet (1)

piripiri (1476949) | more than 3 years ago | (#35528954)

But isn't it pointless to 'decapitate' zombies?

Re:Microsoft helps the internet (1)

recoiledsnake (879048) | more than 3 years ago | (#35529198)

> they're still responsible for patching security holes in old systems.

What security holes in which old systems are unpatched? WGA doesn't stop security updates, MS even provides known pirated machines security. Stop spouting BS.

Put up or shut up (0)

Anonymous Coward | more than 3 years ago | (#35529274)

It really is Microsoft's problem. The majority of the systems in the compromised botnet are running their software, and since they don't allow their customers to upgrade to Win7 for free, they're still responsible for patching security holes in old systems.

Yeah they're running MS software. So what?

Please provide some evidence that suggests that in this particular case of this particular botnet the vast majority of the systems were infected because of bugs in Microsoft code and not because of bugs in acrobat, flash, java, etc.

Re:Microsoft helps the internet (3, Insightful)

Bert64 (520050) | more than 3 years ago | (#35528706)

Sure, you cannot change stupid people but you can make it more difficult for their stupidity to be exploited...
Similarly windows 7 may be better than previous versions, but it's no magic bullet and does nothing to remove all the existing old versions out there either...

MS are directly responsible for many insecure design decisions and technologies which make it easier for malware, such things as hiding file extensions by default while relying on file extensions to determine executability, activex, allowing/encouraging users to run with admin privileges by default, having extremely complex network services (msrpc, netbios etc) running by default even on standalone workstations, making it simple to execute email attachments, using obfuscated file formats which make it easier for malicious code to hide, automatically executing programs when removable media is inserted, no centralised way to update third party applications... not to mention an os which is insanely complex and containing years and years worth of cruft giving huge numbers of places for bugs to hide and often making it more difficult to fix them.

Sure, malware would still exist if linux or macos were the most common end user platform, but i don't believe the problem would be as serious as it is with windows.

Re:Microsoft helps the internet (2)

Nimey (114278) | more than 3 years ago | (#35528872)

Occam's Razor: more likely they're tired of dealing with spam going to Hotmail/Live, and this is an expedient way to reduce it.

Re:Microsoft helps the internet (0)

Anonymous Coward | more than 3 years ago | (#35528990)

Or that taking down botnets that exploit security vulnerabilities found in Windows, makes for better Windows! :)

If you can't secure your own house, you might as well go attack the enemy elsewhere.

Re:Microsoft helps the internet (1)

Seumas (6865) | more than 3 years ago | (#35529108)

You mean, it shows that the government spends resources and tax payer money helping Microsoft clean up its problem (Windows botnets) that any user can protect themselves against fairly simply.

Re:Microsoft helps the internet (1)

Herkum01 (592704) | more than 3 years ago | (#35529418)

I think it says, that "Law Enforcement" does not have the technical abilities nor a direct interest in taking a lead in these sorts of operations.

It also concerns me because the government is turning to corporations to take the lead. This is how corporate entities, like the RIAA and MPAA, gain overwhelming political power to push their agenda. We just get a a government that becomes an extension of a corporations will.

Private Corporations (2, Insightful)

damicatz (711271) | more than 3 years ago | (#35528526)

Since when do private corporations get to conduct raids and other police actions?

Re:Private Corporations (1)

maxume (22995) | more than 3 years ago | (#35528558)

What they do is they cooperate with federal agents.

There is plenty of room for that to be improper, but there is also lots of room for it to be like the federal agents are using the Microsoft people as consultants.

Re:Private Corporations (2)

damicatz (711271) | more than 3 years ago | (#35528588)

Cooperating on the sidelines is one thing but it is improper to have Microsoft employees actively participating in the execution of a warrant. The proper thing to do would be to have the federal agents seize the computers and then hand them over to Microsoft. The last thing this country needs is for corporations to be given police powers.

Re:Private Corporations (2, Informative)

Anonymous Coward | more than 3 years ago | (#35528668)

I've done this (gone on a "hacker" bust with the Secret Service). At that time, the feds would serve the warrant, do a lot of documentation (videos, photos, etc.). and the technical consultant would take apart the hardware (under supervision of agents) and do forensics.

It's not like MIcrosoft would bust in doors. Educated guess: They're providing technical know-how that the feds lack.

Re:Private Corporations (1)

somersault (912633) | more than 3 years ago | (#35529070)

*chair flies through the front door*

Ohshit it's STEVE!! Run, everyone! We just have to get outside - he'll get out of breath after 20 metres of monkey skipping!

Re:Private Corporations (1, Flamebait)

JustOK (667959) | more than 3 years ago | (#35529076)

MS wouldn't bust down doors. It's too easy to get in thru teh windowz

Re:Private Corporations (1)

maxume (22995) | more than 3 years ago | (#35528698)

I'd rather have the Microsoft people participating in a raid led by a federal agent than I would have the federal people turn the computers directly over to Microsoft after seizing them.

Re:Private Corporations (3, Informative)

mikael_j (106439) | more than 3 years ago | (#35528702)

I'll admit that I haven't read TFA but I don't see any problem with MS (or other companies' employees for that matter) joining the police in the raid to make sure it doesn't turn out like the raid against TPB here in Sweden (where the cops basically raided the datacenter and took pretty much every machine they found, turned out that the vast majority of those machines weren't related to TPB and were in fact owned or rented by various businesses who were not all that happy about the cops being unable to just grab the machines they were looking for).

Re:Private Corporations (1)

Artifakt (700173) | more than 3 years ago | (#35528874)

There are certainly circumstances where a non law enforcement person is an active part of serving a warrant, and should be. For example, a chemical or explosives expert going along to identify unknown substances in a drug lab or suspected bomb factory raid. I could see a Microsoft employee going along just to identify what machines were capable of running the bot and what peripherals might be capable of storing a copy, so the law enforcement agents didn't seize any business equipment that couldn't possibly support the bot. Lessening damage to the people whose assets were seized is an appropriate civilian role. (although not necessarily the role Microsoft employees played). The real thing needed here isn't a concrete barrier preventing all civilian involvement but a good way for the general public to verify that the involvement didn't violate anyone's civil rights (or secondarily to rights issues, waste taxpayer money helping enforce something that really should be a civil matter).
        With this said, I keep wondering why companies are so willing to cooperate and link themselves with law enforcement. The average citizen can and will argue over whether a company has become merely an arm of the police state, whether there are still limits and safeguards, but just picture what a bunch of real nutcase terrorists would decide. To the extreme radicals, a company that cooperates enough with the FBI or DEA becomes merely another arm of the octopus they want to destroy. And once the fringe group takes that position, they are left with the interesting problem - do they physically attack a bunch of armed federal employees who are well trained in the use of force or do they attack an arm which is much softer and more vulnerable to physical violence? Why would an ISP, for example, cooperate uncritically with the CIA, when anybody wanting 'retribution' can then target them a lot easier than their 'government masters'? For companies especially, if you're going to get involved in armed disputes with nutcases, you might want to think about how the surviving nutcases will react.

Re:Private Corporations (1)

somersault (912633) | more than 3 years ago | (#35529100)

SHHHHHHHHHHHHHH!! Hey Microsoft, keep up the good work, I look forward to you further aggravating terro.. uh, saving the world!

Re:Private Corporations (0)

Anonymous Coward | more than 3 years ago | (#35528594)

Since when do private corporations get to conduct raids and other police actions?

When actions are being committed that are in violation of a EULA, or ANY other legal mumbo-jumbo that NO ONE reads when installing software, etc. If you used Lysol as the active ingredient in making a new type of explosive device Reckitt Benckiser North America would probably do the same, since you were using their product in a manner inconsistent with its specified intent.

And no one dare give any of the "It's MY PC, I will use it however I choose!" bullshit. The EULA CLEARLY states the contrary.

Re:Private Corporations (2)

damicatz (711271) | more than 3 years ago | (#35528664)

That still doesn't give corporations the constitutional authority to conduct their own raids. If they wish to file a civil action against the EULA violation, that is one thing. And then they can get a court order to seize the computers for their own discovery process. The enforcement of the court order, however, should be carried about by law enforcement officials, not by a private security force. After the law enforcement officials seize the computers pursuant to the court order, they can then turn them over for discovery.

Re:Private Corporations (2)

h4rm0ny (722443) | more than 3 years ago | (#35528862)

And no one dare give any of the "It's MY PC, I will use it however I choose!" bullshit. The EULA CLEARLY states the contrary.

Are you serious? EULA's don't contradict the laws of the land. If I break the terms of a EULA, then the company can go to the courts to seek redress, but they'd better not try kicking down my door and coming after my computer. In this instance, it's probably a red herring because the Feds probably needed Microsoft's assistance and it was at the Fed's invitation. But your proposal that EULA violations should empower corporations with Super Viglante Powers of Justice is either silly or scary depending on whether anyone else agrees with you.

Re:Private Corporations (1)

andrea.sartori (1603543) | more than 3 years ago | (#35528600)

According to TFA, "Microsoft launched the raids as part of a civil lawsuit", "U.S. marshals accompanied employees of Microsoft's digital crimes unit", and "Microsoft officials brought with them a federal court order granting them permission to seize computers". I'm afraid this doesn't really answer your question, but it looks like it's suggesting that a) the computers were actually seized by the feds, and b) TFA is copypasta from a Microsoft press release.

Re:Private Corporations (1)

Dunbal (464142) | more than 3 years ago | (#35528614)

You missed the "in co-operation with federal agents" part, huh?

Re:Private Corporations (1)

Quantus347 (1220456) | more than 3 years ago | (#35528720)

Since Microsoft people are the ones with the knowledge and resources to make the raid actually successful and a US Marshall realized they didn't. Hence the cooperation.

It's not a kick the door down and handcuff the drug-dealers sort of raid. Its a highly technical and fragile situation; the slightest misunderstood keystroke, unplugged wire etc. could destroy all the evidence they hoped to gather. If you were conducting a raid on a warehouse making bio-weapons instead of cyber-weapons, would you rather have the world leader in Bioengineering making the decisions, or whatever agent they can find that had a minor in that before going into law enforcement.

Despite that, I imagine it was the US Marshals waving the warrants around and not the Microsoft employees, as the article makes it sound.

Re:Private Corporations (1)

cpu6502 (1960974) | more than 3 years ago | (#35528728)

- "Microsoft officials brought with them a federal court order granting them permission to seize computers"

Sounds like corporatism to me. A hundred years ago in a small country called Italy, it was called a different word, starting with "F".

No (4, Informative)

Kupfernigk (1190345) | more than 3 years ago | (#35528976)

It was under 90 years ago, and in any case the point there was that corporations were part of the State. In this case, the corporation applied to the Government for authorisation and the police supervised it. Under Fascism, the Government would have instructed Microsoft to carry out the raid. See the difference?

Perhaps you should upgrade your nick to a more modern CPU.

Re:Private Corporations (0)

Anonymous Coward | more than 3 years ago | (#35529044)

Fettucini?

Re:Private Corporations (1)

trollertron3000 (1940942) | more than 3 years ago | (#35528764)

That all started back in 1997 when slashdotters stopped reading the fucking articles.

Re:Private Corporations (1)

tist (1086039) | more than 3 years ago | (#35529012)

Like this (From the Article): "The Microsoft officials brought with them a federal court order granting them permission to seize computers" That wasn't too hard to figure out now was it?

Re:Private Corporations (1)

Megane (129182) | more than 3 years ago | (#35529080)

When the spammers offer to sell counterfeit copies of Microsoft software? It's not all V!@gr0 spam, you know. Now if only Pfizer would care enough to go after spammers wholesale like that.

Who "entered" the facilities? (0)

MetalliQaZ (539913) | more than 3 years ago | (#35528562)

Summary seems to indicate that Microsoft carried out the action. I hope that isn't the case.

Re:Who "entered" the facilities? (2)

dreemernj (859414) | more than 3 years ago | (#35528640)

From TFA:

As part of that dragnet, U.S. marshals accompanied employees of Microsoft's digital crimes unit into Internet hosting facilities in Kansas City, Mo.; Scranton, Pa; Denver; Dallas; Chicago; Seattle and Columbus, Ohio. The Microsoft officials brought with them a federal court order granting them permission to seize computers within the facilities alleged to be "command-and-control" machines, through which the operators of the Rustock botnet broadcast instructions to their army of infected computers, estimated by Microsoft at more than one million machines world-wide.

Re:Who "entered" the facilities? (4, Informative)

Attila Dimedici (1036002) | more than 3 years ago | (#35528648)

The summary is actually reasonably worded for a change (although not entirely accurate). This raid happened as part of a civil lawsuit filed by Microsoft againt the operators of this botnet. Microsoft obtained a court order for the seizure of certain computers within these various facilities. They sent out a taskforce who were accompanied by U.S. Marshalls. This appears to be a perfectly legitimate action where Microsoft presented sufficient evidence in court to seize these assets and then worked with law enforcement to do so.

that's a good one (0)

Anonymous Coward | more than 3 years ago | (#35528670)

That's so awesome. Call in the Microsoft Air Force! They have the dough too. I always wondered if Ballmer has a "special" chemistry lab deep in the Microsoft "black projects" research area which creates chemicals to fuel him!

Re:Who "entered" the facilities? (3, Informative)

Medinos (2020312) | more than 3 years ago | (#35528688)

I was once in an office raided by the FDA and local police. The person who was working with them on the case walked in behind and showed them what they needed. So if Microsoft was any part of the raiding party, their representative simply walked in behind them and did any "consultant work" that was requested by the authorities.

YAY! I mean BOO microsoft! I mean YAY! good work! (1, Redundant)

commodore6502 (1981532) | more than 3 years ago | (#35528586)

I am torn.

I don't like Microsoft. Not since they killed-off my favorite software (WordPerfect, DR-DOS) and companies (Atari,Commodore,Netscape) and other tactics that led to the US and EU suing them.

But I don't like spam either. It fills-up my yahoo inbox with all kinds of shit. I guess overall, Microsoft's killing of the botnet is a good thing. Yay Microsoft. (cough)

Re:YAY! I mean BOO microsoft! I mean YAY! good wor (1)

h4rm0ny (722443) | more than 3 years ago | (#35528970)

Perhaps you should total up the good and bad deeds MS do (quantifying your feelings of loss for WordPerfect et al as appropriate) and pro-rata your emnity. So for example, on 350 days of the year, you might damn MS on Slashdot, but on the remaining 15 days of the year, you refrain or post about the Gates Foundations charity donations or something.

I guess on leap years, you could get an extra day to go out and not post on Slashdot or something. ;)

An innocent guy was arrested as usual. (-1, Troll)

happyslasher2 (2019574) | more than 3 years ago | (#35528590)

All these crackdowns will do nothing, unless we educate the users
or make it mandatory to pass a test before allowed in front of computer.
Read details in his blog [blog.com]

Re:An innocent guy was arrested as usual. (1)

andrea.sartori (1603543) | more than 3 years ago | (#35528666)

I bet it links to goatse. Was it part of the test?

Re:An innocent guy was arrested as usual. (1)

cpu6502 (1960974) | more than 3 years ago | (#35528798)

You're a bastard. You should have labeled it "NSFW" or "nudity" rather than than to get people fired off their jobs.

Re:An innocent guy was arrested as usual. (1)

Dan541 (1032000) | more than 3 years ago | (#35529104)

Perhaps you shouldn't be reading /. at work!

Just a thought.

Ummm (1)

Dunbal (464142) | more than 3 years ago | (#35528604)

I mean ok, I appreciate the effort and it makes sense to go after the control machines. But if a huge number of compromised machines are still out in the wild as dormant zombies, all it takes is for someone to find out how to reactivate them and we're back to square one.

Re:Ummm (1)

ErroneousBee (611028) | more than 3 years ago | (#35528758)

Oh, you don't have to worry about that. Microsoft have definitely cleaned up all the possible botnet controllers to be found in the US.

microsoft is incompetent (-1)

Anonymous Coward | more than 3 years ago | (#35528650)

they can't build good anti-spam software so they had no choice but to do this or keep looking like fools. i dont think i've ever seen a spam message in my gmail inbox.

Re:microsoft is incompetent (1)

dannymac63 (943398) | more than 3 years ago | (#35528716)

Wonder why you've never seen a spam message in your GMail box? They've spend MILLIONS of dollars to make sure of it. And they still can't be 100% accurate.

You're pretty incompetent if you think GMail's servers don't have to handle incoming spam at a cost to Google.

It's amazing how foolish the Slashdot community has become.

Tell everyone (0)

Anonymous Coward | more than 3 years ago | (#35528662)

Make sure you send this by email to all your friends, and ask them to email all their friends. It's important that everybody knows this, as it was information released by Microsoft yesterday. Hmm, that phrasing sounds familiar.

Corporatism (-1, Troll)

vvaduva (859950) | more than 3 years ago | (#35528678)

So Microsoft employees participate in raids now? Did they sport Kinect controllers or what?

This is the picture of what's wrong in this country: corporate cronies using the government to fix problems with their sucky products and protect their financial interests.

Re:Corporatism (0)

Anonymous Coward | more than 3 years ago | (#35528714)

we also have the bigger problem of taking care of other countries instead of keeping \ spending that money at home . . .

Re:Corporatism (2)

trollertron3000 (1940942) | more than 3 years ago | (#35528790)

Only a dumb fuck would say taking down a botnet is a bad thing.

Re:Corporatism (1)

heathen_01 (1191043) | more than 3 years ago | (#35529400)

Damn strait!. The end always justifies the means.

Re:Corporatism (2)

Attila Dimedici (1036002) | more than 3 years ago | (#35528842)

These raids were conducted pursuant to a court order issued in relation to a lawsuit filed by Microsoft. So, no, there was nothing wrong with Microsoft employees taking part in this raid.

Re:Corporatism (0)

Anonymous Coward | more than 3 years ago | (#35529126)

Nothing wrong? How is it acceptable that the party sueing another party gets to raid the latter? Isn't that - mildly put - a MASSIVE conflict of interest?

Scranton? (2)

smooth wombat (796938) | more than 3 years ago | (#35528692)

So that's why Micheal left. He knew the Feds were closing in.

All those particular cities.... (0)

Anonymous Coward | more than 3 years ago | (#35528984)

...yep. Looks like the botnet was being operated out of Dunder Mifflin offices.

They all have the "intersect", don't they? (0)

Anonymous Coward | more than 3 years ago | (#35528890)

Nothing better than geeks and guns, right? I am sure it was not MS dudes flashing their ID cards from the lanyards saying "OPEN UP! IT'S MICROSOFT!" But hey, if you want to concern yourself with the possibilities of a military state controlled by geeks, be my guest. The world needs the paranoid as well.

best handbags for you (-1, Offtopic)

HappyKay (2020318) | more than 3 years ago | (#35528894)

Elegant handicraft [wonderful-bags.com] LV Men Wallet [wonderful-bags.com] fashion style [wonderful-bags.com] your personal fashion [wonderful-bags.com] Cheap LV Bag [wonderful-bags.com] Fashion Sunglasses [wonderful-bags.com] Buy bags with PayPal [wonderful-bags.com] your personal fashion store [wonderful-bags.com] Balenciaga 1:1 bags [wonderful-bags.com] Chanel 1:1 bags [wonderful-bags.com] Chloe 1:1 bags [wonderful-bags.com] Gucci 1:1 bags and sunglasses [wonderful-bags.com] Jimmy Choo 1:1 bags [wonderful-bags.com] Prada 1:1 bags [wonderful-bags.com] LV Handbags outlet [wonderful-bags.com] bring you the best [wonderful-bags.com] buy good quality bags with free shipping [wonderful-bags.com] Elegant gift for yourself and your friends [wonderful-bags.com] Discount LV handbags [wonderful-bags.com] LV Handbags on sale [wonderful-bags.com] Hermes wallets [wonderful-bags.com] Gucci handbags outlet [wonderful-bags.com] Chanel designer handbags outlet [wonderful-bags.com] Chanel 2011 handbags [wonderful-bags.com]

Suborned? (1)

skogs (628589) | more than 3 years ago | (#35528924)

Suborned? Really? I had to look it up. freedictionary says: 1. To induce (a person) to commit an unlawful or evil act.
Was this supposed to be subordinate or simply sub machines?
I prefer minions myself.

Re:Suborned? (1)

JSBiff (87824) | more than 3 years ago | (#35529376)

Well, since the control servers which were siezed sent the commands to the zombies which caused them to commit unlawful acts, I think suborned is probably appropriate.

Re:Suborned? (0)

Anonymous Coward | more than 3 years ago | (#35529444)

The relationship is right- but it is still odd. Master and slave would be less eccentric.

New bug fix attempt (0)

Anonymous Coward | more than 3 years ago | (#35528974)

They can't make there own OS good enough so instead they seize the computers hurting it? I guess it's one way to bug fix, take out the bug, not fix the holes.

Destroying the botnet (1)

Conspiracy_Of_Doves (236787) | more than 3 years ago | (#35529006)

Now that they have control of it, can they send the infected computers orders to delete the malware that makes them part of the botnet?

Also, even though that would be a Good Thing, are there legal implications in doing so?

Re:Destroying the botnet (1)

Dan541 (1032000) | more than 3 years ago | (#35529118)

Order the infected computers to attack 127.0.0.1

feeling like poop, medications not working? (0)

Anonymous Coward | more than 3 years ago | (#35529064)

we'll then expect to see you at any one of the million babys+
play-dates, conscience arisings, georgia stone editing(s), photon gatherings, & a host of
other life promoting/loving events. guaranteed to activate all of our
sense(s) at once. perhaps you have seen our list of pure intentions for
you /us?

from pretending we don't exist....

MS (2)

theBully (1056930) | more than 3 years ago | (#35529146)

It's interesting how difficult is for Microsoft to get recognition for anything they do to improve from the tech savvy communities. When they take a positive step people do nothing but look for ulterior motives that would only point out that Microsoft did the good with an evil purpose. Let's stop for a moment and give them credit for what they really do. Many people in this post have asked what right had Microsoft to participate in the whole deal or whether it served some interest for them. The way I see it is they helped stop a major issue without installing some ugly piece of software to all their users. Well done.
It's also unfair to blame all these issues on their OS security. I am the first to say that up to Windows 2000 (including) they had major security issues. In fact, W2K was the first release where they tried being more cautious. (I am speaking about the Desktop and not the Server). Everyone complained about access as administrator being dangerous. I know lot's of people that used the Administrator account on their home machine so that they can easily install software and change settings without the hassle of logging in and out. I do know Linux users who used the root account. Despite everyone saying: Do not login as root/Do not login as Administrator. Microsoft finally got UAC up and running and everyone criticized them that the system is now asking for permissions for any step. Is that fair? Is my Ubuntu system not asking me for my password every time I perform administrative tasks? Yes it does. And I'm happy about that. It's good. And the same goes for UAC. Yet, most seem to think it's stupid if Microsoft did it. Most seem to fail to see that Linux users don't get their Windows boxes infected either. Why? Because most Linux users are savvy enough.
I have an open question to anyone here:
Identify one of the software architecture flaws in Windows that make it insecure and how would you fix it?

hacker competency (1)

mcbain942 (806450) | more than 3 years ago | (#35529178)

if they are smart they have backups. if they are not , the botnet is toast.

Gone? Yeah right.. (0)

Anonymous Coward | more than 3 years ago | (#35529200)

my mail filter stats say otherwise.

I don't understand... just follow the money... (1)

BlueCoder (223005) | more than 3 years ago | (#35529438)

All you need to do is actually buy something from spam. Whomever takes the money and where is goes should tell you who did the spamming. Buy stuff from multiple email and triangulate who is doing what. I would think Visa and Mastercard in cooperation with the big banks could track down everyone profiting.

I think it's reasonable cause that if you profit from spam your probably paying for it somehow and should be enough to get your financial records.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?