Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Feds To Remotely Uninstall Bot From Some PCs

samzenpus posted more than 3 years ago | from the let-us-take-care-of-that dept.

Botnet 211

CWmike writes "Federal authorities will remotely uninstall the Coreflood botnet Trojan from some infected Windows PCs over the next four weeks. Coreflood will be removed from infected computers only when the owners have been identified by the DOJ and they have submitted an authorization form to the FBI. The DOJ's plan to uninstall Coreflood is the latest step in a coordinated campaign to cripple the botnet, which controls more than 2 million compromised computers. The remote wipe move will require consent, and the action does come with warnings from the court that provided the injunction against the botnet, however. 'While the 'uninstall' command has been tested by the FBI and appears to work, it is nevertheless possible that the execution of the 'uninstall' command may produce unanticipated consequences, including damage to the infected computers,' the authorization form reads. FBI Special Agent Briana Neumiller said, 'The process does not affect any user files on an infected computer, nor does it ... access any data on the infected computer.' The DOJ and FBI did not say how many machines it has identified as candidates for its uninstall strategy, but told the judge that FBI field offices would be notifying affected people, companies and organizations."

cancel ×

211 comments

That's ok (1)

Dunbal (464142) | more than 3 years ago | (#35957976)

If it damages my system I'll just re-install from a back-up image I made. Oh wait...

Re:That's ok (2)

Samantha Wright (1324923) | more than 3 years ago | (#35958004)

I'd be more worried about, you know, the owners of the botnet reading this article and taking preventative action? I mean, if it's already too late for that (which past articles assert, it is), then it's not really "crippling", is it?

Re:That's ok (5, Insightful)

hellkyng (1920978) | more than 3 years ago | (#35958088)

The botnet owners can't take preventative action against the uninstall because they don't have valid Command and Control servers running. Since the FBI is controlling those at the moment, the individual bots are hanging in limbo doing nothing. If however the malware is actively looking for new C&C servers to be spun up to receive commands again, there is the potential that the FBI could lose control again. Hence why it is necessary to remove the infection while they maintain control, and only one step in their strategy to cripple the botnet.

Re:That's ok (-1)

Anonymous Coward | more than 3 years ago | (#35958282)

I think it's time to take precautive measure already.

Just install a program that formats Windows and installs Linux. If the users don't know what is best for them, we will make them know. Only that way will open source and freedom win.

Re:That's ok (0)

Anonymous Coward | more than 3 years ago | (#35958536)

Forcing users to install your operating system of choice is not freedom winning. It's the exact opposite.

If that's the only way for open source to win, then open source deserves to lose. But I think OSS can do better.

Re:That's ok (1)

clang_jangle (975789) | more than 3 years ago | (#35958674)

I would have expected he knows that and is trolling ("linux == leftist 'jack booted thugs'" troll), but one never really knows...

Re:That's ok (1)

Em Adespoton (792954) | more than 3 years ago | (#35958320)

Being the FBI, wouldn't they start by identifying all bots NOT within the US, and uninstalling those ones? After all, that can come under the purview of protecting the Federation from foreign attack on American soil, and nobody's going to be able to sue them about it. As long as they avoid big multinational corporations, this would be a no-brainer move.

After this, ALL botnet activity would be fully within the US, so they'd have other tools to work with to help mop up the rest.

Re:That's ok (1)

Redlazer (786403) | more than 3 years ago | (#35958496)

They could, but it would be a dick move. As much as I'd like to think so, it's just not true that everyone at the FBI is a dick.

Re:That's ok (1)

RobertM1968 (951074) | more than 3 years ago | (#35958560)

They could, but it would be a dick move. As much as I'd like to think so, it's just not true that everyone at the FBI is a dick.

Some are asses. ;-)

Re:That's ok (1, Insightful)

PraiseBob (1923958) | more than 3 years ago | (#35958634)

Remotely uninstalling malicious software from an unsuspecting persons machine is a dick move? If someone was passing out cupcakes and put one on your desk without asking, would you call that a dick move also?

Fixing somebody's computer is a gift. Fixing their machine because it is attacking mine, is something I appreciate. If you don't trust a federal agency to have the authority to remove the virus, then whom do you trust? Rival hackers? Microsoft? They've done such a great job so far in containing the problem. The malware problem isn't going to go away by itself. People will not wake up one day and decide to update their machines.

Re:That's ok (1)

postbigbang (761081) | more than 3 years ago | (#35958754)

Not if it leaves the machine in an unclean or unusable state. If you thought anti-American attitudes are bad now, imagine the FBI disabling a couple hundred thousand key machines abroad-- just to get rid of a virus.

Re:That's ok (0)

mysidia (191772) | more than 3 years ago | (#35958956)

Not if it leaves the machine in an unclean or unusable state. If you thought anti-American attitudes are bad now, imagine the FBI disabling a couple hundred thousand key machines abroad-- just to get rid of a virus.

Disabling is the normal course of action taken on an infected machine. In fact, the only method certain to work.

SOP when discovering a backdoored machine spewing spam, participating in a DDoS, running a backdoor, or botnet node, should be: to if possible, use the malware's infiltrated command and control or the published backdoor to render the backdoor or the system useless to further the attack as quickly as possible.

The simplest and most strongly recommended method is to to prepare a text message to alert the operator that the computer is infected, make various modifications to ensure the OS becomes unbootable, and overwrite the MBR with boot code to display the alert message and halt, every time, instead of booting.

Removing the infection is the operator's responsibility. Any security consultant worth their salt will inform you, the only acceptable, reliable way of removing the infection, and bringing the computer to a state where it is acceptable to ever connect to the internet again: is to perform a clean install of the OS, and full update of the OS, due to the fact that malware can modify any file on the system, kernel itself, etc.

Such modifications are generally undetectable, and even if they are, a clean install is required to a verifiable OS in order to be able to accurately validate the integrity of backed up files prior to restoring them.

Re:That's ok (1)

postbigbang (761081) | more than 3 years ago | (#35959040)

Sweet.

A bit draconian, are you?

If there'd been sufficient investment, someone could just shut off the port. Rootkits mean you get a new kernel after you've rendered what rooted it permanently dormant.

So sure. Let's say you render a couple hundred thousand machines unbootable by wiping their partition tables, MBR, or whatever. They wake up the next morning, and do they love you? Can they do business? Can they read x-rays? Will their their stuff work?

Your method might be nice for screwing up extractors in Iran, but I think you lose a lot of friends with that ostensible SOP.

Slaughter them! They're infected!

Re:That's ok (1)

tibit (1762298) | more than 3 years ago | (#35959220)

I don't know about you and so called "security consultants", it's very, very easy to check offline (from a separate host) that a hard drive with a Windows partition on it has legitimate files as released by MS. Digital signatures and all that jazz. This whole reinstall attitude is frankly said getting on my nerves. Waste hours (if you're not in an imaged environment) on reinstalling a system where perhaps a couple files and a dozen or two registry entries are wrong?! Fuck no!

Re:That's ok (1, Insightful)

mysidia (191772) | more than 3 years ago | (#35958852)

They could, but it would be a dick move. As much as I'd like to think so, it's just not true that everyone at the FBI is a dick.

I disagree. These systems are infected. If the FBI knows about that; if they have gained control of a botnet, backdoor codes or other piece of malware, they should be free to immediately take all available actions to uninstall or disable known infected computers.

There's definitely no right to be running botnet code.

I say we need a law authorizing ANYONE to uninstall worm software/viruses from any computer by any means made available by the malware, at will, without alerting the user, anyone else, or requiring anyone's permission or approval; so long as the only method used to uninstall is provided by the malware (or backdoor), the only command executed is cleanup/uninstall, and no financial or other gain is obtained (other than cleaning up the internet/reducing spam).

Re:That's ok (0)

Anonymous Coward | more than 3 years ago | (#35958084)

Which operating system was this again?

Re:That's ok (2)

cosm (1072588) | more than 3 years ago | (#35958128)

Which operating system was this again?

EvolutionSoft PEBCAC [wikipedia.org] 2011

Re:That's ok (0)

Anonymous Coward | more than 3 years ago | (#35958214)

Windows then? Microsoft still using the same responsibility-deflecting script?

Soon to be executive powers (0)

suso (153703) | more than 3 years ago | (#35958100)

It won't be long before we have cases where the president exercises executive powers in the name of freedom and national security which grants them the right to access our computers without our consent.

Re:Soon to be executive powers (2)

somersault (912633) | more than 3 years ago | (#35958318)

Well, at least somebody is making an effort to stop all the fucking spam. Slippery slopes are nice and all, but that kind of thing can already be done legally via the courts, the PATRIOT act, etc.. at least what they are doing here is beneficial to the world.

Lemme guess how they're going to get consent... (5, Funny)

jthill (303417) | more than 3 years ago | (#35957996)

they're going to send a email, right? Click this link to authorize the FBI to remove an infection from your computer?

Re:Lemme guess how they're going to get consent... (2, Funny)

MrEricSir (398214) | more than 3 years ago | (#35958096)

No, it's going to be through popup ads that look like Windows dialog boxes. First it will scan your computer, then find a virus and offer to sell you Virus Remover 2011 at a steep discount!

Re:Lemme guess how they're going to get consent... (5, Funny)

Em Adespoton (792954) | more than 3 years ago | (#35958340)

"The FBI has detected a botnet running on your computer. Due to federal privatization initiatives, botnet removal has been subcontracted to Botnet Blaster 2011. Click here to purchase Botnet Blaster 2011 and avoid having your house stormed by an FBI tactical team."

Re:Lemme guess how they're going to get consent... (0)

mysidia (191772) | more than 3 years ago | (#35958970)

Hey... anyone know where I can buy stock in the company that sells Virus Remover 2011 and Antivirus 2011?

Re:Lemme guess how they're going to get consent... (1)

maxwell demon (590494) | more than 3 years ago | (#35958112)

they're going to send a email, right? Click this link to authorize the FBI to remove an infection from your computer?

Oh, and give your local login/password on that site (the admin account, of course). After all, the FBI needs that to access your computer ...

Re:Lemme guess how they're going to get consent... (1)

timeOday (582209) | more than 3 years ago | (#35958582)

Well, there are worse ways [swamppolitics.com] to be notified.

(OK, OK, that might have been the ATF or somebody else, I don't know.)

Release the Company Names (1)

MoldySpore (1280634) | more than 3 years ago | (#35958016)

I'd like to see what company's are on the list. Specifically what IT companies. Even more specifically, if any network hardware providers made the list. Always fun to see what companies actually know networking that are selling the products that us in the field buy and put some measure of faith in to protect our networks. Same can be said for some software IT companies for end-users. I would be a bit more wary about considering a company's software protection product if they'd been compromised by one of the world's biggest botnets for X number of years and needed the FBI to call them up and tell them about it.

Re:Release the Company Names (1)

Anonymous Coward | more than 3 years ago | (#35958052)

Wouldn't be surprised to see Sony and their PSN team on the list.

a better fix (-1)

Anonymous Coward | more than 3 years ago | (#35958020)

Should be to overwrite that user's OS with a fully patched Linux. They can run Windows again IF they can demonstrate adequately that they know how to secure it and are willing to do so.

Re:a better fix (1)

Anonymous Coward | more than 3 years ago | (#35958064)

Giving Linux to someone who can't even use Windows properly is like replacing their car with a tank because they got into too many accidents. Sure, they won't get hurt, but they'll probably never even figure out how to start it.

Re:a better fix (1)

Dunbal (464142) | more than 3 years ago | (#35958132)

Oh come on - tanks are driven by people who have volunteered to get shot at. How hard can it be? Certainly no harder to drive than the old 1970's caterpillar D-6C (a bulldozer for those not in the know) and actually much easier. I've seen them with handlebars and a throttle just like a motorcycle. Add a brake pedal for each side and an automatic transmission and you're set.

Re:a better fix (2)

Qzukk (229616) | more than 3 years ago | (#35958166)

You know the first thing they're going to push is the big red button marked "Fire".

Re:a better fix (2)

codegen (103601) | more than 3 years ago | (#35958278)

You know the first thing they're going to push is the big red button marked "Fire".

The tank driver can't reach that button. It's for the back seat driver.

Re:a better fix (1)

somersault (912633) | more than 3 years ago | (#35958342)

OpenOffice? TuxRacer? This analogy is feeling a little laboured.

Re:a better fix (1)

Jaysyn (203771) | more than 3 years ago | (#35958542)

Not until I get onto I-10.

Re:a better fix (1)

vijayiyer (728590) | more than 3 years ago | (#35958276)

The hard part is driving it while you're being shot at.

Re:a better fix (1)

DarwinSurvivor (1752106) | more than 3 years ago | (#35958510)

I'd say the REALLY hard part is walking next to it while being shot at because your "buddy" got the long straw.

Re:a better fix (1)

ae1294 (1547521) | more than 3 years ago | (#35958524)

The hard part is driving it while you're being shot at.

You must not have driven in any major U.S. city in awhile...

Re:a better fix (1)

avgjoe62 (558860) | more than 3 years ago | (#35958636)

You've obviously never driven in Los Angeles. Being able to drive a car while being shot at is part of the driver's license test.

Re:a better fix (1)

CrimsonAvenger (580665) | more than 3 years ago | (#35959008)

Oh come on - tanks are driven by people who have volunteered to get shot at. How hard can it be? Certainly no harder to drive than the old 1970's caterpillar D-6C (a bulldozer for those not in the know) and actually much easier. I've seen them with handlebars and a throttle just like a motorcycle. Add a brake pedal for each side and an automatic transmission and you're set.

Ever notice how a lot of people who know nothing about a subject think it must be easy?

Re:a better fix (1)

plover (150551) | more than 3 years ago | (#35958298)

. Sure, they won't get hurt, but they'll probably never even figure out how to start it.

That's pretty much the whole freakin' point. These are people too stupid to own computers.

Why not just report the issue to the user? (1)

SuurMyy (1003853) | more than 3 years ago | (#35958046)

It would be better to report the issue to the user and provide links to well known antivirus companies. This way the user would be able to trust that the Feds aren't installing anything on their box while they may or may not remove what they tell the user... ;-)

Re:Why not just report the issue to the user? (1)

ColdWetDog (752185) | more than 3 years ago | (#35958076)

Hi! We're from the Government. We're here to help you.

Re:Why not just report the issue to the user? (1)

XanC (644172) | more than 3 years ago | (#35958268)

*BLAM*

*BLAM* *BLAM*

Re:Why not just report the issue to the user? (0)

Anonymous Coward | more than 3 years ago | (#35959230)

all your base are belong to U.S.

Re:Why not just report the issue to the user? (0)

Anonymous Coward | more than 3 years ago | (#35958422)

That seems scary. But then you have a natural disaster hit, or some other issue, and damn you are happy for them to help.

Right now I'm hoping the empty house near me gets a visit from the gov't, since it has storm damage and I don't know the owner so I can't help.

Re:Why not just report the issue to the user? (2)

cobrausn (1915176) | more than 3 years ago | (#35958098)

Supposedly Microsoft is pushing out the 'Malicious Software Removal Tool' as part of Windows Update that will actually remove Coreflood if the user machine has already recieved the 'halt' command from the FBI servers. I guess that counts...

Re:Why not just report the issue to the user? (1)

somersault (912633) | more than 3 years ago | (#35958352)

Yeah, idiots with pwned machines are well known for keeping up to date.

Re:Why not just report the issue to the user? (1)

hellkyng (1920978) | more than 3 years ago | (#35958118)

I believe Microsoft included detection in their MSRT (Malicious Software Removal Tool) so as long as users and regularly updating they should have this taken care of on its own shortly. I imagine the FBI is probably assuming most users aren't actively updating, or targeting "high value" or infrastructure type computers for a more aggressive removal strategy.

For the tin-foil crowd, if the FBI really wanted to do bad things to your files, they wouldn't have made it public they captured the command and control servers :)

Re:Why not just report the issue to the user? (0)

Anonymous Coward | more than 3 years ago | (#35958242)

Hiding in plain sight... I don't give personal information to ANYBODY who phones me, and I don't give access to my computers to ANYONE! If you do, consider yourselves pwnd, and that everything you do is now theirs...

The remote wipe move will require consent (1)

Riceballsan (816702) | more than 3 years ago | (#35958124)

Consent?? Does that mean the users infected with the botnet will get "Warning your computer is infected, click here to remove the virus's you didn't know you had from your computer", on one hand it's probably the target of people that were gullible enough to fall for it once to get the botnet in the first place, but teaching them it is actually possible for a legitimate goal to do it, means they will be infected again in a week.

Re:The remote wipe move will require consent (2)

x*yy*x (2058140) | more than 3 years ago | (#35958316)

Well what would you think if the government or any other people would mess with your computer without your consent? What if they decided "utorrent.exe" was harmful and decided to remove it without asking you?

Re:The remote wipe move will require consent (4, Interesting)

jd (1658) | more than 3 years ago | (#35958382)

As much as I would love the Feds to just run a complete vulnerability scan of the US (not unlike the Internet Auditing Project) and then remotely uninstall every instance without telling a damn person (if the virus doesn't de-install cleanly, that's a bug in the virus so go sue the authors), I get the impression there'd be a few complaints. In part, because the Feds have shown themselves to be ethically-challenged from time to time.

If you want - really, truly want - bots and spyware to be gone forever, it's going to take a Federal agency vulnerability scanning your machine and installing nagware when your machine is shown as both infected and insecure. (Insecure alone might just be a honeypot, it doesn't prove there's a real vulnerability present.)

Nobody is going to trust an agency to do this. Doesn't matter if that's just or unjust, the only just that matters is that it's just not going to happen. In consequence, corporations will fail to secure products, users will fail to secure their machines and the problem will miraculously fail to vanish all on its own. Things won't change without pressure and the only sources of pressure big enough won't and/or can't.

Re:The remote wipe move will require consent (1)

mysidia (191772) | more than 3 years ago | (#35958994)

Nobody is going to trust an agency to do this. Doesn't matter if that's just or unjust, the only just that matters is that it's just not going to happen.

But they trust completely anonymous massive numbers of third parties (that include spammers and ID thieves) not to do whatever the h**** they want, using any open vulnerabilities they find?

How about the agency outsources it to private industry; and requires all exploits and payloads utilized to be open source, fully documented, and subject to review by any member of the public....

bill Microsoft for the expense, not taxpayers (0)

Anonymous Coward | more than 3 years ago | (#35958170)

Why is the government doing this at the taxpayers' expense? The OS is broken, has been for a decade, and Microsoft should be billed for expenses. If an auto manufacturer sold a vehicle that melted in the rain, they too would be responsible for the expense. Windows should be recalled and fixed not just painted and prettied up and rereleased.

Re:bill Microsoft for the expense, not taxpayers (1)

jd (1658) | more than 3 years ago | (#35958444)

The government is doing this at the taxpayer's expense because the taxpayer voted in a government that likes the rich having the money and you not. Vote into power someone who doesn't give a damn about the rich next time. Of course, that requires finding one - and then finding one willing to run for office. In general, those with the best ethics are the least-suited to politics and the ones best-suited to politics are the ones with no ethics.

Re:bill Microsoft for the expense, not taxpayers (0)

Anonymous Coward | more than 3 years ago | (#35958572)

It's a Trojan. That's like charging the auto manufacturer for vehicle thefts perpetrated by a valet parking service. Then stolen vehicles are then driven around to form car barricades preventing access to various stores, offices, services.

And that would be up to the government to stop.

Re:bill Microsoft for the expense, not taxpayers (0)

Anonymous Coward | more than 3 years ago | (#35958596)

Your analogy is flawed.
Billing Microsoft here would be like billing auto manufacturers for stolen cars, because they installed locks that could be circumvented.

Re:bill Microsoft for the expense, not taxpayers (1)

mysidia (191772) | more than 3 years ago | (#35958998)

Whoa... hold it there. If you start that precedent about OS vendors being charged for security issues...... that would put open source companies, incl. Redhat in quite a pickle.

No platform can claim to be completely free of security issues. And any platform that reaches critical mass is going to have infected/compromised systems doing naughty things (like SSH brute force attacks en masse).

The number of non-Windows botnet nodes is far from zero.

U can trust us, we are the government... (0)

Anonymous Coward | more than 3 years ago | (#35958172)

What a wonderful opportunity for govt. agencies to place keyloggers and such on these systems. Yes, they will probably remove the malware, but what are the chances they will install "something else"? The temptation would be way too great, IMHO.

Re:U can trust us, we are the government... (1)

somersault (912633) | more than 3 years ago | (#35958412)

Uh.. if they wanted to do that, they could do. What exactly do you think they'd find so interesting about the average person's web browsing habits? Do they perhaps need credit card details for extra funding? I don't think so.

Re:U can trust us, we are the government... (1)

jd (1658) | more than 3 years ago | (#35958476)

Stop and think. If they've already scanned these machines, any keylogger will already be installed. Besides, there's a Firefox extension for jamming keyloggers.

Besides, what would they need a keylogger for? We already know (because the Australian Government has said so) that Echelon is real and does exist. The total lack of use of cryptography means that there's nothing you can type that they can't read already.

As much as I hate to say this (2, Insightful)

teknosapien (1012209) | more than 3 years ago | (#35958256)

since most of the machines I'm guessing are running a Microsoft product, maybe they should be the ones carrying this out on infected machines. Lets face it they are probably better situated to see this through. the feds should go back to being the agents of the RIAA and MPAA and leave the computer work to the professionals

Re:As much as I hate to say this (1, Interesting)

h4rr4r (612664) | more than 3 years ago | (#35958364)

Or maybe Microsoft software is what got these users into this mess, so someone else should fix it and Microsoft should just foot the bill.

Re:As much as I hate to say this (1)

TaoPhoenix (980487) | more than 3 years ago | (#35958432)

What else do you think they will do with access to your system besides the botnet campaign? "While repairing the botnet, we discovered 137 copyrighted files. These have been reported to the **AA. Have a nice day!"

I havent received (3, Funny)

nimbius (983462) | more than 3 years ago | (#35958286)

any notifications yet from the FBI about the botnet and my computer, has anyone else?

also, do i need to disable selinux before they uninstall the bot on my computer? or can they do it from a regular user account with limited sudo?

Re:I havent received (0)

Anonymous Coward | more than 3 years ago | (#35958418)

I was wondering similar. Wondering if I'd have to set up port forwarding on my edge router to let Apple Remote Desktop in.

Re:I havent received (-1)

Anonymous Coward | more than 3 years ago | (#35958420)

-1, Smug.

Re:I havent received (0, Insightful)

Anonymous Coward | more than 3 years ago | (#35958848)

-1, Started a sentence in the topic, concluded it in the body.

Re:I havent received (0)

Anonymous Coward | more than 3 years ago | (#35958586)

No, since SELinux is developed by/with US agencies, it's already installed for your convenience. ;)

A far more effective solution... (1, Insightful)

Daniel Phillips (238627) | more than 3 years ago | (#35958290)

Uninstall Windows.

Re:A far more effective solution... (5, Interesting)

Daniel Phillips (238627) | more than 3 years ago | (#35958594)

Uninstall Windows.

Or don't uninstall Windows but make computer owners legally responsible for their computers in the same way they are legally responsible for a swimming pool. The resulting fines would either stop botnets entirely or eliminate the national deficit. In short, a tax on the stupid.

Re:A far more effective solution... (1)

c6gunner (950153) | more than 3 years ago | (#35958862)

Yah, those fines will stop botnets the same way the RIAA lawsuits have stopped piracy. It can't fail!

"Identifiable Victims" (0)

Anonymous Coward | more than 3 years ago | (#35958304)

""While the proposed preliminary injunction is in effect, the Government also expects to uninstall Coreflood from the computers of Identifiable Victims who provide written consent," said the DOJ in the memo."

Is it just me, or are other people creeped out by the way "Identifiable Victims" is capitalized in the press release?

combofix... (0)

Anonymous Coward | more than 3 years ago | (#35958308)

wonder if combofix would take care of the infection... its been good at removing other root kits in the past

So who is footing the bill here? (0)

h4rr4r (612664) | more than 3 years ago | (#35958334)

I sure hope the PC owner or Microsoft are paying for this. I see no reason why Mac users and Linux users should pay for this fix. If we have to pay as well we might as well suggest that uninstall be done by installing a better OS.

Re:So who is footing the bill here? (0)

Anonymous Coward | more than 3 years ago | (#35958370)

Its paid by the citizens of USA, enjoy!

Re:So who is footing the bill here? (0)

Anonymous Coward | more than 3 years ago | (#35958526)

oh don't let the government touch the hard earned allowance you got for trimming the hedges and cleaning the basement? you shouldn't really get any money for cleaning the basement, fwiw, you live there, and you should clean it yourself so that you don't live like a pig.

GLAD TO HELP.

Re:So who is footing the bill here? (1)

catmistake (814204) | more than 3 years ago | (#35958670)

Agreed. Clearly, the creator and seller of this inferior operating system should be forced to recall the product— and forced to fix it.

WTF? (0)

nurb432 (527695) | more than 3 years ago | (#35958360)

I don't care if i am infected, who gives the the federal government the right to touch my PC? Sure, call my ISP and cut me off until i fix it, but stay the hell out of my property unless i am under a court sanctioned investigation.

( in reality i cant be infected with this windows-only issue, but the question still stands. who died and gave them god rights? )

Re:WTF? (0)

Anonymous Coward | more than 3 years ago | (#35958424)

Read the Fine Summary, they aren't doing this without consent.

Re:WTF? (3, Informative)

lasinge (1009929) | more than 3 years ago | (#35958450)

FWIW, they are stating at this point that they will be asking for consent. Personally I don't like it, I would prefer to take care of it myself, but then again I (like most slashdotters) don't represent the majority of computer users. Someone has to take this seriously and deal with these botnets, and if the government is the only entity willing to step up and handle it, then that's who is supposed to do it. I'd prefer to see this in the public domain, but security is simply not valued in the public sector until something goes wrong.

Re:WTF? (2)

nurb432 (527695) | more than 3 years ago | (#35959180)

Someone has to take this seriously and deal with these botnets,

i totally agree, but it should be by cutting off access to infected computers and keep them off-line until they are 'clean'. ISP's can detect 'bad things' and do this automatically.

uninstall command... (1, Insightful)

roc97007 (608802) | more than 3 years ago | (#35958378)

> 'While the 'uninstall' command has been tested by the FBI and appears to work, it is nevertheless possible that the execution of the 'uninstall' command may produce unanticipated consequences, including damage to the infected computers [...]

I'd say go for it. I mean how is this any different from Windows Update?

Funny How Microsoft... (0)

Nom du Keyboard (633989) | more than 3 years ago | (#35958410)

Funny how Microsoft's Malicious Software Removal Tool isn't nearly so polite about asking permission first.

Creepy (0)

Iamthecheese (1264298) | more than 3 years ago | (#35958414)

I applaud what they're doing and can even see this as appropriate. That said... Am I the only one getting the jitters at the thought of millions of people downloading and running a program from a department of the US government?

Re:Creepy (1)

TaoPhoenix (980487) | more than 3 years ago | (#35958504)

I have free tickets for you to ski on the slippery slope.

Re:Creepy (1)

Osgeld (1900440) | more than 3 years ago | (#35958540)

no there are at least a dozen post's above yours saying the exact same thing

if I didn't use my last mod points on one of those threads you would get a redundant

Re:Creepy (2)

Stormthirst (66538) | more than 3 years ago | (#35958916)

Why is it that Americans as so paranoid about their government's motives? No other country in the first world has this level of paranoia about their government.

Re:Creepy (1)

Anonymous Coward | more than 3 years ago | (#35959198)

History class, two doors down on the right.

Is this (2)

SnarfQuest (469614) | more than 3 years ago | (#35958416)

Is this like those messages emailed from Microsoft about virus detected on my system? Those things never seemed to make my machine run better. You'd think Microsoft would test their fixes better... ;=)

Take away their network connection (2)

QuesarVII (904243) | more than 3 years ago | (#35958568)

They shouldn't be helping to uninstall it for people. They should be getting their internet connections shut off to teach them a damn lesson about computer security.

Why do they need consent? (2)

jeffeb3 (1036434) | more than 3 years ago | (#35958584)

My common sense would say that if the user already gave up control of their PC to the botnet, why should they have any say in keeping the feds from removing the bot? The reason the feds are interesting is (I'm assuming) because the botnet caused harm to others. Just remove the bot, if there are consequences, and they know what they are, then it's their own fault.

But, the federal government is held to a higher standard aren't they?

Re:Why do they need consent? (0)

Anonymous Coward | more than 3 years ago | (#35958676)

Yeah, why should the federal government be held to a higher standard than criminals?

Right Click still broken (-1)

Anonymous Coward | more than 3 years ago | (#35958794)

Right Click still broken

Bummed (1)

Strykar (1161463) | more than 3 years ago | (#35958934)

An unjust law is itself a species of violence. Arrest for its breach is more so. -MKG

Disconnect from internet? (4, Interesting)

aralin (107264) | more than 3 years ago | (#35958960)

Why cannot they just ask the ISP to disconnect infected computers from the network? It should be responsibility of each owner to connect with uninfected computer. The company responsible for this whole mess - Microsoft - will likely not be held accountable, but the users should. And when the OS they use start to be liability in their lives, then maybe they will choose based on that as well.

YACA: If someone installed randomly firing machine guns in the trunk of your car, I doubt FBI response would be a letter asking you if they could please uninstall those for you.

Re:Disconnect from internet? (0)

Anonymous Coward | more than 3 years ago | (#35959090)

The company responsible for this whole mess - Microsoft - will likely not be held accountable

how about this

The company responsible for this whole mess - Pella - will likely not be held accountable for the brick put thru my front window they should have known how to fix that.

You are blaming MS for what others do. Put the blame on the right people. The people who write the damn viri.

Cooperate America strikes again (1)

devent (1627873) | more than 3 years ago | (#35959084)

Now the DOJ and the FBI do the job to secure Windows. Must really suck to live in a country where the government is run for cooperations paid by tax money. (If anyone wonder, it's the job of Microsoft to secure their system not the DOJ or the FBI to do that for them).

"FBI field offices would be notifying affected people, companies and organizations."

yeah, that's why you have the FBI. Not to hunt for criminals like murders, raper or the organized crime, but to go to people and companies and secure their computers.

If this is a joke, (1)

ronmon (95471) | more than 3 years ago | (#35959224)

it's not funny. If it isn't a joke it is insanely stupid.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...