Slashdot Mirror
Microsoft Files Suits Against "Malvertisers"
eldavojohn writes "Reuters is bringing us news of five civil lawsuits filed by Microsoft against 'Soft Solutions,' 'Direct Ad,' 'qiweroqw.com,' 'ITmeter Inc,' and 'ote2008.info' that allege they 'used malvertisements to distribute malicious software or present deceptive websites that peddled scareware to unsuspecting Internet users.' Microsoft's Tim Cranton outlined the suits and provided links to all the filings for download. 'Cranton added that names of specific individuals behind these activities were not known and the lawsuits were being filed to help uncover the people responsible.'"
I suspect the the main hurdle will be at getting the individuals behind the businesses. Must admit that this is the first time I've read about this approach to malware distribution, but I may simply be out of the loop.
Greg
These activties hurt Microsoft's reputation as well as being a huge burden to users of their products. Microsoft has the money and power to put the hurt on the bad guys. This is win win.
Must be hard casting everything as absolute good or evil.
Enjoy your cognitive dissonance. You may, in time, grow to have an intellectually mature point of view.
I don't entirely understand the fight though. Is MS suing these folks for damage done only to their company directly? Or possibly for some kind of defamation by making Windows appear insecure? Or are they suing on behalf of everyone affected by these ass-hats? Like a class-action thing on behalf of everyone with a computer?
He's getting rather old, but he's a good mouse.
Other stories have demonstrated that someone at Microsoft has finally recognized the threat of cloud computing. The apps which most people use today don't require Windows; they just require a browser. Since browsers are available on Linux and Apple systems, and these systems aren't plagued by the horrible malware situation of Windows, Microsoft has no choice but to attempt to clean up the malware situation. The alternative is a situation in which everyone who can get what they need from the cloud will have a strong incentive to move to MacOS or Linux.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
If you can't choose a side in this, you're being disingenuous. Just stop it, and for once make sense.
Your only real complaint should be that the Department of Justice, multiple state Attorneys General, or motiviated citizens haven't already pursued these civil actions. And the DoJ etc. should be considering crminal actions, but are no doubt distracted by any number of safer, simpler, and easier to prosecute villains.
There is simply no excuse for going after the worst of these weasels, and expanding the fight overseas when they flee to supposed safe havens. I wish Microsoft good hunting on this one. Let's get after them to patch XP's TCP stack also, but at least DO SOMETHING, someone, please?
Me? I'm no good at suits.
deleting the extra space after periods so i can stay relevant, yeah.
You can blame "insecurity" of Windows all you want, but do you actually have an answer to how to make it better then? Before all the usual arguments come:
- These malware work just aswell on user account, you do not need admin/root access.
- Locking up the whole OS so that user is in 100% controlled environment is a no go, as seeing here on slashdot about iphone and other systems that do it.
- Malware goes where the user is. If linux had ~95% marketshare on desktops, majority of malware would be there because thats where the users are.
- Theres nothing on Linux that does anything to prevent this kind of malware - you only get more security because there's not many users. If you suggest everyone moving to it, what happens?
- Conficker excluded, theres not really exploits in the Windows itself now a days. They're mostly from third party software like Flash and PDF reader.
This isn't about OS security, its about user stupidity to install random crap. That wouldn't change even if the OS marketshare would be different.
The most secure OS in the world, not even Linux nor OSX, isn't going to be able to protect you when you decide to authorize and run an .exe file you downloaded.
If you build it, nerds will come. Soylentnews.org
You get modded down for trash talking MS? On which web forums? Certainly not slashdot. Getting Karma Excellente' is assured by trash talking MS.
I do not support "The Man". I also do not support your irrational stupidity
You know, I think you need more perspective on this.
It's not the insecurity of Windows, it's the Insecurity of all these third party plugins (JAVASCRIPT, FLASH, I'M LOOKING AT YOU) that cause these problems to start with, plus DRM rootkits on music discs and movies that open up more holes in our system.
New technology, new vulnerabilities and exploits. Flash and JavaScript are the two most commonly used points of infection.
Really, the fault isn't entirely on Microsoft. Start blaming Adobe, Sun Systems, and the Music/Movie industry, as the biggest part of this lies squarely upon their shoulders.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Actually the Conficker hole was patched nearly a year ago. Microsoft has gotten their shit together with security so much recently that you can legitimately argue that it may be comparable to your average Linux distro...I'm not saying that is the case, I REALLY do not want to go down that path, my overall point is that 5 years ago, anyone who made the statement I just did would have been ridiculed as a moron, and rightly so.
But you hit very good points...no matter how secure an OS is, it has to listen to its dumbfuck user. The only way to protect against stupid users is to limit rights to oblivion, but then you limit the usefulness of the system. In most cases, the OS cannot determine what is desired behavior of a program or not.
As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable Slashdot 2.0.
I think the #2 is most important here. Windows is just too big to be fully understood. I'm sure there are tons of security-critical bugs in the code that is rarely used. It is very difficult to review and sanitize that code, especially if it "just works" and changes are likely to add bugs, not to reduce them. Additionally, more and more (percentage-wise) malware is distributed through social engineering, running .scr attachments, etc. - and that path is hard to close without going iPhone all the way.
In any case, the technical side of things is handled by one department and the legal side of things is handled by another department. I see no reason to pit them against each other. There are complaints about technical faults of the OS, but they should be addressed only to the development side of the house.
That would explain all the immigrants in the US that can't speak or learn English. They must have been kicked out of their own countries for not being bilingual. It's okay though, cause we provide them with translators (who must be imported from some other country).
A secure OS would make sure that all code downloaded from the net is identified to the user as code downloaded from the net and its source/publisher, and a secure OS does not allow the downloaded code to execute until after the user has acknowledged that it is a downloaded program and given explicit permission.
Pointless. The user will give permission regardless of how many times you ask them if they're sure.
M$... how old are you? I thought most Slashdotters had left behind using this childish notation to refer to Microsoft.