Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Vigilante Investigation of Zombies

Posted by Zonk on from the busting-undead-skull dept.

Morgalyn writes "According to an article at Information Week, Microsoft has decided to fight zombie-launched spam in their own way. In conjunction with the FTC and consumer rights groups, Microsoft set up a clean computer and then infected it. They monitored the 'zombie' over the course of 20 days - 'In those 20 days, this one computer received 5 million connection requests from spammers, and sent 18 million spam messages'. This whole operation has led to the (partial) identification of 13 different spamming groups, some of which reside in the US and may be prosecuted under the CAN-SPAM act."

8 of 341 comments (clear)

  1. Re:Steve Ballmer on Zombies by ravenspear · · Score: 2, Informative

    To whoever modded this as troll, you obviously missed the Ballmer rage reference.

  2. Re:In other words... by texwtf · · Score: 5, Informative

    That's not a reasonable analogy. This is more like the car is broken into within 26 minutes.

    The Internet is like Baghdad for computers but 10000 times more intense.

    The operating system doesn't merely fall apart - it's broken apart by the equivalent of roaming street thugs.

    I agree that microsoft it partially responsible (does rpc really need to be accessible by default?) - but on the other hand, until very recently your average linux install didn't take long to get 0wn3d either.

  3. Double standard. by NRAdude · · Score: 1, Informative

    There is no redress for grievances to or for corporations; remedy is legislated, and it is known that the remedy even recently has degraded to CAN SPAM ACT. Before CAN SPAM ACT, all that was necessary is to acknowledge the source of the transmission and send the owner a bill for purchasing the value-added resale of available communication services. It isn't so easy for a man (either male or female); to enumerate the tresspass of another in terms of billing to the use of a communications line for said data transfer, as an intended interference to a station, and further as deceptive commercial delivery of speach; the remedy would be limited to only those people acting on behalf or employed by the corporation and not the corporation. Reason being is the truth that flesh and blood, living people, can only challenge same; whereas any redress to a corporation would presume the complaint to be of a fellow corporation. Law of Nations clears up the difference between politic and corporate, and I hope everyone gets their copy certified from Project Gutenberg so they know that their are two nations, one America and the other the United States, there are American states and there are United States states, then there are the corporations chartered by their respective states. A challenge to a corporation could be transgressed by Return Service to a misnomer, or a presumption that the complaint is derived of a person in a contract with collateral to the services rendered, et al; no different than a libel of review. Abatement would clear this up, but a UNITED STATES judge or magistrate would need some coaxing as to why we believe people are more special than some fool stealing your resources for use by a UNITED STATES regulated corporation.

    On a somewhat off-topic note, concerning commercial speach transmitted over FCC regulated communications lines, copper or wireless, a friend and I were discussing the circular reasoning involved with the FEDERAL COMMUNICATIONS COMMISSION for licensing; regarding their license demands that no codified transmission may emit from a FCC-licensed station, yet the study course is more FCC codes (regulations) as opposed to actual electrical theory and law. In other words, a demand to subscribe to a FCC license would itself prohibit use under the FCC license. Could this be a loophole regarding the first amendment, if enough pressure is exerted for the people to make unhindered use of services contracted, to prevent a contract stipulation to coerce agreement by reference or partial inclusion of an unrevealed contract (think FCC)? At the verry least, I know that Part 15 of the FCC code is honest about my use of a cable-cutter on copper wire. :-)

    Just trying to stimulate.

    --
    without prejudice
  4. Re:In other words... by vinn01 · · Score: 4, Informative

    They blocked the spam from being sent:

    http://www.microsoft.com/presspass/press/2005/oct0 5/10-27ZombiePR.mspx

  5. They blocked the outgoing spam by dsouth · · Score: 2, Informative

    Though the Information Week article didn't mention this, an article at another site makes it clear that Microsoft blocked the outgoing spam messages during their honeypot experiement.

  6. Re:In other words... by Hard_Rock_2 · · Score: 2, Informative

    Well you can order sp2 discs from microsoft free of charge: http://www.microsoft.com/windowsxp/downloads/updat es/sp2/cdorder/en_us/default.mspx But it is true that most people who dont already have it or know about the free order are not going to be bothered to go through the hassle to get it free.

  7. Re:and sent 18 million spam messages by xigxag · · Score: 3, Informative

    TFA:
    The computer was quarantined to prevent it from actually sending the messages

    But...whatever...

    --
    There are two kinds of people: 1) those who start arrays with one and 1) those who start them with zero.
  8. Re:My three cars... by tomhudson · · Score: 2, Informative
    Apache has 2/3 of the server market, and its STILL a heck of a lot more secure than Microsoft IIS. According to your statement, Apache should be hacked a LOT more than IIS, since it has more market share, rather than the other way around.

    The market share argument is BS FUD. Always has been. Always will be. Microsoft just doesn't have a corporate culture that encourages good coding practices over eye candy and feature bloat.