Slashdot Mirror

← Back to Stories (view on slashdot.org)

Inside the Microsoft Digital Crimes Unit

Posted by timothy on from the private-justice dept.

Trailrunner7 writes "The Microsoft Digital Crimes Unit has been spearheading botnet takedowns and other anti-cybercrime operations for many years, and it has had remarkable success. But the cybercrime problem isn't going away anytime soon, so the DCU is in the process of building a new cybercrime center here, and soon will roll out a new threat intelligence service to help ISPs and CERT teams get better data about ongoing attacks. Dennis Fisher sat down with TJ Campana, director of security at the DCU, to discuss the unit's work and what threats could be next on the target list."

54 comments

  1. Wait a minute by NoNonAlphaCharsHere · · Score: 5, Funny

    Is this an article about how the Windows 8 UI was designed?

    1. Re:Wait a minute by DougOtto · · Score: 0

      Damn. Too bad I used up my last mod point yesterday.

      I lol'd.

      --
      Solving Unix problems since 1989...
    2. Re:Wait a minute by NoNonAlphaCharsHere · · Score: 4, Funny

      Not to worry, somebody already modded it with a "Troll", which is even funnier...

    3. Re:Wait a minute by Bud · · Score: 1

      Is this an article about how the Windows 8 UI was designed?

      Or about how they kept the world's population hostage with Clippy the Paperclip? I mean, when they heard Clippy was going to be removed from the next version of Office, around 350 million people upgraded straight away.

      Or is it about how Microsoft is paying 500 million (USD, EUR, whatever) in fines every couple of years, in order to keep doing business as a software monopoly? That is probably the most brilliant crime by the Microsoft Digital Crimes Unit ever!

    4. Re:Wait a minute by Anonymous Coward · · Score: 0

      Actually Clippy wasn't sacked, he was promoted to Digital Crimes VP when Microsoft Bob went into retirement.

  2. Re:This is rather disconcerting. by recoiledsnake · · Score: 2

    I want to know exactly what idiot gave Microsoft the authority to create a law enforcement unit other than their jackbooted licensing audit thugs from the Business Software Alliance.

    Needs a judge's approval.

    But we’re very careful about how we do this. We’re not just going out there shooting stuff. We walk in with a pile of legal documents. We’re asking for a judge to agree with what we found.

    --
    This space for rent.
  3. uhm.. seriously? by Anonymous Coward · · Score: 0

    "TJ Campana".. okay, are we on the high school football team as in "Yo! TJ! After we make the final touchdown we need to give this here kid a swirlie!".. or is it as in "TJ Hooker, computer crimes investigator, also starring Adrian 'Non-Sequitur' Zmed and Heather 'The real reason you are watching this' Locklear".

    Don't even get me started on DCU vs CTU. Next thing you know you'll have Jack Fucking Bauer taking care of business.

  4. Re:This is rather disconcerting. by SJHillman · · Score: 1

    You don't actually think Microsoft is going around kicking in doors, do you? They're mostly working as a legal presence or as a team of civilian experts assisting law enforcement and everything goes through a judge.

  5. When are they going to arrest... by Viol8 · · Score: 4, Insightful

    ... the Windows development team for allowing such a security swiss cheese of an operating system to escape from the lab and the marketing team for trying to sell to innocent consumers?

    1. Re:When are they going to arrest... by Nerdfest · · Score: 4, Informative

      Isn't almost every single instance of Android malware a Trojan? In the case of Windows, for years a large percentage was drive-by exploits of IE, ActiveX, and just about every other part of the system.

    2. Re:When are they going to arrest... by Anonymous Coward · · Score: 0

      Can't speek to OS X but Android is so brain damaged as to not look much like Unix/Linux at all. Superior UNIX design is just that, superior but it doesn't keep people from doing stupid stuff.

    3. Re:When are they going to arrest... by trazom28 · · Score: 1

      They can't.. it's called "Job Security" for the digital crimes unit.

      --
      {} ------ When I think of a good sig, I'll put it here
    4. Re:When are they going to arrest... by lgw · · Score: 2, Insightful

      Are you still going on about pre-Vista Windows? Let it go man, let it go.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    5. Re:When are they going to arrest... by Anonymous Coward · · Score: 0

      Windows Vista/7/8 hasn't been any better really. 90% of computers are infected. It just so happen Microsoft controls around 90% of the market too. It's interesting how the numbers line up so perfectly. Then again Microsoft does release its OS with malware so I guess this shouldn't be too surprising. Even if it didn't though the statistics wouldn't change significantly. The OS is poorly designed.

      A lot of GNU/Linux distributions aren't much better sadly. And some are just as bad as MS Windows in at least some ways. Ubuntu for instance bundles malware now. They send your data to Amazon or otherwise collect it via there own servers. Now they may collect and discard it... but the problem still remains.

    6. Re:When are they going to arrest... by JDG1980 · · Score: 1

      Can't speek to OS X but Android is so brain damaged as to not look much like Unix/Linux at all.

      Actually, Android's security model is much better than the traditional Unix security model. The traditional Unix model is that the program is the user and has the same permission as if the user were manually doing the operation him/herself. This was designed in the 1970s when all users were coders, and makes no sense today when people download untrusted code from the Internet on a regular basis. Android's security model has fine-grained permissions, so an app has to specify in a manifest exactly what it wants to do, and these restrictions are enforced by the OS.

      It's true that other aspects of Android also do "not look much like Unix/Linux at all" but this is to its great credit. The traditional Unix/Linux design (a dozen different layers of crap on top of X11 on top of a console) is brain damaged and utterly unsuitable for end-user computing in the 21st century.

  6. Where is "here"? by Anonymous Coward · · Score: 0

    The summary is quite vague, and so is the article (from which it was just copied).

  7. Re:This is rather disconcerting. by Anonymous Coward · · Score: 0

    Reality Check: MS doesn't have a swat team that they bust people with with no prior approval. Everything has court oversight.

  8. Re:This is rather disconcerting. by bws111 · · Score: 1

    But it is so hard to read all the way to the first question of the interview.

  9. "remarkable success" by Anonymous Coward · · Score: 4, Insightful

    You mean how they play whack-a-mole with botnets and claim victory when they accidentally hit one, but stay curiously mum when the very same botnet pops up again only two weeks later?

    N'mind that they've been criminally lax in improving their software, creating a very easily planted very fertile ground for an entire flora and fauna of malware to grow and prosper in the first place. They created this "ecosystem" on a much grander scale than this "remarkable success" in taking down little pieces of it, for a short while.

    1. Re:"remarkable success" by recoiledsnake · · Score: 0

      N'mind that they've been criminally lax in improving their software

      They have added Secure Boot support in Windows 8 to precisely combat undetectable malware, yet we have people blaming them for it.

      --
      This space for rent.
    2. Re:"remarkable success" by h4rr4r · · Score: 2

      Because what was wanted was to prevent drive by installs and that sort of thing. Secure boot is a whole other kettle of fish.

      It is about letting MS and the MPAA own your machine, security is only a side effect.

    3. Re:"remarkable success" by CastrTroy · · Score: 1

      Exactly. They walk a very fine line between people complaining that they're locked out of their own computer, and allowing viruses to just run rampant on the system. They could probably make a very secure system, but people would complain too much because all their applications would have to come vetted from MS and it would be like running IOS on your desktop.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    4. Re:"remarkable success" by Anonymous Coward · · Score: 0

      You and gramps didn't hear the jet-powered whoosh while typing that?

      Secure boot is entirely the wrong thing at least twenty years late. The horse has bolted and they're not even trying to shut the barn. Instead they institute mandatory badge access systems (which they control, not the owner of the barn) for the humans. Syeah, that'll help.

    5. Re:"remarkable success" by Anonymous Coward · · Score: 0

      they have implemented secure boot to prevent people from instaling operating systems other than microsoft.

      But that is what microsoft's version of "virus", is now, and always has been, "anyone who competes or threatens microsoft"

      not "anyone who threatens the user"

      Windows IS unwanted software and any code that prevents me from using something else is malware.

    6. Re:"remarkable success" by 10101001+10101001 · · Score: 1

      They could probably make a very secure system, but people would complain too much because all their applications would have to come vetted from MS and it would be like running IOS on your desktop.

      Um...yeah...perhaps you've never heard of 'iOS jailbreaking"? Seriously, even with MS vetted drivers (a mandatory part of 64-bit Windows), almost entirely non-Admin user programs (because of how Windows is designed, there are a handful of MS programs that run at higher privilege to provide the Win32/64 environemnt), things like stack smashing protection, data execution prevention, randomized application offsets, and even sandboxing (admittedly, only rarely done), Pown2Own still clearly shows that IE and Windows 8 are vulnerable. Slapping on Secure Boot wouldn't do a damn thing. And the idea that MS can successfully vet software just falls flat on its face when it fails to adequate protects is own software--unless you think that's some sort of conspiracy.

      No, in all seriousness, writing secure software is incredibly hard. My personal problem with MS has more to do with their marketing of Windows as "secure" and "robust" for ages--it was a big selling point as far back as NT 4.0 (probably sooner). And in retrospect, we can see that that was either ignorant/arrogant optimism or just marketer bullshit. I'd contribute it to both, and I don't see the situation changing.with MS or any other non-conservative organization. Really, OpenBSD is about the closest you'll ever get to a secure/robust system, but even there that really translates into a box with very limited software options--anything more and you've stepped out of vetted secure/robust.

      PS - And yea, I'd say just about every *nix is guilty of overclaiming robustness and security. The big differences is the degree and just how much it's the organization itself and its many members/fans. I really don't see the same sort of out-of-the-horses-mouth BS that you see in MS PR (or just about any company PR, really). But, to know that's the nature of the beast sort of proves the point on why your claims seem absurd.

      --
      Eurohacker European paranoia, gun rights, and h
  10. Re:This is rather disconcerting. by Anonymous Coward · · Score: 0

    Not Microsoft, just Ballmer. I could see him doing that. He's a big guy.

  11. So if this was so important by Anonymous Coward · · Score: 0

    Why isn't this a branch of the FBI?

    1. Re:So if this was so important by bws111 · · Score: 1

      You mean like this ?

  12. I was going to say by IWantMoreSpamPlease · · Score: 3, Funny

    that the great digital crime of recent note was Windows 8, but I've been beaten to the punch, several times already.

    --
    So rise up, all ye lost ones, as one, we'll claw the clouds.
  13. Shills by Anonymous Coward · · Score: 0

    Looks like the anti-MS shills are spamming Slashdot's comment section again.

    1. Re:Shills by bornagainpenguin · · Score: 1

      Looks like the anti-MS shills are spamming Slashdot's comment section again.

      Who needs shills when your competition has been diligently chumming the water in which they live for a decade or two? Microsoft has earned its hatred in this industry, one pissed off user at a time. To pretend this entirely predictable reaction is the work of shills only betrays your own allegiance and paid for status...

      --
      Have a Virgin Mobile USA smartphone? Give VMRoms.com a try!
  14. Re:This is rather disconcerting. by Anonymous Coward · · Score: 0

    Why not create a Linux variant? Penguin badges and stuff...... it'll be cool!

  15. Re:This is rather disconcerting. by Anonymous Coward · · Score: 0

    Why not create a Linux variant? Penguin badges and stuff...... it'll be cool!

    Anyone want to join my newly formed gNSA? apply below

  16. su and then rm -rf / by tepples · · Score: 1

    How come the "Superior UNIX design" that have lead to tens of thousands of +5 Insightful Slashdot posts over the years doesn't protect Android and OS X?

    UNIX does nothing to stop the owner of a computer system from wiping out all files by doing su and then rm -rf / or similar. There are only two ways to stop a device's owner from doing that: education, or taking administrative privileges away from the device's owner.

  17. Windows RT by tepples · · Score: 1

    As I understand it, people blame Microsoft for adding Secure Boot support to Windows 8 because of what Microsoft did to the companion product Windows RT at the same time. Microsoft forbids manufacturers of devices that ship with Windows RT from allowing the user to disable or otherwise reconfigure Secure Boot. Devices with an x86 CPU MUST allow user configuration of Secure Boot, but devices with an ARM CPU MUST NOT.

    1. Re:Windows RT by recoiledsnake · · Score: 2

      Yet Apple gets a free pass on iPads, same with firms such as Motorola. How much is WindowsRT selling and how much of a threat is it to freedom compared to the iPad?

      --
      This space for rent.
    2. Re:Windows RT by tepples · · Score: 1

      Yet Apple gets a free pass on iPads

      Since when?

  18. Ever heard of a private eye? by tepples · · Score: 1

    Microsoft's Digital Crimes Unit exists alongside the FBI's cyber-crime efforts for the reason that any other private investigation firm exists alongside a police force.

  19. Most fitting by Anonymous Coward · · Score: 0

    MS knows it all about crimes.

  20. Law and Order: Digital Crimes Unit by Anonymous Coward · · Score: 0

    Can't wait. If nothing else it has to be better than the CI.

  21. Re:This is rather disconcerting. by Cyberax · · Score: 1

    Law enforcement? I think you're confused. This unit is created specifically to commit crimes!

  22. Re:This is rather disconcerting. by Razgorov+Prikazka · · Score: 1

    But if youre finally at the questions, things go from bad to worse. One would expect a "Digital Crimes Unit" to:
      - investigate security holes (preferably before shiping it out)
      - make sure that virus-makers dont have a chance.
      - find, cage and string up the idiot that makes Win8 harder to get rid of than a bad case of Herpes.
      - see to it that three-letter-agency's (both US and nonUS) place backdoors in MS software.
      - Explosions, romance, fast car's, flashing badges and glue-on-moustaches

    But noooooooh... They really rather cry about the baddies making stupid botnets.
    DCU, pffff what a laugh </roll-eyes>

    --
    rm -rf --no-preserve-root / ...and let /dev/null sort them out...
  23. Re:This is rather disconcerting. by Synerg1y · · Score: 1

    They're not actually doing anything illegal. The situation is like this: the offenders are in plain sight on the internet, they don't bother hiding because there is nobody policing where they're enacting their schemes.

    MS is exposing them to authorities basically doing their legwork for them in tracking down these criminals.

    They have motivation to do it too, its their systems that are most often affected by these criminals, so they are being uncannily pro-active about it.

    It's the rare sight of corporate America giving back to the community. So rare in fact, people seem confused by it.

  24. Re:This is rather disconcerting. by Anonymous Coward · · Score: 0

    Next on the agenda: obtaining authority from the US gov to form MS SWAT. Past that a small militia...

  25. Re:This is rather disconcerting. by lister+king+of+smeg · · Score: 1

    Ok just one question first; Do we get to ride into battle on the back of a rampaging gnu leading a hoard of penguins and fight iNinjas?

    --
    ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  26. Its a crime to stop supporting XP by Anonymous Coward · · Score: 0

    Its a crime to stop supporting XP next year and then we will be forced to buy those gawd awful Windows 8 machines. Xp should go on to open source after Microsoft stops supporting it.

  27. Re: This is rather disconcerting. by hAckz0r · · Score: 2
    No. Its all about the appearance of being proactive as to minimize their legal liability. Face it, its cheeper than the alturnative.

    If they really wanted to 'stop crime' as their top objective they could just make a more secure product, starting by ejecting all the useless legacy code that lets the bad guys win without hardly trying. Its hard to make a secure design starting from a block of swiss cheese. There are more things they could do to make crime harder than I could ever possibly list in this limited space.

  28. Re: This is rather disconcerting. by Anonymous Coward · · Score: 0

    Even if they had a more secure OS there would still be exploits in it and they'd still need the DCU. Don't be stupid and naive.

  29. So its not a conspiracy! by Anonymous Coward · · Score: 0

    Microsoft now has an official department to commit digital crime!

  30. Inside microsofts digital framing unit by Anonymous Coward · · Score: 0

    Microsoft has traditionally been a company that ignores everyone's truth and substitutes they're own. They have the credibility of a politician at a baby kissing contest.

  31. Hmmm by Lost+Penguin · · Score: 1

    What crimes does this branch of Microsoft commit that the other branches do not?

    --
    I am the unwilling control for my Origin.