Slashdot Mirror
Microsoft Settles With No-IP After Malware Takedown
Trailrunner7 (1100399) writes It's been a weird couple of weeks for Microsoft. On June 30 the company announced its latest malware takedown operation, which included a civil law suit against Vitalwerks, a small Nevada hosting provider, and the seizure of nearly two dozen domains the company owned. Now, 10 days later, Microsoft has not only returned all of the seized domains but also has reached a settlement with Vitalwerks that resolves the legal action. Some in the security research community criticized Microsoft harshly for what they saw as heavy handed tactics. Within a few days of the initial takedown and domain seizure Microsoft returned all of the domains to Vitalwerks, which does business as No-IP.com. On Wednesday, the software giant and the hosting provider released a joint statement saying that they had reached a settlement on the legal action. "Microsoft has reviewed the evidence provided by Vitalwerks and enters into the settlement confident that Vitalwerks was not knowingly involved with the subdomains used to support malware. Those spreading the malware abused Vitalwerks' services," the companies said in a joint statement. "Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware. The parties have agreed to permanently disable Vitalwerks subdomains used to control the malware."
"We did the thing we should have done in the first place after some guys pointed out what a bunch of dumb motherfuckers we'd been."
Microsoft fucked up, again.
It's the law. According to an American judge.
Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware.
Yeah, if waking up one day to find that most of your business has been handed over to another company is what passes for "notification" these days.
I hope Microsoft paid them handsomely.
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
If only the idiot judge that approved the request for injunction had demanded to see some factual evidence that No-IP was actively aiding from the two bot herders also listed in the motion instead of just taking Microsoft's flimsy insinuations for it. Plus, it might have helped if the judge had given No-IP the chance to defend themselves before court instead of permitting the ex-parte session.
I hope they got a lot of money from Microsoft. They lost me as a paying customer because I cannot rely on their service anymore.
The judge who made all this shit possible needs to have his creds pulled asap.
I always find it funny to see Microsoft using legal actions to fight malware rather than just fix the problem...
...an unnamed small Nevada hosting provider was the subject of an intense and unannounced BSA audit on Thursday...
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
Yeah, right, like malware only runs on Windows.... The real problem is that a lot of ISPs take a lot of time (if ever) to do anything about this. You really think that nobody has reported this before MS decided to take action?
Perl Programmer for hire
If you think about it, Microsoft has a close relationship with the NSA - see the _NSAKey scandal.
Routing all traffic No-ip traffic through MS controlled servers, it can safely be assumed the data was routed to the NSA.
The full list of no-ip names and associated internet addresses (and thus identities of the users) I think could be a very valuable thing for the government.
It smells wrong.
Even if they may have jumped the gun in this case, at least somebody's out there trying to do some enforcement.
How does this spin with Microsoft as the bad guy?
The thread the other day was one way to spin MS as the bad guy . . . but this goes in another direction. Can we reverse the spin?
I don't like Redmond, but all the /. tail chasing's got me dizzy.
If Microsoft wasn't the "bad guy", why offer a settlement less than two weeks later?
For some reason I feel like doubting the sincerity of this statement.
...would be shutting down these god damn Windows machines that are infected zombies taking on the malicious tasks that this whole damn situation is about. No-IP is nothing without Microsoft's infected junk spewing garbage and infections all over the Internet. It's not like Microsoft doesn't hold the keys to immobilize a system running their own operating system anyway, they have the kill switch built right in to the OS before you even buy the license to run it in the form of WGA.
Microsoft portrayed No-IP as primarily a business making money from botnet operators, but Microsoft only listed a few hundred subdomain names that were implicated. Compared to what I imagine is hundreds of thousands, or millions (or tens of millions) of subdomain names that No-IP must support to have a viable business, it's a tiny fraction.
The real "Libtards" are the Libertarians!
Any update on the Qualcomm DMCA takedowns at Github?
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
Azure doesn't scale. The load placed on if by redirecting the domains was probably far less than the surge that a suddenly-popular web host might encounter, yet it failed miserably.
Microsoft might not have to pay any monetary damages for the havok they caused, but they might get a hit to their pocketbooks anyway.
People looking to move their operations to the "cloud" would do well to look at this performance, and consider what might happen to *their* traffic...
Who made Microsoft the fucking internet police anyway?
Weaselmancer
rediculous.
They are the malware and they think they are above the law.
1) We're da boss. We will crush you. What you say, or what evidence you provide, is irrelevant.
2) Media fanfare. We're nice, really we are! Evil is not us, it's this helpless victim we crushed for your good!
3) Settlement. Problem solved, mischief managed, enemies/innocent parties crushed. Maybe even plausible deniability as a bonus.
4) Profit!?
We had over 50 customers with DVR, CCTV and various other services running using no-ip paid domains effectively shutdown during this time.. Hopefully no-ip will pass the buck they get not just the problem caused by MS. All our customers that were affected are using DHCP based internet connections either because STATIC IP's were too expensive for them or didn't fit with their business needs. I love how one company can back door another and effectively neuter them but the end user is really the one screwed
It wasn't a load problem. The setup was just wrong (recursive resolvers used as authoritative servers didn't answer non-recursive queries correctly). It wouldn't have worked if Microsoft had given it all the CPU power and network capacity in the world. Garbage in, garbage out.
How many people (especially children) died while the security cameras, VIOP phones, and/or security systems were down?
It took more than 250 milliseconds to respond to a query while the ping time was around 100 milliseconds. I would say it was definitly a load problem too.
The takeaway is either:
1. No business should use Azure because Azure doesn't scale. OR:
2. No business should rely on Microsoft services, because Microsoft does not have the necessary competence.
This is only the latest in a line of screwups by Microsoft in their service offerings.
The real "Libtards" are the Libertarians!
UK e-petition against domain domain seizures:
http://epetitions.direct.gov.uk/petitions/67055
"To deter foreign entities from hijacking internet domains owned by UK citizens, where no crime has been committed in the UK by the domain owner in the UK, or its customers that use domain services in the UK (who have been entirely innocent parties), then they should be entitled to compensation from foreign parties that have hijacked the internet domain despite laws that have evolved to become legal domain hijacking in a foreign country."
Yeah, right, like malware only runs on Windows.
Not all of it, just 98.27% of all malware last year.
Instead of doing the right thing and approaching the hosting provider, Microsoft acted as a bully and took action that hurt many innocent customers. It is the role of law enforcement to take action against criminals, not some company or individual that feels they are above the law.
Computer crimes are a growing problem internationally that needs better coordination between law enforcement agencies around the world. There does need to be better mechanisms for dealing with hacking, SPAM, phishing, DDoS attacks, invasion of privacy and other crimes. While companies and individuals should have a role in supporting this action, they should not be taking direct action, particularly when they target the wrong people. Hosting companies should be give the normal presumption of innocence, notified of illegal activities using their services and be given the opportunity to take action. Only when the actively participate or continue to facilitate criminal activity should action be taken against them by the appropriate authorities.
The idea of a presumption of innocence is lost on many companies, as shown in the pursuit of DRM and other copy protection measures in the name of piracy, they do little to slow down the pirates but end up hurting their paying customers. When customers give up in disgust and stop buying their products, the lost sales are blamed on piracy... People or organisations that have lost touch with reality should not be acting as police.
Since all the traffic were directed to Microsoft servers, how many URLs, deep links, camera URLs, port numbers, protocols etc got logged???
How many servers were set up to do all this?
And how many years did the preparations take to write the software and prepare all the servers?
And when all this logge informaton is sold, how long before it all turns into one massive security nightmare?
How much will NSA trolls pay for this logged information?
And is that anywhere near the amount of money settled with Vitalwerks?
I run an ISP. Is it kosher for me to block all IE browser traffic? After all, IE is one of the largest vectors of malware infections on earth. At least I'd be "out there doing some enforcement."
Microsoft enforcement policy: "Ready! Fire! Aim!"
BTW, I didn't see where Microsoft apologized for their actions to the Internet community.