Microsoft Disables Kelihos Botnet

Trailrunner7 writes with an excerpt from an article in Threatpost: "Continuing its legal assault on botnet operators and the hosting companies that the criminals use for their activities, Microsoft has announced new actions against a group of people it contends are responsible for the operation of the Kelihos botnet. The company has also helped to take down the botnet itself and says that Kelihos's operators were using it not only to send out spam and steal personal information but also for some more nefarious purposes."

They could disable the majority of botnets

[Hentes]

They are the ones who really could do much against botnets by patching Windows vulnerabilities.

Re:They could disable the majority of botnets

[Krojack]

No matter how much you patch, you can't patch stupid people that click on the fake ads and scam emails.

Re:They could disable the majority of botnets

[Riceballsan]

Now that's crazy talk, in the modern day society hackers and criminal geniouses will get past anything, companies being liable for their own flaws is a foreign concept. The best response is to reactively find and imprison the hackers. It's not sony's fault that they were using an out of date unpatched version of apache, it's the small group of script kiddies that realized it. The sad thing is right now security is so universally terrible, people actually are starting to believe that these breaches are caused by super hackers that can break into anything, rather then by amuatures taking advantage of huge gaping holes. The idea of computers somehow changes peoples minds to believe in supergeniouses. If a group of high schoolers snuck into a bank, and plastered grafiti on the walls and xeroxed customer data, 10% of the anger would go to the kids, 90% to the banks terrible security. If a group of high schoolers defaced the banks webpage "OMG they are super genious criminals, ship them to guantanemo bay!!!"

Oh, come on. Give them their credit.

[xyourfacekillerx]

For those who can't stomach Microsoft not being evil 100% of the time. It's not like they were really compelled to do this at their own expense. They did the world a favor; no matter how bitter you are at Microsoft for whatever reason, taking down a botnet and identifying an operator is still a good thing. We're not talking lesser of two evils. We're talking about an objectively undeniable good act. Props to MS, I'm glad they did this.

Re:Oh, come on. Give them their credit.

[Riceballsan]

50/50 there. I do half applaud microsoft for helping to take down part of a threat to their users, in this instance I applaud it, while being terrified of it at the same time. While it is awsome to see large companies helping out with law enforcement to things that hurt their users, it also sets a scary precident. We are allowing large companies to become law enforcement on their own. As we accept it for the things that hurt the little people, they slowly leverage their way into using it to help themselves and hurt the little people. The same legislation that gives microsoft the power to disconect a botnet, will give them power to disconect the pirate bay. Everyone loves a superhero with the power to do good and deliver sweet vigilante justice where the law has failed, but lets face it, in the real world if we could actually give someone superpowers, it would be an 80% chance that it would come back to bite us. The hero would protect the group he likes, and leave the others to fend for themselves. When our best interest and microsoft's best interest are one and the same that is awsome, but what happens when they shift?