Slashdot Mirror
Microsoft's Vigilante Investigation of Zombies
Morgalyn writes "According to an article at Information Week, Microsoft has decided to fight zombie-launched spam in their own way. In conjunction with the FTC and consumer rights groups, Microsoft set up a clean computer and then infected it. They monitored the 'zombie' over the course of 20 days - 'In those 20 days, this one computer received 5 million connection requests from spammers, and sent 18 million spam messages'. This whole operation has led to the (partial) identification of 13 different spamming groups, some of which reside in the US and may be prosecuted under the CAN-SPAM act."
Microsoft should just have Steve Ballmer fucking kill them.
Not a moment too soon! With Halloween on Monday and everything, this comes at a perfect time to save my brain. I'll still lock my doors though.
Clones are people two.
"Microsoft set up a clean computer and then infected it."
So they switched it on and connected it to the net?
---- There are 10 types of people in the world. Those that understand binary and those that don't
Since when is setting up a honeypot considered "Vigilante"?
---- "Logoff! That cookie shit makes me nervous!" - A. Soprano
If they are working with the FCC, why would it be considered 'vigilante'?
That's like a considering a car company working with a police forensics department to determine why a car did what it did 'vigilante'.
It takes 20 days to collect data which may be used to convict the scumbags, but it takes years for Microsoft to realize there was a problem and do something about it. To be fair, this should be law enforcement, but someone has to file those John Does in a complaint.
"At the same press conference, Dan Salsburg, the assistant director of the FTC's Bureau of Consumer Protection, urged all computer users to do their part to stymie zombies. "The FTC is taking aggressive steps to stop zombies and protect consumers, but consumers also need to insure that zombies aren't on their computers," Salsburg said."
I'm sure they're shuffling paper like they've never quite shuffled before.
I just don't want to see, a couple years from now, Microsoft being awarded patents on the invention of the Honeypot.
A feeling of having made the same mistake before: Deja Foobar
Ok, raise your hand, who thinks there's more than 1 infected windows machine on the Redmond campus?
So I guess, Microsoft being above the law, it's OK when they do that. The end justifies the means, after all.
I'm an American. I love this country and the freedoms that we used to have.
[i]"some of which reside in the US and may be prosecuted under the CAN-SPAM act."[/i]
Common. We all know the only way to deal with zombies is massive head trauma.
From article:
"In those 20 days, this one computer received 5 million connection requests from spammers, and sent 18 million spam messages," said Cranton.
That amount of data was impossible to analyze, so..."
So, seems 18 million records is too much for poor little SQL Server, hmm? I bet Oracle could help, or maybe MySQL/PostgreSQL.
... rather than the honeynet project who have better tools, and far more experience at this sort of thing?
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
I haven't seen anywhere in the anti-spam laws that says you have a positive duty to stop spam. There doesn't seem to be any criminal culpability for getting a system hacked. The person doing the hacking and spamming is in trouble, but not the person that it happened to.
If I'm incorrect on this, please point out the relivant part of the law.
Or we could, I suppose, get mad at the people who developed SMTP, a system so insecure in and as of itself that anyone can pretend to be anyone else and get away with it.
Of course, that was done in a kinder, gentler time when "spam" was unknown, so I guess they can be forgiven. Then again, much of the Windows code was created long before the terms "DoS" or "buffer overflow attack" came into existence.
Naw. Much easier to hate MS. Somehow, they should have known better...
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
That amount of data was impossible to analyze, so Microsoft focused on the three most-active spamming days, when 470,00 connection requests were made of the PC, and about 1.8 million messages were sent through it.
How nice: they allowed 18M junk messages to go through, but could be bothered to look at only 10% of the data. Unbelievable.
Do you want the job of analyzing all 18 million messages? If they are only analyzing 10% its probably because they figure that the other 90% probably have the same source. Even if the other 90% don't, sure you would want them to start somewhere, than put off affirmative action for a few years? One way of confirming whether the 90% do come from the same source is prosecuting the spammers responsible for the 10% and then dealing with the reduced amount of spam in the next cycle.
Jumpstart the tartan drive.
I'd be amazed if it lasted 30 seconds.
:P.
When you get right down to it, cars are shitty in reliability compared to software. Off the top of my head, here are some major problems my car has, at least when looked at from a software standpoint:
1) My car is very venurable to break ins. You can smash a window, jimmy the locks and so on. It's easy, requries no knowledge to do.
2) My car doesn't deal with faulty input. If I set it in neutral and floor it, the engine will overheat and seize up. There's no system to deal with faulty operation like that.
3) My car has problems with user error. If I drive it in to a wall on accident, it'll stop functioning. Same if a user of another car makes a mistake and hits it.
Worse yet, the manufacturer will not fix ANY of these faults, even for a price. Even worse they KNEW about ALL of them when they sold the car.
Now compare that to software where we expect that it be essentially faultless and when a fault is found, that it be fixed quickly and for free.
Something tells me that if someone put a brick through your window, it would be them that you wanted busted, not the maker of your car. Yet if someone hacks your OS, you are mad at the OS maker, not that hacker.
Only on Slashdot
Costume 1: Guy disguises himself as a zombie and puts on a cardboard monitor. Here instead of "brainssssssss" he should say: "mailssssssssssss"
:)
Costume 2: A fat guy carrying a chair, with a Google T-Shirt (and the handwritten letters above: "I'll F**ing Kill". Obviously his secondary target would be the guy wearing costume 1.
Now the following may be off-topic, but what the heck, I got started!
Costume 3: Just put on a Bill Gates mask, and wear a Microsoft T-Shirt. And instead of "Trick or treat", you say: "End User License Agreement".
Costume 4: Disguise yourself as a Lawyer and stick the logos of BMG, Sony, Time Warner (did I miss any?) on the back. Instead of "Trick or treat", say "Court or Settlement"
Costume 5: Disguise yourself as Zombie, but instead of wearing the cardboard monitor, just put an AOL sticker on your shirt. You're an official "AOL user". Instead of moaning "brainssss" you'll say: "Me, tooooo!"
Costume 6: Disguise yourself as a monitor, and paint the front in blue.
Costume 7: Paint your face black and buy fake jewelry. Pretend you're the relative of a Nigerian prince who just died.
I am somewhat antimicrosoft, but I fail to see why this is called "vigilante". Microsoft is working openly with the FTC. They set up their own computer, it got infected and they are investigating unauthorized connections to it. As a security professional I applaud their efforts. This is no different than anyone of you making a honeypot and checking the damage.
Yay MS! Now, make Stevie B kill them (as other posters suggested:-)