Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Inside the Microsoft Digital Crimes Unit

timothy posted about a year ago | from the private-justice dept.

Crime 54

Trailrunner7 writes "The Microsoft Digital Crimes Unit has been spearheading botnet takedowns and other anti-cybercrime operations for many years, and it has had remarkable success. But the cybercrime problem isn't going away anytime soon, so the DCU is in the process of building a new cybercrime center here, and soon will roll out a new threat intelligence service to help ISPs and CERT teams get better data about ongoing attacks. Dennis Fisher sat down with TJ Campana, director of security at the DCU, to discuss the unit's work and what threats could be next on the target list."

cancel ×

54 comments

Sorry! There are no comments related to the filter you selected.

Read that headline, (-1)

Anonymous Coward | about a year ago | (#43781811)

and thought, Microsoft was finally being prosecuted.

Wait a minute (5, Funny)

NoNonAlphaCharsHere (2201864) | about a year ago | (#43781879)

Is this an article about how the Windows 8 UI was designed?

Re:Wait a minute (0)

Doug Otto (2821601) | about a year ago | (#43781925)

Damn. Too bad I used up my last mod point yesterday.

I lol'd.

Re:Wait a minute (4, Funny)

NoNonAlphaCharsHere (2201864) | about a year ago | (#43782063)

Not to worry, somebody already modded it with a "Troll", which is even funnier...

Re:Wait a minute (1)

Bud (1705) | about a year ago | (#43786191)

Is this an article about how the Windows 8 UI was designed?

Or about how they kept the world's population hostage with Clippy the Paperclip? I mean, when they heard Clippy was going to be removed from the next version of Office, around 350 million people upgraded straight away.

Or is it about how Microsoft is paying 500 million (USD, EUR, whatever) in fines every couple of years, in order to keep doing business as a software monopoly? That is probably the most brilliant crime by the Microsoft Digital Crimes Unit ever!

Re:Wait a minute (0)

Anonymous Coward | about a year ago | (#43791551)

Actually Clippy wasn't sacked, he was promoted to Digital Crimes VP when Microsoft Bob went into retirement.

This is rather disconcerting. (-1)

intermodal (534361) | about a year ago | (#43781923)

I want to know exactly what idiot gave Microsoft the authority to create a law enforcement unit other than their jackbooted licensing audit thugs from the Business Software Alliance.

Re:This is rather disconcerting. (2)

recoiledsnake (879048) | about a year ago | (#43781953)

I want to know exactly what idiot gave Microsoft the authority to create a law enforcement unit other than their jackbooted licensing audit thugs from the Business Software Alliance.

Needs a judge's approval.

But we’re very careful about how we do this. We’re not just going out there shooting stuff. We walk in with a pile of legal documents. We’re asking for a judge to agree with what we found.

Re:This is rather disconcerting. (1)

bws111 (1216812) | about a year ago | (#43782081)

But it is so hard to read all the way to the first question of the interview.

Re:This is rather disconcerting. (1)

Razgorov Prikazka (1699498) | about a year ago | (#43783855)

But if youre finally at the questions, things go from bad to worse. One would expect a "Digital Crimes Unit" to:
  - investigate security holes (preferably before shiping it out)
  - make sure that virus-makers dont have a chance.
  - find, cage and string up the idiot that makes Win8 harder to get rid of than a bad case of Herpes.
  - see to it that three-letter-agency's (both US and nonUS) place backdoors in MS software.
  - Explosions, romance, fast car's, flashing badges and glue-on-moustaches

But noooooooh... They really rather cry about the baddies making stupid botnets.
DCU, pffff what a laugh </roll-eyes>

Re:This is rather disconcerting. (1)

SJHillman (1966756) | about a year ago | (#43781985)

You don't actually think Microsoft is going around kicking in doors, do you? They're mostly working as a legal presence or as a team of civilian experts assisting law enforcement and everything goes through a judge.

Re:This is rather disconcerting. (0)

Anonymous Coward | about a year ago | (#43782105)

Not Microsoft, just Ballmer. I could see him doing that. He's a big guy.

Re: This is rather disconcerting. (2)

hAckz0r (989977) | about a year ago | (#43784813)

No. Its all about the appearance of being proactive as to minimize their legal liability. Face it, its cheeper than the alturnative.

If they really wanted to 'stop crime' as their top objective they could just make a more secure product, starting by ejecting all the useless legacy code that lets the bad guys win without hardly trying. Its hard to make a secure design starting from a block of swiss cheese. There are more things they could do to make crime harder than I could ever possibly list in this limited space.

Re: This is rather disconcerting. (0)

Anonymous Coward | about a year ago | (#43786359)

Even if they had a more secure OS there would still be exploits in it and they'd still need the DCU. Don't be stupid and naive.

Re:This is rather disconcerting. (0)

Anonymous Coward | about a year ago | (#43782035)

Reality Check: MS doesn't have a swat team that they bust people with with no prior approval. Everything has court oversight.

Re:This is rather disconcerting. (0)

Anonymous Coward | about a year ago | (#43783969)

Next on the agenda: obtaining authority from the US gov to form MS SWAT. Past that a small militia...

Re:This is rather disconcerting. (0)

Anonymous Coward | about a year ago | (#43782825)

Why not create a Linux variant? Penguin badges and stuff...... it'll be cool!

Re:This is rather disconcerting. (0)

Anonymous Coward | about a year ago | (#43782895)

Why not create a Linux variant? Penguin badges and stuff...... it'll be cool!

Anyone want to join my newly formed gNSA? apply below

Re:This is rather disconcerting. (1)

lister king of smeg (2481612) | about a year ago | (#43784121)

Ok just one question first; Do we get to ride into battle on the back of a rampaging gnu leading a hoard of penguins and fight iNinjas?

Re:This is rather disconcerting. (1)

Cyberax (705495) | about a year ago | (#43783621)

Law enforcement? I think you're confused. This unit is created specifically to commit crimes!

Re:This is rather disconcerting. (1)

Synerg1y (2169962) | about a year ago | (#43783871)

They're not actually doing anything illegal. The situation is like this: the offenders are in plain sight on the internet, they don't bother hiding because there is nobody policing where they're enacting their schemes.

MS is exposing them to authorities basically doing their legwork for them in tracking down these criminals.

They have motivation to do it too, its their systems that are most often affected by these criminals, so they are being uncannily pro-active about it.

It's the rare sight of corporate America giving back to the community. So rare in fact, people seem confused by it.

uhm.. seriously? (0)

Anonymous Coward | about a year ago | (#43781975)

"TJ Campana".. okay, are we on the high school football team as in "Yo! TJ! After we make the final touchdown we need to give this here kid a swirlie!".. or is it as in "TJ Hooker, computer crimes investigator, also starring Adrian 'Non-Sequitur' Zmed and Heather 'The real reason you are watching this' Locklear".

Don't even get me started on DCU vs CTU. Next thing you know you'll have Jack Fucking Bauer [youtube.com] taking care of business.

When are they going to arrest... (4, Insightful)

Viol8 (599362) | about a year ago | (#43782001)

... the Windows development team for allowing such a security swiss cheese of an operating system to escape from the lab and the marketing team for trying to sell to innocent consumers?

Re:When are they going to arrest... (-1, Troll)

recoiledsnake (879048) | about a year ago | (#43782331)

Right after they arrest Android developers for the huge malware problem on Android, and then Apple developers.

"91.3% of smartphone malware/viruses written for Android"
"Apple's iOS, Microsoft's Windows Phone and Blackberry are free of any malicious activity"

http://www.macworld.co.uk/ipad-iphone/news/?newsid=3448046 [macworld.co.uk]

"Newly Discovered Android Malware Was Downloaded Millions Of Times"
http://techcrunch.com/2013/04/20/newly-discovered-android-malware-was-downloaded-millions-of-times/ [techcrunch.com]

Last week, American security researcher Jacob Appelbaum found that malware on an Angolan human-rights activist's Apple laptop was "signed" with a legitimate Apple developer ID, allowing it to slip past Apple's baked-in Gatekeeper security software. A new and unusually sneaky piece of Mac malware, discovered last week, has been linked to a larger online espionage campaign being waged from India.

  The campaign, dubbed "HangOver" after a text string in the malware code, appears to be based in India and focuses on stealing industrial secrets from companies all over the world.

http://www.technewsdaily.com/18120-hangover-malware-india.html [technewsdaily.com]

How come the "Superior UNIX design" that have lead to tens of thousands of +5 Insightful Slashdot posts over the years doesn't protect Android and OS X? If the blame goes to the users, why are you trying to blame the Windows dev team?

Re:When are they going to arrest... (4, Informative)

Nerdfest (867930) | about a year ago | (#43782763)

Isn't almost every single instance of Android malware a Trojan? In the case of Windows, for years a large percentage was drive-by exploits of IE, ActiveX, and just about every other part of the system.

Re:When are they going to arrest... (2, Insightful)

lgw (121541) | about a year ago | (#43782905)

Are you still going on about pre-Vista Windows? Let it go man, let it go.

Re:When are they going to arrest... (0)

Anonymous Coward | about a year ago | (#43784699)

Windows Vista/7/8 hasn't been any better really. 90% of computers are infected. It just so happen Microsoft controls around 90% of the market too. It's interesting how the numbers line up so perfectly. Then again Microsoft does release its OS with malware so I guess this shouldn't be too surprising. Even if it didn't though the statistics wouldn't change significantly. The OS is poorly designed.

A lot of GNU/Linux distributions aren't much better sadly. And some are just as bad as MS Windows in at least some ways. Ubuntu for instance bundles malware now. They send your data to Amazon or otherwise collect it via there own servers. Now they may collect and discard it... but the problem still remains.

Re:When are they going to arrest... (0)

Anonymous Coward | about a year ago | (#43782769)

Can't speek to OS X but Android is so brain damaged as to not look much like Unix/Linux at all. Superior UNIX design is just that, superior but it doesn't keep people from doing stupid stuff.

Re:When are they going to arrest... (1)

JDG1980 (2438906) | about a year ago | (#43785577)

Can't speek to OS X but Android is so brain damaged as to not look much like Unix/Linux at all.

Actually, Android's security model is much better than the traditional Unix security model. The traditional Unix model is that the program is the user and has the same permission as if the user were manually doing the operation him/herself. This was designed in the 1970s when all users were coders, and makes no sense today when people download untrusted code from the Internet on a regular basis. Android's security model has fine-grained permissions, so an app has to specify in a manifest exactly what it wants to do, and these restrictions are enforced by the OS.

It's true that other aspects of Android also do "not look much like Unix/Linux at all" but this is to its great credit. The traditional Unix/Linux design (a dozen different layers of crap on top of X11 on top of a console) is brain damaged and utterly unsuitable for end-user computing in the 21st century.

su and then rm -rf / (1)

tepples (727027) | about a year ago | (#43782943)

How come the "Superior UNIX design" that have lead to tens of thousands of +5 Insightful Slashdot posts over the years doesn't protect Android and OS X?

UNIX does nothing to stop the owner of a computer system from wiping out all files by doing su and then rm -rf / or similar. There are only two ways to stop a device's owner from doing that: education, or taking administrative privileges away from the device's owner.

Re:When are they going to arrest... (1)

trazom28 (134909) | about a year ago | (#43782897)

They can't.. it's called "Job Security" for the digital crimes unit.

Where is "here"? (0)

Anonymous Coward | about a year ago | (#43782025)

The summary is quite vague, and so is the article (from which it was just copied).

"remarkable success" (4, Insightful)

Anonymous Coward | about a year ago | (#43782083)

You mean how they play whack-a-mole with botnets and claim victory when they accidentally hit one, but stay curiously mum when the very same botnet pops up again only two weeks later?

N'mind that they've been criminally lax in improving their software, creating a very easily planted very fertile ground for an entire flora and fauna of malware to grow and prosper in the first place. They created this "ecosystem" on a much grander scale than this "remarkable success" in taking down little pieces of it, for a short while.

Re:"remarkable success" (0)

recoiledsnake (879048) | about a year ago | (#43782351)

N'mind that they've been criminally lax in improving their software

They have added Secure Boot support in Windows 8 to precisely combat undetectable malware, yet we have people blaming them for it.

Re:"remarkable success" (2)

h4rr4r (612664) | about a year ago | (#43782911)

Because what was wanted was to prevent drive by installs and that sort of thing. Secure boot is a whole other kettle of fish.

It is about letting MS and the MPAA own your machine, security is only a side effect.

Re:"remarkable success" (1)

CastrTroy (595695) | about a year ago | (#43782975)

Exactly. They walk a very fine line between people complaining that they're locked out of their own computer, and allowing viruses to just run rampant on the system. They could probably make a very secure system, but people would complain too much because all their applications would have to come vetted from MS and it would be like running IOS on your desktop.

Re:"remarkable success" (0)

Anonymous Coward | about a year ago | (#43785267)

You and gramps didn't hear the jet-powered whoosh while typing that?

Secure boot is entirely the wrong thing at least twenty years late. The horse has bolted and they're not even trying to shut the barn. Instead they institute mandatory badge access systems (which they control, not the owner of the barn) for the humans. Syeah, that'll help.

Re:"remarkable success" (1)

10101001 10101001 (732688) | about a year ago | (#43790587)

They could probably make a very secure system, but people would complain too much because all their applications would have to come vetted from MS and it would be like running IOS on your desktop.

Um...yeah...perhaps you've never heard of 'iOS jailbreaking"? Seriously, even with MS vetted drivers (a mandatory part of 64-bit Windows), almost entirely non-Admin user programs (because of how Windows is designed, there are a handful of MS programs that run at higher privilege to provide the Win32/64 environemnt), things like stack smashing protection, data execution prevention, randomized application offsets, and even sandboxing (admittedly, only rarely done), Pown2Own still clearly shows that IE and Windows 8 are vulnerable. Slapping on Secure Boot wouldn't do a damn thing. And the idea that MS can successfully vet software just falls flat on its face when it fails to adequate protects is own software--unless you think that's some sort of conspiracy.

No, in all seriousness, writing secure software is incredibly hard. My personal problem with MS has more to do with their marketing of Windows as "secure" and "robust" for ages--it was a big selling point as far back as NT 4.0 (probably sooner). And in retrospect, we can see that that was either ignorant/arrogant optimism or just marketer bullshit. I'd contribute it to both, and I don't see the situation changing.with MS or any other non-conservative organization. Really, OpenBSD is about the closest you'll ever get to a secure/robust system, but even there that really translates into a box with very limited software options--anything more and you've stepped out of vetted secure/robust.

PS - And yea, I'd say just about every *nix is guilty of overclaiming robustness and security. The big differences is the degree and just how much it's the organization itself and its many members/fans. I really don't see the same sort of out-of-the-horses-mouth BS that you see in MS PR (or just about any company PR, really). But, to know that's the nature of the beast sort of proves the point on why your claims seem absurd.

Windows RT (1)

tepples (727027) | about a year ago | (#43782997)

As I understand it, people blame Microsoft for adding Secure Boot support to Windows 8 because of what Microsoft did to the companion product Windows RT at the same time. Microsoft forbids manufacturers of devices that ship with Windows RT from allowing the user to disable or otherwise reconfigure Secure Boot. Devices with an x86 CPU MUST allow user configuration of Secure Boot, but devices with an ARM CPU MUST NOT.

Re:Windows RT (2)

recoiledsnake (879048) | about a year ago | (#43783399)

Yet Apple gets a free pass on iPads, same with firms such as Motorola. How much is WindowsRT selling and how much of a threat is it to freedom compared to the iPad?

Re:Windows RT (1)

tepples (727027) | about a year ago | (#43783563)

Yet Apple gets a free pass on iPads

Since when?

Re:"remarkable success" (0)

Anonymous Coward | about a year ago | (#43787453)

they have implemented secure boot to prevent people from instaling operating systems other than microsoft.

But that is what microsoft's version of "virus", is now, and always has been, "anyone who competes or threatens microsoft"

not "anyone who threatens the user"

Windows IS unwanted software and any code that prevents me from using something else is malware.

So if this was so important (0)

Anonymous Coward | about a year ago | (#43782337)

Why isn't this a branch of the FBI?

Re:So if this was so important (1)

bws111 (1216812) | about a year ago | (#43782539)

You mean like this [fbi.gov] ?

Ever heard of a private eye? (1)

tepples (727027) | about a year ago | (#43783019)

Microsoft's Digital Crimes Unit exists alongside the FBI's cyber-crime efforts for the reason that any other private investigation firm exists alongside a police force.

I was going to say (3, Funny)

IWantMoreSpamPlease (571972) | about a year ago | (#43782659)

that the great digital crime of recent note was Windows 8, but I've been beaten to the punch, several times already.

Shills (0)

Anonymous Coward | about a year ago | (#43782813)

Looks like the anti-MS shills are spamming Slashdot's comment section again.

Re:Shills (1)

bornagainpenguin (1209106) | about a year ago | (#43789171)

Looks like the anti-MS shills are spamming Slashdot's comment section again.

Who needs shills when your competition has been diligently chumming the water in which they live for a decade or two? Microsoft has earned its hatred in this industry, one pissed off user at a time. To pretend this entirely predictable reaction is the work of shills only betrays your own allegiance and paid for status...

Most fitting (0)

Anonymous Coward | about a year ago | (#43783227)

MS knows it all about crimes.

Law and Order: Digital Crimes Unit (0)

Anonymous Coward | about a year ago | (#43783325)

Can't wait. If nothing else it has to be better than the CI.

Its a crime to stop supporting XP (0)

Anonymous Coward | about a year ago | (#43784537)

Its a crime to stop supporting XP next year and then we will be forced to buy those gawd awful Windows 8 machines. Xp should go on to open source after Microsoft stops supporting it.

So its not a conspiracy! (0)

Anonymous Coward | about a year ago | (#43788075)

Microsoft now has an official department to commit digital crime!

Inside microsofts digital framing unit (0)

Anonymous Coward | about a year ago | (#43789925)

Microsoft has traditionally been a company that ignores everyone's truth and substitutes they're own. They have the credibility of a politician at a baby kissing contest.

Hmmm (1)

Lost Penguin (636359) | about a year ago | (#43789953)

What crimes does this branch of Microsoft commit that the other branches do not?
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?