Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Tired of Playing Cyber Cop, Microsoft Looks For Partners In Crime Fighting

Soulskill posted about a month and a half ago | from the every-batman-needs-a-robin dept.

Microsoft 113

chicksdaddy writes: When it comes to fighting cybercrime, few companies can claim to have done as much as Redmond, Washington-based Microsoft, which spent the last five years as the Internet's Dirty Harry: using its size, legal muscle and wealth to single-handedly take down cyber criminal networks from Citadel, to Zeus to the recent seizure of servers belonging to the (shady) managed DNS provider NO-IP. The company's aggressive posture towards cyber crime outfits and the companies that enable them has earned it praise, but also criticism. That was the case last week after legitimate customers of NO-IP alleged that Microsoft's unilateral action had disrupted their business. There's evidence that those criticisms are hitting home – and that Microsoft may be growing weary of its role as judge, jury and executioner of online scams. Microsoft Senior Program Manager Holly Stewart gave a sober assessment of the software industry's fight against cyber criminal groups and other malicious actors. Speaking to a gathering of cyber security experts and investigators at the 26th annual FIRST Conference in Boston, she said that the company has doubts about the long term effectiveness of its botnet and malware takedowns.

cancel ×

113 comments

Sorry! There are no comments related to the filter you selected.

need to crack down on the russian government and o (0)

Joe_Dragon (2206452) | about a month and a half ago | (#47410501)

need to crack down on the Russian government and others who just about look the other way.

Re:need to crack down on the russian government an (2, Insightful)

Anonymous Coward | about a month and a half ago | (#47412295)

what about the NSA? How much of this "cyber crime" is related to government monitoring. I like how the focus shifts to Russia and China at a time when the US is being criticized/ignored for leading an international spying ring! How much malware has hit the internet lead by governments working together, until its caught in the wild then they all blame each other or some group as the cause?

That's the real problem anymore, no one knows who is responsible for half the shit going on. Even better you can set-up fake groups in enemy countries to redirect any attention away from your objective. And MS seems to be behind a lot of bullshit lately after being targeted for allowing possible backdoors in its software.

Re:need to crack down on the russian government an (0)

Anonymous Coward | about a month and a half ago | (#47413159)

They cannot, they're too busy dealing with worthless information like mine.

My day
Ars Technica
TorrentFreak
Slashdot
check email
Path of Exile
OSU "rhythm game"
Netflix

I'm deadly right?

Re:need to crack down on the russian government an (1)

Anonymous Coward | about a month and a half ago | (#47412509)

need to crack down on the Russian government

The Russian government? How about assigning responsibility where it belongs?

TFA is pure revisionist propaganda on the scale of editing Trotsky out of of pictures with Stalin. In reality, TFA should start:

When it comes to enabling cybercrime, few companies can claim to have done as much as Redmond, Washington-based Microsoft,

Plenty of us remember how fragile and colander-like most Microsoft OSs have been until VERY recently.

Enabling software (0)

Anonymous Coward | about a month and a half ago | (#47412745)

Nobody has done as much to enable cybercrime as Microsoft...

Re: Enabling software (1)

Anonymous Coward | about a month and a half ago | (#47413257)

Apparently it's forbidden Here to say anything bad about MS, but still. It is cause of monopoly that we have these problems. In healthy market it would BE difficult to take control of many machines when there would be many platforms.
Now media only mentions when MS uses it's Monopoly to take down those bots it has enabled.

It's Microsoft's fault (1, Troll)

Animats (122034) | about a month and a half ago | (#47410519)

If Microsoft hadn't built such insecure operating systems, the problem wouldn't be so big. This is the company that brought you Active-X, autorun, and the ability to invoke programs from spreadsheets and documents.

Re:It's Microsoft's fault (1, Interesting)

Anonymous Coward | about a month and a half ago | (#47410659)

If the operating system is secure, criminals exploit the users instead. And if Microsoft had built a secure operating system in 2001 instead of spending the decade of the 2000s patching their vulnerabilities, there would have been fewer viruses and worms and more phishing and social engineering, exactly like the situation is now. Go back to the 1990s and take your irrational hatred of Microsoft with you, troll.

Re:It's Microsoft's fault (5, Interesting)

ShanghaiBill (739463) | about a month and a half ago | (#47410719)

If the operating system is secure, criminals exploit the users instead.

Nonsense. There is not a fixed quota of crime in the world. Criminals exploit profitable opportunities, and more opportunities mean more crime, while fewer opportunities mean less crime. A secure operating system does not "push" people into phishing. Writing a virus and social engineering don't even use the same skill sets.

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47414389)

If the OS is more secure, those who look for an easy "take" via crime will move on to other opportunities.

Re: It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47412463)

If you want use windows that is your choice. I won't.

But I do question the integrity of a company with revenue of billions of dollars that can't figure out how to secure their shitty OS. Seriously. It starts with them picking shitty technologies, doing a shitty job implementing them, and being more concerned with marketing and profits than anything else.

Billions of dollars - be honest, MS, you really aren't even trying.

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47412527)

Fuckwit.

Re:It's Microsoft's fault (1)

Bert64 (520050) | about a month and a half ago | (#47413169)

If there was more diversity among the systems being used, then even social engineering attacks would be harder... Whats the point trying to trick someone into running a program, if the system theyre using isnt capable of running it?

Re:It's Microsoft's fault (1, Insightful)

Anonymous Coward | about a month and a half ago | (#47410665)

This is the company that brought you Active-X, autorun, and the ability to invoke programs from spreadsheets and documents.

This can't be emphasised enough. Before Outlook, there was a scam/joke which claimed that there were emails spreading viruses. Nobody could be stupid enough to execute the contents of an email. Microsoft realised that, at the cost of the security of their users, they could make something easier. They looked at a choice that everybody else had knowingly and clearly made the other way for the good of their own users and were the only company unethical enough to make the choice in the other direction.

The same thing continues today with their security notifications. Why not just stop dangerous actions? Allow the users to trigger them explicitly? Why throw up a dialog "you are about to install a virus; proceed yes/no"? Because, somewhere there is a user who will find it easier and the security of the thousands who will suffer later is less important than market share today.

Re:It's Microsoft's fault (1)

rtb61 (674572) | about a month and a half ago | (#47412479)

The problem is policing agencies have been left way behind and are still just barely catching up. This creates a problem private corporations have the computer skill but lack the legal propriety to conduct the policing role and shouldn't really be trusted with it as competitive pressure will not allow the impartial application of the policing role. Police agencies are woefully lacking in the skills, going so far as to actively avoid hiring the people that would be most useful in that role. It's likely that a specialist investigation only agency is required, pretty much an extension of communications authority agency.

Strictly investigation only, they would reach out to other agencies to conduct the arrest and of course those other agencies could reach out to the communications authority to conduct technical investigations. As a civilian agency the communications authority could hire the people most applicable to the job, most skilled at conducting technical investigation, most likely to find new investigative targets and of course most likely to establish communication link with the most affected companies in order to trigger new investigations.

People could call nickname them the Pooh Bears because of their love of honey pots.

Re:It's Microsoft's fault (-1)

Anonymous Coward | about a month and a half ago | (#47410727)

This is the same company that was getting shit on because people would install malware on their systems after playing "Punch the monkey" advertising games.

If it wasn't Microsoft getting shit on, it would be the next dominant player in the industry. (Remember when people would shit on Norton Antivirus? Nowadays, people simply look at you strangely for using Norton in the first place.)

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47410759)

No, no, you can't defend Microsoft, that's just not normal. You must be insane.

Re:It's Microsoft's fault (-1)

GoodNewsJimDotCom (2244874) | about a month and a half ago | (#47410751)

Microsoft should have looked at the emergency of the web in 1998 and went,"Okay, we need to actually try to be secure." They could have made it so you had to boot to a special mode to install drivers or have a program boot on start up. In addition programs should not be able to share data out of their own directory unless they went to a special shared data section of the harddrive, or in memory. This isn't all that would need to be done, but it would go a long way to making the OS virus resistant. The coolest thing would be the ability to download .exe from the Internet and run without worrying of a virus hosing your computer. The way Windows is today, it still isn't Internet ready.

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47410831)

a special mode to install drivers or have a program boot on start up.

Try UAC [wikipedia.org] sometime, it works great.

The way Windows is today, it still isn't Internet ready.

You know how I know you haven't used Windows since 2007?

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47410963)

I'm sure that sounded like a compelling response in your head. You're still doing what got ACs 0'd out long ago, to this day. Trollin.

Re: It's Microsoft's fault (1)

hackwrench (573697) | about a month and a half ago | (#47411095)

There are still flaws in Windows that allow programs to trick the OS into loading code that Microsoft has made difficult for the end-user to detect be it driver or service. What's with all the services hiding under svchost.exe anyways?

Re: It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47411281)

What's with all the services hiding under svchost.exe anyways?

They're not hiding.

tasklist /svc

Sorry to dispel your ignorance.

If I didn't know better, I might ask what's with all those daemons hiding behind xinetd? But I do know better.

Re: It's Microsoft's fault (0)

Curunir_wolf (588405) | about a month and a half ago | (#47412351)

What's with all the services hiding under svchost.exe anyways?

They're not hiding.

tasklist /svc

Sorry to dispel your ignorance.

If I didn't know better, I might ask what's with all those daemons hiding behind xinetd? But I do know better.

Hmm...

C:\Windows\system32>tasklist /svc | grep svchost

'grep' is not recognized as an internal or external command, operable program or batch file.

DAMMIT!!

Re: It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47413841)

Try:

C:\Windows\system32>tasklist /svc | find "svchost"

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47411013)

I stopped using any MS OS when I found my personal email address, POP, and SMTP servers info in an ini file (plain text) of a very popular applications program folder. I brought it up in the forum and they deleted my post, and banned me from further posting. Basically any program you install can get this info without your knowledge. I never would have found this if I hadn't been debugging a problem with it. And no, it wasn't a virus or malicious software.

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47411423)

That was a very long time ago. Windows has come a LONG way since then.

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47412009)

Decades before there was autorun there was Mac OS's Desktop files and CODE resources. When inserting removable media (floppy disks, CD-ROMs, external hard disks) the Finder locate the Desktop file on the media and automatically execute any CODE resources from its resource fork. Now how do you suppose viruses got spread back then?

Re:It's Microsoft's fault (0)

Anonymous Coward | about a month and a half ago | (#47412537)

As you said, decades ago OS9 was stinking and a pile of shit, and back then OS9 had thousands and thousands of virus, which quite contradicts the reasoning OSX is not affected by virus because the market is so small yeah. The problem is we are not in the 90s anymore and Windows is STILL a stinking turd.

Re:It's Microsoft's fault (1)

davester666 (731373) | about a month and a half ago | (#47413181)

Perhaps we could all get together and form some kind of group, call it something like Software Protection For Kittens and Children, and then this group could be responsible for doing stupid things like taking domain names from companies and then botching handling it before handing it back.

This way, the blame for stupidity won't be squarely placed one specifically stupid company, instead, it will be spread on the entire software industry. Of course, it'll still be the one company doing the stupidity.

It's your mess, clean it up (0)

Anonymous Coward | about a month and a half ago | (#47410525)

Few companies can claim to have caused as much cybercrime as Redmond.

Re:It's your mess, clean it up (0, Informative)

Anonymous Coward | about a month and a half ago | (#47410793)

Few companies can claim to have caused as much cybercrime as Redmond.

Except that Redmond is a city, not a company. It is annoying enough when unimaginative journalists use "London" to mean the British government, and "Moscow" to mean the Russian government. But it is just idiotic to extend this stupid meme to companies. There are hundreds of companies in Redmond, and while Microsoft is the most prominent, there is no rationale for using the city's name to reference it. It is especially annoying with some moron uses something like "Cupertino" or "Santa Clara" which are each home to many large tech firms.

Re:It's your mess, clean it up (1)

Anonymous Coward | about a month and a half ago | (#47410881)

Metonymy as a rhetorical device has been used since ancient times. Get used to it.

Partners in crime fighting (2)

rossdee (243626) | about a month and a half ago | (#47410565)

dinner, dinner, dinner, dinner, dinner, dinner, dinner, dinner,
Batman

cautiously pessimistic (0)

Anonymous Coward | about a month and a half ago | (#47410575)

The new guys will make Microsoft look like the good cop. The no-ip service degradation was a minor inconvenience compared to what is yet to come. Lower your firewalls and surrender your sites.

re:cautiously pessimistic (1)

ed.han (444783) | about a month and a half ago | (#47410591)

i for one welcome our botnet overlord masters?

ed

Re:cautiously pessimistic (1)

lister king of smeg (2481612) | about a month and a half ago | (#47411679)

sounds to me like we need develop more user friendly distributed anonamous internet tools. while the tools we have work when used they are not user freindly and often have horrible documentation. We need a suit of tools to fix the internet to stop corporate/government control over the web. include tor freenet i2p namecoin & bitcoin, retroshare and pgp. encrypt everything end to end and make domain hijacking impossible.

Summary should say ... (2, Insightful)

fnj (64210) | about a month and a half ago | (#47410639)

Few companies can claim to have done as much fighting - or feeding - cybercrime.

There, fixed that for you.

no-ip is shady? (1)

Anonymous Coward | about a month and a half ago | (#47410713)

recent seizure of servers belonging to the (shady) managed DNS provider NO-IP

That's blatantly libelous journalism right there.

Re:no-ip is shady? (0)

raydobbs (99133) | about a month and a half ago | (#47410893)

Slashdot.... journalists? Hehe... re... Hahahaha....really? Did you *laughs uncontrollably* really call Slashdot.... journalists?

Hold on, I might just pass out from laughing so hard, rolling on the floor...

Re:no-ip is shady? (1)

Anonymous Coward | about a month and a half ago | (#47410933)

TFA calls NO-IP shady. ITworld aren't journalists either, apparently.

Re:no-ip is shady? (0)

Anonymous Coward | about a month and a half ago | (#47411009)

The first rule of Slashdot is to never read the TFA. The second rule of Slashdot is to never read the TFA.

With this in mind, GP makes perfect sense, doesn't it?

Re:no-ip is shady? (1)

Curunir_wolf (588405) | about a month and a half ago | (#47412475)

TFA calls NO-IP shady. ITworld aren't journalists either, apparently.

The whole summary reads like propaganda.

"fighting cybercrime ... the Internet's Dirty Harry ... single-handedly take down cyber criminal networks ... the (shady) NO-IP ... "

And, of course, along with being the big, bad, good-guy cop, some "alleged" that their business was disrupted. Poor old Microsoft is "weary" of its role.

Re:no-ip is shady? (2)

Enfixed (2423494) | about a month and a half ago | (#47413107)

In all the years I've used NO-IP for personal and business DNS management, NOT ONCE have they done anything I'd even remotely consider shady. Their service was rock solid until Micro$oft came in with a hostile takeover, hell they didn't even bother to so much as talk with NO-IP beforehand.

Microsoft have been abusing their position (-1)

melting_clock (659274) | about a month and a half ago | (#47410737)

Microsoft are not crime fighters, they are bullies and thugs. In a civilised country we have law enforcement working to take down criminals, not a company pushing its commercial interests above that rights innocents that have their services disrupted.

There does need to be better international coordination between law enforcement agencies to track and capture the criminals involved in hacking (the common, media misused, meaning), DDoS attacks, phishing, SPAM, etc. In recent years, there have been significant improvements in this area but there is a long way to go before it is good enough. There should also be a mechanism for dealing with hosting companies that facilitate criminal activities, that allows them to be punished if they are warned of the illegal activity and fail to act.

Re:Microsoft have been abusing their position (0)

symbolset (646467) | about a month and a half ago | (#47412313)

They are always attacking the problem from the wrong end. They must. Once upon a time they did the right thing and tried to migrate to trusted repositories, but then they lost their nerve at the last moment and saved legacy app compatibility. Not that we trust them to fairly run the trusted repository either. They have not solved the problem because to them it is an intractable problem. The only effective solutions lead to Microsoft's demise.

Solutions (1)

Anonymous Coward | about a month and a half ago | (#47410743)

1. Make email White-list based (with a choice to opt out), That will kill spam
2. Allow people to "lock" their machines so they will only download from curated sites., That will severely hurt malware sites.
3. Allow web browsers to 'block' sites/IPs on a per country basis, e.g. all of Ukraine, Russia,China,Brazil, etc, that will kill the redirect bots
4. Allow countries to place Tariffs on imported goods from countries that do not take positive action against cybercrime, nothing inspires politicians like a loss of money into the economy. Make it part of the UN, so if "proven" the UN can sanction ALL countries to add tariffs, no country can "Veto" this sanction.
5. Allow the courts to seek fines and restitution for losses from ISPs/individuals if they are notified of malware/bots and they do nothing about them, and that international cases get paid out by the offenders government (who then seeks to get the money back from the perpetrators).
6. Make 2 factor authentication the minimum standard for online activities.

Police (1)

Anonymous Coward | about a month and a half ago | (#47410747)

So in America, Microsoft polices the internet. Who polices in real life? McDonalds? Disney?

Re:Police (1)

Anonymous Coward | about a month and a half ago | (#47411303)

Dunkin Donuts.

Re:Police (0)

Anonymous Coward | about a month and a half ago | (#47411343)

You do, if you want it done right. Otherwise it's your president and everyone under him.

No-ip isn't shady (5, Insightful)

sobachatina (635055) | about a month and a half ago | (#47410755)

I've used No-ip for non-mission-critical dynamic IP services and for domain registration for over 10 years. There's nothing "shady" about them.

They offer a free service that is sometimes exploited by criminals and are very responsive to reports of abuse.

Microsoft not only didn't report these criminals to no-ip- they actually sealed the court order so they could seize the domains before no-ip found out about it.

It boggles my mind that a vigilante corporation can get a court order to simply seize another companies assets.

Re:No-ip isn't shady (0)

Anonymous Coward | about a month and a half ago | (#47411037)

"It boggles my mind that a vigilante corporation can get a court order to simply seize another companies assets." If abused, that power can go both ways.

Re:No-ip isn't shady (-1, Troll)

ljw1004 (764174) | about a month and a half ago | (#47411041)

I think No-ip sound very shady...

April 2013: the OpenDNS blog reported that no-ip was the second most popular dynamic-DNS site for malicious software. http://labs.opendns.com/2013/0... [opendns.com] -- No-IP responded that they have a very strict abuse "policy", and they want other people to help by reporting violations of the TOS to them. They also scan daily and filter by keyword. http://labs.opendns.com/2013/0... [opendns.com]

February 2014, the Cisco blog reported that no-ip had risen to be the worst offender: http://blogs.cisco.com/securit... [cisco.com] -- No-ip again responded that they have a strict abuse policy, and they want other people to report violations of the TOS to them, and they scan daily and filter by keyword. http://www.noip.com/blog/2014/... [noip.com]

Were no-ip doing a good enough job at policing themselves? It doesn't sound like it to me, not at all. It sounds like they have a decent "policy" but don't go out of their way to enforce it, their daily manual scans aren't up to what's needed, their keyword filters are easily bypassed. They can sound hurt all they want that OpenDNS and Cisco and Microsoft wrote public blogs or took action rather than reporting the individual offenders to No-IP first. But the fact that No-IP does so badly, and got worse, shows they weren't taking adequate action themselves.

You say they're "very responsive" to reports of abuse. But honestly, if their strategy for combating abuse rests SO HEAVILY upon volunteers to report abuse, and their strategy hasn't been working so far, then they have a bad business model.

Disclaimer: I work at Microsoft, but in an entirely unrelated division (I'm on the VB/C# compiler team).

Re:No-ip isn't shady (2, Insightful)

Anonymous Coward | about a month and a half ago | (#47411219)

So in both things you link they state they rely on people informing them. So instead of informing them microsoft got a court order, without even talking to no-ip. And no-ip is supposed to look bad, how? It's obvious you are a shill for microsoft, you didn't have to actually admit it in the post.

Re:No-ip isn't shady (4, Insightful)

ThatsMyNick (2004126) | about a month and a half ago | (#47411231)

hotmail has been known to send a lot of spam. I hope someone takes control of hotmail domain, since microsoft is unable to police it. (Note that it has recently been brought down, by someone should have taken control of their domain when it was a serious problem).

The point is a free service being abused is expected. It is not as if noip encouraged abuse and were paid by abusers.

Re:No-ip isn't shady (-1)

Anonymous Coward | about a month and a half ago | (#47411997)

There's a significant gulf between sending spam and running a botnet. Although there are some phishing attacks, the vast majority of spam is related product (or fake product) advertising.

I don't remember the last time a piece of spam initiated a DDOS attack.

Re:No-ip isn't shady (1)

ljw1004 (764174) | about a month and a half ago | (#47413267)

The point is a free service being abused is expected. It is not as if noip encouraged abuse and were paid by abusers.

Expected: That the owners of no-ip should continue to make their own profits from advertising revenue, and a bunch of legitimate users should continue to get free dyndns service, and the benefit to these two groups comes at the expense of a wider pool of internet users who suffer from malware (and at the expense of unpaid volunteers to police no-ip since they're not spending enough resources to do it effectively themselves).

Does that sound like a fair trade to you? Not to me. Count me out.

In other news (4, Insightful)

whoever57 (658626) | about a month and a half ago | (#47411409)

April 2013: the OpenDNS blog reported that no-ip was the second most popular dynamic-DNS site for malicious software.

In other news, Google is the most popular site for finding <your choice of illegal material here>.

See what I did there? And how the reports of NO-IP's use for malicious software are meaningless?

Re:No-ip isn't shady (1, Troll)

symbolset (646467) | about a month and a half ago | (#47412323)

You might as well call DNS itself shady. 98% of malware networks use it to hide their tracks an keep their networks up.

Re:No-ip isn't shady (1)

MikeBabcock (65886) | about a month and a half ago | (#47412333)

What percentage of their total hosted IPs are illegal or malware?

Sounds to me like the old "Windows has more viruses because its more popular" argument, used against NO-IP.

Re:No-ip isn't shady (1)

Curunir_wolf (588405) | about a month and a half ago | (#47412517)

They can sound hurt all they want that OpenDNS and Cisco and Microsoft wrote public blogs or took action rather than reporting the individual offenders to No-IP first.

Really? What about all their legitimate customers? Just "collateral damage", all worth the cost? Most of their customers use their free services, they only have a staff of *12* people. Of COURSE they want help getting reports of abuse. And the *DO* respond to those quickly and appropriately.

What Microsoft did was unconscionable. It's like some vigilantes wanted to put an end to shootings in South Side Chicago, but instead of reporting all the shooters to police, they just decided to set off a nuke in the area and wipe out everybody. Problem solved, right?

Re:No-ip isn't shady (0)

Anonymous Coward | about a month and a half ago | (#47413165)

Pah. Two blogs (which they replied to), pointing out high levels of abuse because they're the most well-used.

If you were running such a service, what else could you usefully do? I can't think of anything else that wouldn't provide Microsoft with unilateral takedown powers - that you'll get blamed for giving them when MS fuck it up.

Godaddy is the most frequently-used international registrar in domains registered for spam and general crime - and that was while they have an abuse department known to be perhaps a bit trigger-happy and cease or hand over domains on the first sniff of anything. Realistically, it's probably just because it's the market leader (~30% versus Namecheap's ~8%, and so on down, and this is AFTER the SOPA incident), and scaling by that gives you a pretty flat and unremarkable graph.

No-IP's abuse department are 3 days faster in average than Microsoft's Azure platform in responding to abuse@.

Re:No-ip isn't shady (1)

phorm (591458) | about a month and a half ago | (#47415351)

no-ip was the second most popular dynamic-DNS site for malicious software

How popular are they overall as a DDNS provider, and how many legit VS malicious customers do they have? It may sound big if they've got 1,000,000 malicious DDNS sites, but not so much if it turns out that's less than half a percent portion of 10,000,000,000 overall sites and the rest are legit.

Re:No-ip isn't shady (1)

whoever57 (658626) | about a month and a half ago | (#47411451)

Microsoft not only didn't report these criminals to no-ip- they actually sealed the court order so they could seize the domains before no-ip found out about it.

Microsoft compounded the problem by having a DNS infrastructure that completely failed to resolve the subdomains that were not implicated in any botnet use.

Perhaps the core problem was rate limiting by No-IP, but Microsoft should have anticipated this.

Re:No-ip isn't shady (1)

transporter_ii (986545) | about a month and a half ago | (#47411923)

It boggles my mind that a vigilante corporation can get a court order to simply seize another companies assets.

Yeah, it will go down a little smoother when it is Microsoft, Sun, Google, and Facebook working together. I mean, it's easy to bash MS, but when it is team of industry titans, everything will run much, much smoother. Yeah.

Re:No-ip isn't shady (0)

Anonymous Coward | about a month and a half ago | (#47412005)

Microsoft's position on the internet - is a bit like the USA's position in the world.

It's unquestionably one of the big players, with a huge population of connected users who trust it to safeguard their interests so far as it can. It would probably prefer to take action in concert with others, but it can do it alone if need be. And every time, whether it does or doesn't do anything, it will be criticized by the usual suspects for the usual alleged crimes.

It's a thankless position to be in, as the USA has been finding out since the end of the cold war. When you get it wrong, you get pilloried; and when you get it right, you still get pilloried, just by different people for different reasons. The best they can hope to do, IMO, is to satisfy as many as possible of their own customers - if they're doing that, then they're doing the right thing, no matter who else is yelling at them.

Re:No-ip isn't shady (1)

Anonymous Coward | about a month and a half ago | (#47412103)

I've used No-ip for non-mission-critical dynamic IP services and for domain registration for over 10 years. There's nothing "shady" about them.

They offer a free service that is sometimes exploited by criminals and are very responsive to reports of abuse.

Microsoft not only didn't report these criminals to no-ip- they actually sealed the court order so they could seize the domains before no-ip found out about it.

It boggles my mind that a vigilante corporation can get a court order to simply seize another companies assets.

Apparently 6,000 to 8,000 sub-domains were being created each month on domains controlled by no-ip, just to support botnets.

no-ip insisted that the only way to report these sub-domains was through a manual reporting system on their website. This meant that the botnets could operate with impunity. Contrary to your statement, a number of organizations such as Microsoft, Cisco and the EFF had contacted no-ip and suggested methods to automate the process. no-ip did publicly acknowledge the issue but they did nothing to inhibit the botnet command and control functions that used these sub-domains.

Neither you nor I know whether this lack of action was because no-ip was working with the botnet operators or were just not caring about the health of the internet. However, there certainly room for suspicion, and I don't think you can declare with certainty that there was nothing shady going on. We don't know why no-ip let the botnet operators operate freely within some of their domains. As far as I'm aware, no other DDNS supplier has had similar problems.

"fighting" crime? (0)

ChipMonk (711367) | about a month and a half ago | (#47410785)

As a "fighter" of crime, Microsoft would be in the featherweight category.

Using Microsoft's tools to fight cybercrime is bringing a knife to a gunfight.

Re:"fighting" crime? (2)

JabrTheHut (640719) | about a month and a half ago | (#47410859)

You give them too much credit - it's more like bringing an egg whisk to a gunfight.

Re:"fighting" crime? (1)

raydobbs (99133) | about a month and a half ago | (#47410909)

...only if you consider that stubby, broken off plastic thing they are waving around a 'knife'

Re:"fighting" crime? (0)

Anonymous Coward | about a month and a half ago | (#47412035)

As a "fighter" of crime, Microsoft would be in the featherweight category.

Oh? Okay then genius, if they're such a bad example, please tell us then, who, exactly was doing a better job of taking out malware c&c servers and the people behind them over the past 5 or so years?

-AC

Re:"fighting" crime? (0)

Anonymous Coward | about a month and a half ago | (#47412627)

Who, exactly was doing a better job of taking out malware c&c servers

Microsoft's shitty software enabled the malware in the first place.

Wiping up your own vomit doesn't make you a crime fighter.

Not spewing filth all over the place is a better way of "fighting crime" than chucking everywhere and cleaning up a few splashes afterwards!

MS knows about crime (1)

Anonymous Coward | about a month and a half ago | (#47410845)

After all, it's been found to be a criminal organization more than once in a court of law.

So they're gonna crack down (2, Interesting)

future assassin (639396) | about a month and a half ago | (#47410899)

all the holes in Windows and commercial software that allow so many criminals to profit from the security holes?

Re:So they're gonna crack down (1)

Krishnoid (984597) | about a month and a half ago | (#47410925)

Microsoft may be growing weary of its role as judge, jury and executioner of online scams.

I personally thought it meant they were getting tired of pushing Windows 8 as an upgrade path.

Re:So they're gonna crack down (0)

Anonymous Coward | about a month and a half ago | (#47410945)

commercial software

Commercial software like OpenSSL?

Re:So they're gonna crack down (0)

Anonymous Coward | about a month and a half ago | (#47410995)

Why not cite the countless examples of proprietary software being exploited? You people like to use a single (or even a few examples) of open source software being exploited and use it to condemn open source as a whole, or try to persuade others to see it as less important; that's nonsense.

Re:So they're gonna crack down (1)

future assassin (639396) | about a month and a half ago | (#47411101)

If the software becomes a big part making machines function then yes even OSS should be liable.

Re:So they're gonna crack down (1, Informative)

symbolset (646467) | about a month and a half ago | (#47412335)

They promised. [schneier.com]

Re:So they're gonna crack down (1)

currently_awake (1248758) | about a month and a half ago | (#47421249)

From a business point of view it's cheaper to chase down bot nets than to secure windows. Clearly someone (at Microsoft) has made a business case for offloading the work of chasing down bot nets to someone else, and everyone agreed that would improve the cost-benefit analysis (for Microsoft).

Bad programming (4, Insightful)

jgotts (2785) | about a month and a half ago | (#47410981)

Microsoft has been writing poor quality software for my entire life.

The best programmers do not go to work for Microsoft. Maybe that was the case in the early 90's but it hasn't been true for decades.

To make matters worse, Microsoft does a lot of its programming in India. We all know that Indian programming is of poor quality, and the reason is not because Indian programmers are much less competent. It has more to do with the fact that in programming if two parties can't communicate completely unambiguously in one language then they have no hope of writing good software. Programmers have to be more than fluent in the language they speak with each other, they have to be scientifically precise.

People go to work for Microsoft because it's safe. There's no risk of the company going under. Risk minimizers don't write good software, because they're not very creative. They tend to keep patching up the same old crap rather than writing something new that works better.

At mature software companies hundreds of non-programmers are telling the programmers what to do, and it only gums up the works. You wind up not working efficiently, because you need too much sign off to get anything done. And once you get signoff, the hundreds of non-programmers are dictating your schedule, not quality of the code or whether it is completed to your satisfaction.

There is no one to clean up Microsoft's mess but themselves. Probably the best solution would be for the company to split up. The people who make the Xbox are probably weighed down by the rest of the company's ineptitude. I'd like to see those guys go their own way.

Re:Bad programming (2, Insightful)

DaHat (247651) | about a month and a half ago | (#47411075)

Microsoft does a lot of its programming in India.

How much is 'a lot'? What %?

We all know that Indian programming is of poor quality, and the reason is not because Indian programmers are much less competent. It has more to do with the fact that in programming if two parties can't communicate completely unambiguously in one language then they have no hope of writing good software.

So that's a problem only with Indians? Not Chinese? Australians? Romanians? Turks? Russians? Nigerians?

If you hire those who can communicate well, where they came from is unimportant.

Re:Bad programming (1, Insightful)

symbolset (646467) | about a month and a half ago | (#47412343)

90's? Nope. Their software has always been utter crap.

Re:Bad programming (1)

david_thornley (598059) | about a month and a half ago | (#47416733)

The original Microsoft BASIC was quite good.

Re:Bad programming (0)

Anonymous Coward | about a month and a half ago | (#47413749)

"Risk minimizers don't write good software, because they're not very creative" We're talking OSes and security here, not video games. If you want your OS kernel to be secure and reliable, "risk minimizers" are EXACTLY who you want writing it.

*This post should not be misconstrued as a defense of Microsoft or an admission that there is anything good, efficient, or correct about Microsoft's software development or business practices, or of outsourcing or H1B visas.

What's with the scare brackets? (1)

FuzzNugget (2840687) | about a month and a half ago | (#47411213)

No-IP isn't shady any more than are steak knife manufacturers.

Re:What's with the scare brackets? (1)

anomaly256 (1243020) | about a month and a half ago | (#47411483)

I have yet to see any proof that No-IP are 'shady', I've been using them myself for legitimate purposes for quite a while (devices that roam physical networks, non-static adsl connections, etc) and have no reason to believe they are doing anything untoward. Also no one 'alleged' their businesses were disrupted - it is a fact that they were. It is unfortunate that some businesses don't see the value and justification of purchasing a domain, static IP and setting up DNS hosting along with other services but I do know many that use dynamic DNS services and home adsl plans at their offices instead to try to trim overheads as much as possible. When Microsoft hijacked No-IP's domains their DNS servers were not returning A-records, poorly deployed SOHO websites and self-hosted OWS become unreachable to staff outside the office and customers. Business is affected. Sure you can argue that people shouldn't use dynamic DNS services for important things but that doesn't change the fact that they do, and this affected them greatly.

Chicksdaddy's post smells of astroturfing.

Hey, somebody else fix our products for us! (0)

FuzzNugget (2840687) | about a month and a half ago | (#47411235)

Can you imagine how this would sound coming from any other company?

Re:Hey, somebody else fix our products for us! (0)

Anonymous Coward | about a month and a half ago | (#47411883)

This. Seriously, Microsoft is responsible for this mess, and they want other people and companies to solve it for them...

Only a part of the headline is correct... (1)

Valvar (3537021) | about a month and a half ago | (#47411263)

Microsoft Looks For Partners In Crime

We need more takedowns! (0)

Anonymous Coward | about a month and a half ago | (#47411277)

We need more take downs! Microsoft has known about the flaws in Windows, Office, HotMail, and Bing for many years. These services need to be seized immediately!

I would not be opposed to holding Microsoft Stockholders criminally responsible for this deliberate cooperation with criminals terrorists, and worse.

If You doubt that Microsoft works hand-in-hand with terrorists, just look at their criminal abuse of the judges on the 5th circuit who were tricked into taking down home security systems, security cameras etc. HOW MANY PEOPLE DIED BECAUSE OF MICROSOFT'S TAKEDOWN OF NO-IP.COM!?!?

A Secure OS? (0)

Anonymous Coward | about a month and a half ago | (#47411315)

Wouldn't providing a secure OS in the first place be better?

Re:A Secure OS? (0)

Anonymous Coward | about a month and a half ago | (#47411385)

Them most secure is Suicide Linux, make a mistake and your hard drive's contents get wiped out. The IRS probably uses it for email.

Re:A Secure OS? (1)

AHuxley (892839) | about a month and a half ago | (#47411803)

Thinking back to the old hardware you could have a secure sandpit and memory on Unix like devices.
You could have a secure sandpit and memory on consumer computers at a huge cost in cash and GUI slowness.
Speed to market for 1.0, GUI look and feel, security, costs, speed to market with new features vs security.
Helping the police and security services without slowing down the dev and release cycle.
The hardware was just too costly and slow at the consumer level vs a responsive, secure, feature rich software offering.
It was beyond the needs of the beta productivity and games rush to market.

When it comes to fighting cybercrime .. (3, Insightful)

lippydude (3635849) | about a month and a half ago | (#47411677)

"When it comes to fighting cybercrime, few companies can claim to have done as much as Redmond, Washington-based Microsoft"

Despite how much effort Microsoft retrospectively put into trying to change the historical facts. When it comes to causing cybercrime, few companies can claim to have done as much damage as Redmond, Washington-based Microsoft.

"Windows NT and its successors .. were not initially designed with Internet security" ref [wikipedia.org]

Been doing MY part for years now... apk (0)

Anonymous Coward | about a month and a half ago | (#47412663)

Creating a tool that not only aids security, but also speed, reliability, & even anonymity (more efficiently by FAR vs. browser addons + even shoring up DNS redirect weakness):

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of benefits in link)

Summary:

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default)
2.) Ghostery (Advertiser owned) - "Fox guards henhouse"
3.) Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B.) Hosts add reliability vs. downed/redirected dns (& overcome redirects on sites, /. beta as an example).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity/room 4 breakdown,

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs Fastflux + dynamic dns botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in message passing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray is destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption too + hugely excessive cpu use (4++gb extra in FireFox https://blog.mozilla.org/nneth... [mozilla.org] )

Work w/ a native kernelmode part - hosts files (An integrated part of the ip stack)

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

This line... (0)

ComputersKai (3499237) | about a month and a half ago | (#47412735)

When it comes to fighting cybercrime, few companies can claim to have done as much as Redmond, Washington-based Microsoft, which spent the last five years as the Internet's Dirty Harry: using its size, legal muscle and wealth to single-handedly take down cyber criminal networks...

HAHAHAHAHAHAHAHAHAAHAHAHAHA
.... Wait really?

Corporation enforcing laws? (0)

Anonymous Coward | about a month and a half ago | (#47413883)

Since when does a corporation get to enforce laws? I've always been deeply disturbed by MS's role as a corporate police force, confiscating property and shutting down things. I know there is some loophole in the "cyber" laws that lets the government give them this power, but it's still disturbing that a corporation is taking over law enforcement like this. Microsoft is acting as a government, and being given powers no corporation should have.

When NOBODY else will (0)

Anonymous Coward | about a month and a half ago | (#47414047)

When they're RIGHT too: How did I know that? This http://yro.slashdot.org/commen... [slashdot.org] since I had every single one of the bogus domains they seized LONG IN ADVANCE before they did what they did (to proof myself vs. such machinations, along with anyone else that used my program to do the same - PLUS to get more speed, reliability, & even anonymity as well as security too (vs. fastflux + dynamic DNS utilizing botnets)).

* :)

(My program does so, FAR more efficiently than the "so-called 'competition'" that's 'SOULED-OUT' & INFERIOR since they don't do a FRACTION of what hosts can @ faster levels of operation, in kernelmode, vs. slower messagepassing, memory overuse + CPU hogging usermode layering over already slower browsers, in addons (ala "Almost ALL Ads Blocked" - whose author wrote me by email stating "hosts are a shitty solution" & when I confronted him to PROVE that adblock could do more + more efficiently? HE OUTRIGHT RAN!)).

APK

P.S.=> From 1 of my 12 sources in the security community the complete NO-IP list was here July 2nd 2014 from one of my sources in fact -> http://yro.slashdot.org/commen... [slashdot.org] & MS' only "mistake" was underestimating the amount of traffic they were routing thru their servers, but they were FAR from "wrong" on the fact that NO-IP gets abused all to hell proven here http://blogs.cisco.com/securit... [cisco.com] AND HERE http://labs.opendns.com/2013/0... [opendns.com] ...

... apk

Partner in Cybercrime (Prevention) (1)

organgtool (966989) | about a month and a half ago | (#47415257)

Microsoft,

Nobody asked you to play cyberpolice - you took that upon yourselves in an attempt to make yourselves look better after being the laughingstock of security experts for several decades. Lately you've been overstepping your bounds and now you're looking for other companies to join you so that you don't have to take all of the heat the next time you overstep your bounds. Good luck with that.

How about an anti-NSA? (1)

currently_awake (1248758) | about a month and a half ago | (#47421187)

What we need is a government organization dedicated to keeping our networks safe. I'm thinking the exact opposite of the NSA, where instead of weakening our security and pushing to get back doors installed in everything they actually worked to protect us and promote national security.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>