Slashdot Mirror

← Back to Stories (view on slashdot.org)

Inside the Microsoft Digital Crimes Unit

Posted by timothy on from the private-justice dept.

Trailrunner7 writes "The Microsoft Digital Crimes Unit has been spearheading botnet takedowns and other anti-cybercrime operations for many years, and it has had remarkable success. But the cybercrime problem isn't going away anytime soon, so the DCU is in the process of building a new cybercrime center here, and soon will roll out a new threat intelligence service to help ISPs and CERT teams get better data about ongoing attacks. Dennis Fisher sat down with TJ Campana, director of security at the DCU, to discuss the unit's work and what threats could be next on the target list."

29 of 54 comments (clear)

  1. Wait a minute by NoNonAlphaCharsHere · · Score: 5, Funny

    Is this an article about how the Windows 8 UI was designed?

    1. Re:Wait a minute by NoNonAlphaCharsHere · · Score: 4, Funny

      Not to worry, somebody already modded it with a "Troll", which is even funnier...

    2. Re:Wait a minute by Bud · · Score: 1

      Is this an article about how the Windows 8 UI was designed?

      Or about how they kept the world's population hostage with Clippy the Paperclip? I mean, when they heard Clippy was going to be removed from the next version of Office, around 350 million people upgraded straight away.

      Or is it about how Microsoft is paying 500 million (USD, EUR, whatever) in fines every couple of years, in order to keep doing business as a software monopoly? That is probably the most brilliant crime by the Microsoft Digital Crimes Unit ever!

  2. Re:This is rather disconcerting. by recoiledsnake · · Score: 2

    I want to know exactly what idiot gave Microsoft the authority to create a law enforcement unit other than their jackbooted licensing audit thugs from the Business Software Alliance.

    Needs a judge's approval.

    But we’re very careful about how we do this. We’re not just going out there shooting stuff. We walk in with a pile of legal documents. We’re asking for a judge to agree with what we found.

    --
    This space for rent.
  3. Re:This is rather disconcerting. by SJHillman · · Score: 1

    You don't actually think Microsoft is going around kicking in doors, do you? They're mostly working as a legal presence or as a team of civilian experts assisting law enforcement and everything goes through a judge.

  4. When are they going to arrest... by Viol8 · · Score: 4, Insightful

    ... the Windows development team for allowing such a security swiss cheese of an operating system to escape from the lab and the marketing team for trying to sell to innocent consumers?

    1. Re:When are they going to arrest... by Nerdfest · · Score: 4, Informative

      Isn't almost every single instance of Android malware a Trojan? In the case of Windows, for years a large percentage was drive-by exploits of IE, ActiveX, and just about every other part of the system.

    2. Re:When are they going to arrest... by trazom28 · · Score: 1

      They can't.. it's called "Job Security" for the digital crimes unit.

      --
      {} ------ When I think of a good sig, I'll put it here
    3. Re:When are they going to arrest... by lgw · · Score: 2, Insightful

      Are you still going on about pre-Vista Windows? Let it go man, let it go.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    4. Re:When are they going to arrest... by JDG1980 · · Score: 1

      Can't speek to OS X but Android is so brain damaged as to not look much like Unix/Linux at all.

      Actually, Android's security model is much better than the traditional Unix security model. The traditional Unix model is that the program is the user and has the same permission as if the user were manually doing the operation him/herself. This was designed in the 1970s when all users were coders, and makes no sense today when people download untrusted code from the Internet on a regular basis. Android's security model has fine-grained permissions, so an app has to specify in a manifest exactly what it wants to do, and these restrictions are enforced by the OS.

      It's true that other aspects of Android also do "not look much like Unix/Linux at all" but this is to its great credit. The traditional Unix/Linux design (a dozen different layers of crap on top of X11 on top of a console) is brain damaged and utterly unsuitable for end-user computing in the 21st century.

  5. Re:This is rather disconcerting. by bws111 · · Score: 1

    But it is so hard to read all the way to the first question of the interview.

  6. "remarkable success" by Anonymous Coward · · Score: 4, Insightful

    You mean how they play whack-a-mole with botnets and claim victory when they accidentally hit one, but stay curiously mum when the very same botnet pops up again only two weeks later?

    N'mind that they've been criminally lax in improving their software, creating a very easily planted very fertile ground for an entire flora and fauna of malware to grow and prosper in the first place. They created this "ecosystem" on a much grander scale than this "remarkable success" in taking down little pieces of it, for a short while.

    1. Re:"remarkable success" by h4rr4r · · Score: 2

      Because what was wanted was to prevent drive by installs and that sort of thing. Secure boot is a whole other kettle of fish.

      It is about letting MS and the MPAA own your machine, security is only a side effect.

    2. Re:"remarkable success" by CastrTroy · · Score: 1

      Exactly. They walk a very fine line between people complaining that they're locked out of their own computer, and allowing viruses to just run rampant on the system. They could probably make a very secure system, but people would complain too much because all their applications would have to come vetted from MS and it would be like running IOS on your desktop.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    3. Re:"remarkable success" by 10101001+10101001 · · Score: 1

      They could probably make a very secure system, but people would complain too much because all their applications would have to come vetted from MS and it would be like running IOS on your desktop.

      Um...yeah...perhaps you've never heard of 'iOS jailbreaking"? Seriously, even with MS vetted drivers (a mandatory part of 64-bit Windows), almost entirely non-Admin user programs (because of how Windows is designed, there are a handful of MS programs that run at higher privilege to provide the Win32/64 environemnt), things like stack smashing protection, data execution prevention, randomized application offsets, and even sandboxing (admittedly, only rarely done), Pown2Own still clearly shows that IE and Windows 8 are vulnerable. Slapping on Secure Boot wouldn't do a damn thing. And the idea that MS can successfully vet software just falls flat on its face when it fails to adequate protects is own software--unless you think that's some sort of conspiracy.

      No, in all seriousness, writing secure software is incredibly hard. My personal problem with MS has more to do with their marketing of Windows as "secure" and "robust" for ages--it was a big selling point as far back as NT 4.0 (probably sooner). And in retrospect, we can see that that was either ignorant/arrogant optimism or just marketer bullshit. I'd contribute it to both, and I don't see the situation changing.with MS or any other non-conservative organization. Really, OpenBSD is about the closest you'll ever get to a secure/robust system, but even there that really translates into a box with very limited software options--anything more and you've stepped out of vetted secure/robust.

      PS - And yea, I'd say just about every *nix is guilty of overclaiming robustness and security. The big differences is the degree and just how much it's the organization itself and its many members/fans. I really don't see the same sort of out-of-the-horses-mouth BS that you see in MS PR (or just about any company PR, really). But, to know that's the nature of the beast sort of proves the point on why your claims seem absurd.

      --
      Eurohacker European paranoia, gun rights, and h
  7. Re:So if this was so important by bws111 · · Score: 1

    You mean like this ?

  8. I was going to say by IWantMoreSpamPlease · · Score: 3, Funny

    that the great digital crime of recent note was Windows 8, but I've been beaten to the punch, several times already.

    --
    So rise up, all ye lost ones, as one, we'll claw the clouds.
  9. su and then rm -rf / by tepples · · Score: 1

    How come the "Superior UNIX design" that have lead to tens of thousands of +5 Insightful Slashdot posts over the years doesn't protect Android and OS X?

    UNIX does nothing to stop the owner of a computer system from wiping out all files by doing su and then rm -rf / or similar. There are only two ways to stop a device's owner from doing that: education, or taking administrative privileges away from the device's owner.

  10. Windows RT by tepples · · Score: 1

    As I understand it, people blame Microsoft for adding Secure Boot support to Windows 8 because of what Microsoft did to the companion product Windows RT at the same time. Microsoft forbids manufacturers of devices that ship with Windows RT from allowing the user to disable or otherwise reconfigure Secure Boot. Devices with an x86 CPU MUST allow user configuration of Secure Boot, but devices with an ARM CPU MUST NOT.

    1. Re:Windows RT by recoiledsnake · · Score: 2

      Yet Apple gets a free pass on iPads, same with firms such as Motorola. How much is WindowsRT selling and how much of a threat is it to freedom compared to the iPad?

      --
      This space for rent.
    2. Re:Windows RT by tepples · · Score: 1

      Yet Apple gets a free pass on iPads

      Since when?

  11. Ever heard of a private eye? by tepples · · Score: 1

    Microsoft's Digital Crimes Unit exists alongside the FBI's cyber-crime efforts for the reason that any other private investigation firm exists alongside a police force.

  12. Re:This is rather disconcerting. by Cyberax · · Score: 1

    Law enforcement? I think you're confused. This unit is created specifically to commit crimes!

  13. Re:This is rather disconcerting. by Razgorov+Prikazka · · Score: 1

    But if youre finally at the questions, things go from bad to worse. One would expect a "Digital Crimes Unit" to:
      - investigate security holes (preferably before shiping it out)
      - make sure that virus-makers dont have a chance.
      - find, cage and string up the idiot that makes Win8 harder to get rid of than a bad case of Herpes.
      - see to it that three-letter-agency's (both US and nonUS) place backdoors in MS software.
      - Explosions, romance, fast car's, flashing badges and glue-on-moustaches

    But noooooooh... They really rather cry about the baddies making stupid botnets.
    DCU, pffff what a laugh </roll-eyes>

    --
    rm -rf --no-preserve-root / ...and let /dev/null sort them out...
  14. Re:This is rather disconcerting. by Synerg1y · · Score: 1

    They're not actually doing anything illegal. The situation is like this: the offenders are in plain sight on the internet, they don't bother hiding because there is nobody policing where they're enacting their schemes.

    MS is exposing them to authorities basically doing their legwork for them in tracking down these criminals.

    They have motivation to do it too, its their systems that are most often affected by these criminals, so they are being uncannily pro-active about it.

    It's the rare sight of corporate America giving back to the community. So rare in fact, people seem confused by it.

  15. Re:This is rather disconcerting. by lister+king+of+smeg · · Score: 1

    Ok just one question first; Do we get to ride into battle on the back of a rampaging gnu leading a hoard of penguins and fight iNinjas?

    --
    ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  16. Re: This is rather disconcerting. by hAckz0r · · Score: 2
    No. Its all about the appearance of being proactive as to minimize their legal liability. Face it, its cheeper than the alturnative.

    If they really wanted to 'stop crime' as their top objective they could just make a more secure product, starting by ejecting all the useless legacy code that lets the bad guys win without hardly trying. Its hard to make a secure design starting from a block of swiss cheese. There are more things they could do to make crime harder than I could ever possibly list in this limited space.

  17. Re:Shills by bornagainpenguin · · Score: 1

    Looks like the anti-MS shills are spamming Slashdot's comment section again.

    Who needs shills when your competition has been diligently chumming the water in which they live for a decade or two? Microsoft has earned its hatred in this industry, one pissed off user at a time. To pretend this entirely predictable reaction is the work of shills only betrays your own allegiance and paid for status...

    --
    Have a Virgin Mobile USA smartphone? Give VMRoms.com a try!
  18. Hmmm by Lost+Penguin · · Score: 1

    What crimes does this branch of Microsoft commit that the other branches do not?

    --
    I am the unwilling control for my Origin.