Slashdot Mirror
Microsoft's Vigilante Investigation of Zombies
Morgalyn writes "According to an article at Information Week, Microsoft has decided to fight zombie-launched spam in their own way. In conjunction with the FTC and consumer rights groups, Microsoft set up a clean computer and then infected it. They monitored the 'zombie' over the course of 20 days - 'In those 20 days, this one computer received 5 million connection requests from spammers, and sent 18 million spam messages'. This whole operation has led to the (partial) identification of 13 different spamming groups, some of which reside in the US and may be prosecuted under the CAN-SPAM act."
Since when is setting up a honeypot considered "Vigilante"?
---- "Logoff! That cookie shit makes me nervous!" - A. Soprano
If they are working with the FCC, why would it be considered 'vigilante'?
That's like a considering a car company working with a police forensics department to determine why a car did what it did 'vigilante'.
It takes 20 days to collect data which may be used to convict the scumbags, but it takes years for Microsoft to realize there was a problem and do something about it. To be fair, this should be law enforcement, but someone has to file those John Does in a complaint.
"At the same press conference, Dan Salsburg, the assistant director of the FTC's Bureau of Consumer Protection, urged all computer users to do their part to stymie zombies. "The FTC is taking aggressive steps to stop zombies and protect consumers, but consumers also need to insure that zombies aren't on their computers," Salsburg said."
I'm sure they're shuffling paper like they've never quite shuffled before.
I just don't want to see, a couple years from now, Microsoft being awarded patents on the invention of the Honeypot.
A feeling of having made the same mistake before: Deja Foobar
... rather than the honeynet project who have better tools, and far more experience at this sort of thing?
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
I haven't seen anywhere in the anti-spam laws that says you have a positive duty to stop spam. There doesn't seem to be any criminal culpability for getting a system hacked. The person doing the hacking and spamming is in trouble, but not the person that it happened to.
If I'm incorrect on this, please point out the relivant part of the law.
Or we could, I suppose, get mad at the people who developed SMTP, a system so insecure in and as of itself that anyone can pretend to be anyone else and get away with it.
Of course, that was done in a kinder, gentler time when "spam" was unknown, so I guess they can be forgiven. Then again, much of the Windows code was created long before the terms "DoS" or "buffer overflow attack" came into existence.
Naw. Much easier to hate MS. Somehow, they should have known better...
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
That amount of data was impossible to analyze, so Microsoft focused on the three most-active spamming days, when 470,00 connection requests were made of the PC, and about 1.8 million messages were sent through it.
How nice: they allowed 18M junk messages to go through, but could be bothered to look at only 10% of the data. Unbelievable.
Do you want the job of analyzing all 18 million messages? If they are only analyzing 10% its probably because they figure that the other 90% probably have the same source. Even if the other 90% don't, sure you would want them to start somewhere, than put off affirmative action for a few years? One way of confirming whether the 90% do come from the same source is prosecuting the spammers responsible for the 10% and then dealing with the reduced amount of spam in the next cycle.
Jumpstart the tartan drive.
I'd be amazed if it lasted 30 seconds.
:P.
When you get right down to it, cars are shitty in reliability compared to software. Off the top of my head, here are some major problems my car has, at least when looked at from a software standpoint:
1) My car is very venurable to break ins. You can smash a window, jimmy the locks and so on. It's easy, requries no knowledge to do.
2) My car doesn't deal with faulty input. If I set it in neutral and floor it, the engine will overheat and seize up. There's no system to deal with faulty operation like that.
3) My car has problems with user error. If I drive it in to a wall on accident, it'll stop functioning. Same if a user of another car makes a mistake and hits it.
Worse yet, the manufacturer will not fix ANY of these faults, even for a price. Even worse they KNEW about ALL of them when they sold the car.
Now compare that to software where we expect that it be essentially faultless and when a fault is found, that it be fixed quickly and for free.
Something tells me that if someone put a brick through your window, it would be them that you wanted busted, not the maker of your car. Yet if someone hacks your OS, you are mad at the OS maker, not that hacker.
Only on Slashdot
I love this... I've read through the first few pages of comments and this is my observation:
Microsoft takes a pro-active step toward curbing spam, something that we universally hate, and for some reason MS is taking insult left and right.
If you're going to deride them at least do it when it's appropriate... not when they're taking a legit step toward finding a solution.
I am somewhat antimicrosoft, but I fail to see why this is called "vigilante". Microsoft is working openly with the FTC. They set up their own computer, it got infected and they are investigating unauthorized connections to it. As a security professional I applaud their efforts. This is no different than anyone of you making a honeypot and checking the damage.
Yay MS! Now, make Stevie B kill them (as other posters suggested:-)