Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Looks To Courts For Botnet Takedowns

Posted by samzenpus on from the letting-the-man-do-the-work dept.

angry tapir writes "Microsoft has seen a dramatic drop in the number of computers infected with Waledac, a piece of malicious software affiliated with a botnet that was once responsible for a massive amount of spam. In the second quarter of this year, the company cleaned only 29,816 computers infected with Waledac, down from 83,580 computers in the first quarter of the year. The drop in the number of infected machines shows the success of the legal action Microsoft took earlier in the year, according to the company."

9 of 93 comments (clear)

  1. Foot in the door... by straponego · · Score: 4, Insightful

    While few would defend botnets, this legal technique will certainly be applied to other types of domains-- p2p, freenet, proxy, dissident, and whistleblower sites. In fact, I predict such attacks will hurt wikileaks and p2p sites more easily than botnets, because botnets don't have to have a small number of memorable domain names (they're not directly controlled by random humans). Ultimately, all of these "undesirable" types of programs/sites will work around the DNS crackdowns. But this will give even more of an edge to those who already hold nearly all the power-- corporations and governments. Really, they seem to be saying that if your domain could be used for something illegal, it can be taken away from you via rubber stamp before it's even involved.

  2. Re:Using the law to fix technical shortcomings by RightSaidFred99 · · Score: 5, Insightful

    You're not surprised because you don't know what you're talking about. How exactly would they prevent a user from literally running an EXE someone randomly mails them?

    I'll tell you what, I'll mail you a Linux binary and you just go ahead and run it for me. Also, have 50k of your friends run it for me too. Then tell me how surprised you are.

    Technical shortcoming.... right.

  3. Re:Seems Interesting... by RightSaidFred99 · · Score: 3, Insightful

    It spreads by mailing people exe's, which other dummies then execute. You can't design away stupidity.

  4. Re:Right goal. Wrong tool. by Dunbal · · Score: 3, Insightful

    It would be the exact same issue on Linux and Mac OS X too.

          Then why isn't it? While it's easy to shift blame onto the user, this completely overlooks the fact that a system designed with the capability of executing foreign code without any kind of privilege escalation check is just asking for trouble. No one should have to worry about those puppies or that porn in the first place.

    --
    Seven puppies were harmed during the making of this post.
  5. Re:Right goal. Wrong tool. by odies · · Score: 3, Insightful

    Because Windows is installed on 95% of computers and all the casual users are there. Linux users mostly, at least somewhat, know better what they are doing. On the other hand, there has been similar trojans on Mac OS X too.

    And privilege escalation? Why would sending email or keylogging the current user need root access? It doesn't.

  6. Not about poor MS Security... by MosesJones · · Score: 4, Insightful

    Before people bleat about this being about poor MS security do remember how many dumb folks there are out there. Lots of attacks come from dumb folks using things like Bittorrent and then executing something that they really shouldn't do without having decent virus protection on their machine.

    So good on Microsoft for doing this, yes they also need to clean up their security act, which they have been doing, but also coping with the dumb people who buy their products is a decent thing to do.

    --
    An Eye for an Eye will make the whole world blind - Gandhi
  7. Re:Using the law to fix technical shortcomings by omni123 · · Score: 4, Insightful

    I don't know what planet you are living in.

    No amount of security can ever stop a user who is determined to see the latest dancing baby screensaver from opening an exe. Linux is safe for now because it's technically competent using it, people who go to the effort to install and use it and not your every day user. If you throw a couple of million mums, dads and teenagers on it I would like to see your stats then.

    Nobody is arguing that *nix isn't inherently more secure, it is, but the reality is that nothing is unbreakable with enough time and effort. Malware creators invest time where there is a reward and that just isn't the *nix world right now.

    Even if Microsoft did a complete ground up security re-design a few thousand Malware creators will invest 2x the amount of time Microsoft did in creating it and still overcome it. The best solution is to thin that population of creators out by throwing them in jail or removing the monetary reward (through the form of legal fees) until the number of people developing the malware is less than the number of guys defending against it.

  8. Re:Right goal. Wrong tool. by unapersson · · Score: 4, Insightful

    Not just that:

    1) software is not acquired through random internet downloads but through a package manager
    2) random internet downloads are harder to install, you don't just double click and have to make them executable
    3) windows has shown again and again that it makes infection easy: auto running things from cd/usb stick, easy running of executables, hiding filename extensions. None of those problems extend to Linux and they've been the most common way for these things to spread.
    4) a user has a level of proficiency before they're happy to open a terminal and run random commands from the internet, and by that point they're likely to know what the commands do
    5) most linux distros don't need the command line for day to day operation, it's only there for advanced users
    6) Linux distros keep themselves and all software on them up to date. It's not something handled by the user or by each piece of software having it's own updater.

    Linux could have problems, but the security holes found are much harder to exploit due to the way everything is set up by default, and how the system is used. A lot of Windows security problems have been "as designed".

  9. Re:Right goal. Wrong tool. by Bert64 · · Score: 3, Informative

    If linux or macos had a dominant market share the same problem would occur, but it wouldn't be anywhere near as bad...

    Linux/Mac users are already used to running as an unprivileged user, providing an extra obstacle for any malware (sure malware can still do bad things without root, but it's much more difficult to hide and make itself difficult to remove), windows is only just starting to move towards this decades old best practice.

    On a unix box, files are not deemed executable based on their name alone, if you download a file by default it will not be executable and an extra step is required to make it so.

    Unix boxes not only don't rely on file extension to determine if a file is executable, they also don't hide the file extensions by default... A common attack on windows systems is to create a file called picture.jpg.exe and assign it an icon which looks like the default windows icon for a jpeg file, windows will dutifully hide the .exe part so users only see picture.jpg, assume its a picture and try to open it. Clever malware will even embed a picture inside the binary and when you run it, will save the embedded picture to a temporary location and spawn a viewer to display it. Using file extensions to determine file type, and then hiding those extensions by default is an extremely stupid and very dangerous flaw.

    Unix systems also don't execute anything by default which is stored in an inserted piece of media, simply inserting the media won't infect you, you would have to explicitly go and execute the malware - which would result in very low infection rates.

    So sure, if linux or mac had 95% of the market people would be looking to attack them, but the lack of many of the inherent security flaws in windows would make these attacks far less effective.

    That said, linux having a 95% marketshare would be almost as undesirable as windows having it, diversity is extremely important - if there are 3 common systems with 30% market share each the job of a malware author becomes much harder and less profitable.

    I do however predict, that in a 30/30/30 windows/linux/mac marketshare split, malware authors would still primarily target windows because it represents a softer target.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!