Microsoft Secretly Beheads Notorious Waledac Botnet

Barence writes "Microsoft has quietly won court approval to deactivate 277 domain names that are being used to control a vast network of infected PCs. The notorious Waledac botnet is being used by Eastern European spammers to send 1.5 billion spam messages every day, and infect hundreds of thousands of machines with malware. In a suit filed in the US District Court of Eastern Virginia, Microsoft accused 27 unnamed defendants of violating federal computer crime laws. It further requested that domain registrar Verisign temporarily deactivate the domains, shutting down the control servers being used to send commands to the machines. The request was secretly approved by District Judge Leonie Brinkema, allowing the action to be taken covertly, preventing Waledac's operators from switching domains."

Good work...

[avarus]

...but where will I get all my v14gra now??

Re:

[secondhand_Buddah]

Send me your email address. I'm sure I could arrange something..

Re:

[commodore64_love]

How about some cheap Propecia? I'm tired of paying 3 dollars per pill (per day).

Re:

[NatasRevol]

You spend more than $1000 per year instead of accepting that you're going bald?

It's a whole lot cheaper to just go bald.

There, I saved you $3/day.

One step toward active botnet fighting?

[jeffmeden]

This is nice (if reactionary) but how long before we can get a court order to legally fight the botnet by 'infecting' the target computers with a patch, or at least some sort of message that warns the user to seek help?

Would Microsoft ever go that far? Would that be admitting that the only solution to the holes in Windows is vigilantism?

Reactionary?

[aussersterne]

I do not think that word means what you think it means.

Re:

[characterZer0]

When you can prove that your patch will in no way adversely affect any computer that it is installed on.

Re:

[derGoldstein]

There's a joke to be made here about how disabling windows does not "adversely affect" a computer... But somebody funnier than I am should make it.

MS is already doing that.

[leuk_he]

Ever heard of Malicious Software Removal Tool [microsoft.com] that is rolled out in in the monthly patch cycle. It kills software MS deems bad. No court approval for that.

Re:MS is already doing that.

[WCguru42]

Ever heard of Malicious Software Removal Tool [microsoft.com] that is rolled out in in the monthly patch cycle. It kills software MS deems bad. No court approval for that.

No court approval needed, you clicked that you agreed with the TOS, EULA, description of what these files contain. Last time I used MS update (admittedly over a year ago) each download had it's own name. If there was a name like Malicious Software Removal Tool I would definitely take a peek inside the description to see exactly what it was doing.

This brings us back to the whole user issue. Most users accept all updates from MS (and pretty much any software vendor) without even so much as looking at the titles of the files their downloading. Maybe if people took a little more responsibility they wouldn't be surprised as to why their friendly purple gorilla buddy disappeared (I thought that thing had died years ago but I just saw him on someone's computer in the library last week).

Re:

[gparent]

Not just implicit. The first time I ran it on XP, I had to explicitly accept.

Re:One step toward active botnet fighting?

[Saint Fnordius]

It actually has come to the point where botnets are actively removing other malware from the infected computer, much like a parasite killing off other parasites so that it has sole possession of the host.

Re:

[WrongSizeGlass]

It's true. competition is still competition ... and there's nothing better than a monopoly - especially if you are an infection.

Re:One step toward active botnet fighting?

[derGoldstein]

I'm waiting for the visualization software that will display the fight. Maybe you could place bets...

Contingencies

[flink]

Even if the control machines loose DNS resolution, might not the botnet be configured to fall back to connecting to well known IP addresses to accept commands? Seems like the logical thing to do if you are creating an illegal network...

Re:

[Cyner]

1. If they were smart it's easier to make money legally than illegally.
2. They have quite a few domains for a reason, and normally they don't all go dark at the exact same well-coordinated time.

Re:Contingencies

[Clover_Kicker]

1. If they were smart it's easier to make money legally than illegally.

Really?

Re:Contingencies

[L4t3r4lu5]

Indeed. I was just thinking "Hey, I could go out to work for a month, do 8 hours a day in a confined space staring at a computer screen, being breathed on by a boss who thinks that 30 seconds on /. is a sackable offence, stressed out of my mind as my skillset is quite over-subscribed at the moment and if I lose my job I'll be in a highly competitive workplace, or I could pull a kitchen knife from my home, go around to the closest atm, wait for someone to stick in their pin, and have all of their money!"

Work isn't easy. If it was, we wouldn't be paid to do it.

No, work is easy

[SmallFurryCreature]

If you break your leg tomorrow. Were is your money coming from? Right, your boss. Sick leave. Burglers haven't got it.

Neither can you boss turn out to be carrying a gun and blow your brains out rather then pay you.

If you botch up your work, you won't land in a small cell with a guy named Bubba who likes you very very much.

You ex-gf can't turn you into your boss, even if you really screwed up.

A live of crime sound easy, but it isn't. If it was, more people would do it.

Take the pirates of somalia, sounds like easy money, but how many regular sailors can have their brains blown out by a sniper and nobody gives a damn? And if you think it sucks that your wife wants your wages, wait till you have to deal with the crime hierarchy. They are like the IRS, but not as nice. Oh, and then there is the IRS who can hook you up with Bubba again if you can't account for every penny in your pocket.

Re:No, work is easy

[PopeRatzo]

Sick leave. Burglers haven't got it.

And increasingly, American workers haven't got it either, along with health care, retirement and other benefits. Shit, more and more American workers don't even have Saturdays off any more.

Companies love contract workers just for that reason.

Ask the "tech workers" around here, whether their working conditions, hours and benefits have increased or decreased every year since 1980.

Re:

[nedlohs]

I doubt you'll earn more money robbing ATM users with your kitchen knife than an office job.

ATMs have limits on withdrawals, people going to an ATM tend to be doing so because they don't have much cash on them.

At some point you'll pick the wrong guy and get shot, or get caught and go to jail.

Small time armed robbery sounds to me like the one of the worst ways to earn a living through crime too - the punishments are reasonably high, the risk of being identified and then caught are reasonably high, the risk o

Re:Contingencies

[PopeRatzo]

I doubt you'll earn more money robbing ATM users with your kitchen knife than an office job.

That's why counterfeiting is the way to go. You don't have to employ violence, you just print your own money.

Counterfeiters are the princes of thieves, IMO.

But truly, the way to succeed here in America, statistically, is to be born to a rich family. It's the #1 predictor of whether or not you will be well-off during your life. If you're born poor, you have less chance to move up the social/economic scale than if you were born in Germany, Denmark, Finland, Sweden, Norway, Ireland, France...

The notion that "anybody can make it in the US if they work hard" is a fairy tale.

Seriously. Be born rich. That's the way to go.

Re:

[Ungrounded Lightning]

That's why counterfeiting is the way to go. You don't have to employ violence, you just print your own money.

But to be successful at it AND avoid having the Secret Service come down on you, you need to do it by owning a Federal Reserve Bank.

Re:Contingencies

[DJoffe]

The notion that "anybody can make it in the US if they work hard" is a fairy tale.

Seriously. Be born rich. That's the way to go.

The notion that the notion is a fairytale is a fairytale. People love to blindly spread memes like this because they enjoy feeling sorry for themselves, but it simply isn't true:

Rags To Riches Billionaires [forbes.com]: "Almost two-thirds of the world's 946 billionaires made their fortunes from scratch, relying on grit and determination"

That doesn't mean everyone can end up a billionaire, but it's simply false that this notion that 'anyone can make it' is a fairytale; it's borne out on practically a daily basis. If you open your eyes and look, you'll find true-life rags-to-riches story under every second stone you turn --- especially in the USA, but also these days frequently in places like China. But yeah, not everyone is born hard-working, I guess, so keep sitting and feeling sorry for yourself and you'll definitely ensure that nothing ever changes for you.

Rags to Riches CEOs [minyanville.com]

7 greatest celebrity rags to riches stories [peoplejam.com]

Rags to Riches [arabianbusiness.com]

Entrepreneur takes women from rags to riches [iol.co.za]

Rags to Riches billionaires [forbes.com]

Asian American Rags to Riches Sagas [goldsea.com]

Case Study: From Rags to Riches (Brenda French) [womenslead...change.com]

Cordia Harrington: From Rags to Riches Success Story [womenhomebusiness.com]

Local cosmetics magnate reveals rags-to-riches life story [taipeitimes.com]

China: A rags-to-riches story to dream about (Yan Huiyan) [atimes.com]

China’s paper magnate is a rags-to-riches story, literally [indianexpress.com]

Rags to riches: Bill MacAloney: from orphan to successful business owner to CBA [findarticles.com]

From rags to riches: Filipino weavers trade up [reuters.com]

Etc. etc. blah blah ... I could go on pasting these stories in here all day. Nothing worse than listening to whiny losers feeling sorry for themselves that they weren't born rich.

Re:Contingencies

[martyros]

The notion that "anybody can make it in the US if they work hard" is a fairy tale.

Whom do you know who has worked hard and yet failed to secure a comfortable life for themselves? Millions of immigrants prove you wrong by coming with almost nothing, starting restaurants / laundry shops / convenience stores, and then sending their kids to college to become doctors and lawyers.

Sure, if you want to become filthy rich, you need a lot of breaks: talent (not necessarily the "getting good grades" kind of talent), opportunity, and drive. But I don't know anyone who worked hard at improving their situation who is still poor.

Re:Contingencies

[Asic Eng]

I think you are aiming too low. I'm aware of many factors in which France is better than Germany, others in which the UK is better than France, and yet a different set in which Germany is better than the UK. The US outshines Europe in many areas, but the reverse is also true. Criticism is not hate, and learning from the best will serve you better in the long term than pretending to be the best at everything.

Re:

[derGoldstein]

It seems you've come to a conclusion, then. Do let us know how that works out for you.

Re:

[140Mandak262Jamuna]

1. If they were smart it's easier to make money legally than illegally.

Really?

Yes, really. Just ask Tim Gaitner, Hank Paulson or any of the Chief Embezzling Officers or anyone working for Morgan Stanley.

Re:Contingencies

[Actually, I do RTFA]

There are two ways to make a lot of money. Commit big enough crimes, or inherit it. Favorite method: Have your ancestors commit the crimes and then inherit it.

Re:

[Akido37]

1. If they were smart it's easier to make money legally than illegally.

It's really not. If you've ever been involved with, or known anyone involved with selling illegal drugs, you'd know how false that statement is.

Re:

[characterZer0]

It's really not. If you've ever been involved with, or known anyone involved in politics, you'd know how false that statement is.

how easy is it to get into politics?

[circletimessquare]

its actually pretty hard. you have to be a committed passionate demagogue

sure, if you are in politics, its easy to rip people off

however, its very hard to get in that position in the first place

so, just as the post you are responding to says, it is easier to make money legally than illegally

Re:Contingencies

[Ifni]

I tend to wonder at the accuracy of that assumption. I think that drug dealing is a lot like acting - people see all the famous actors and say "I can get rich as an actor", but don't notice that it is only the top one percent or so that truly make it - the rest struggle to get by, or make a moderate living at best. Additionally, as a drug dealer, you also have to avoid the law - being wildly successful for 5 years then getting caught and put in jail for ten to twenty makes flipping burgers more profitable an endeavor over the long term. Not to mention the rather short life expectancy of many of the most successful due to "competition".

So, short term, yeah, dealing (or many types of crime) is easier than making money legally. But long term, you either have to be really good, and thus invest much effort in staying one step ahead of both the law and those looking to "replace" you, or you lose the advantage that crime had, and then some. And if you are investing the required effort successfully, you likely could have done equally well working legitimately. Sure, there are the Dons and Columbian drug lords that are the exception, but again - only the top 1% or less enjoy that privilege.

Re:Contingencies

[2obvious4u]

That is a bad assumption on his part. Drug dealers have different priorities than most people. I used to know people who would gross 100k a week dealing drugs. The thing is they would have to pay 60k back to the suppliers and then they would split 10k each and would pick up girls and take them on shopping sprees to get laid and would spend the rest on stuff like cloths and drugs for themselves. They really didn't have any money left at the end of the week. Owning houses that you bought with drug money doesn't work out very well when the IRS comes knocking, so they would blow all their funds on consumables during the week.

Eventually they got caught and spent about 5 years in jail each. But for the 2 or 3 years they were earning that kind of cash and spending it on cloths, cars, women and drugs they lived like rock stars. The problem is that you do get caught and it is a very rough life. You have to have a very low moral standard that most of society can't stomach. But from the pictures it looked like a lot of fun. Even knowing about the 5 years hard time at the end.

Oh, and women like drug dealers. You get a girl hooked on your supply and you can get laid whenever you like. Not everything can be measured in dollars.

Re:

[TheLink]

In terms of $$$$$$$ obtained, I think the finance bunch have been doing pretty well. And lower risk too. When they supposedly screwed up they still got bonuses.

All it takes is to not have a conscience or being able to fool yourself that you are actually adding lots more value than you are taking out.

As the title of one book says: "Where Are the Customers' Yachts? or A Good Hard Look at Wall Street".

Re:

[MikeBabcock]

And somehow selling health insurance is considered an honest profession. Go figure.

Re:

[Afty0r]

1. If they were smart it's easier to make money legally than illegally.

Even if I wasn't handing over around half my income to the gubmint, I doubt this would be true. If it were true there wouldn't be many crims left...

Re:

[Tom]

Even if the control machines loose DNS resolution, might not the botnet be configured to fall back to connecting to well known IP addresses to accept commands?

You'd have to store that IP somewhere, which means in the clients, which means it'll be found and either disabled or lead them right to your door.

Re:Contingencies

[Jahava]

Even if the control machines loose DNS resolution, might not the botnet be configured to fall back to connecting to well known IP addresses to accept commands? Seems like the logical thing to do if you are creating an illegal network...

Well, here are a few thoughts:

• Microsoft probably thoroughly reverse-engineered the botnet client code prior to seeking the court's assistance. Therefore, they have a very good understanding of the botnet's control algorithms. They probably derived those domain names and took those specific measures in response to their understanding of those algorithms.
• For a botnet, hard-coding IP addresses could be riskier than DNS names. If someone is trying to shut you down, it's easier on their part to pick a specific set of IP addresses and (with cooperation of their respective ISPs) get them shut down or (without said cooperation) firewalled.
• For a botnet, it's much faster and easier to change your IP address and update a DNS entry, leaving the botnet code alone. If you have to change those hard-coded addresses, you have to not only rebuild and push new code, but update every infected system (and any network admin on a legit controlled network knows that there can be issues with this). With the DNS entry they have a central point to update.
• I'd not be surprised if Microsoft chose this specific botnet because it had a vulnerability that was within the reach of a court to address

As others have pointed out, this teaches every other botnet author a lesson on what can be done. The problem ain't solved by a longshot, but maybe the Internet is safe for another night (cue Batman music).

Re:

[Arthur Grumbine]

• Microsoft probably thoroughly reverse-engineered the botnet client code prior to seeking the court's assistance.

Sounds like a DMCA violation if you ask me. Won't someone think of the (botnet) authors?!

Re:

[Deathlizard]

Domains and IRC are dead ends for current botnets anymore exactly because authorities can shut them down.

The newer botnets use Peer to Peer networks for command and control. Either a In House private P2P or (most likely since they're already established) a public P2P like Kademila or Gnutella. Then all you would have to do is search the network with a authorization string+botnet command string embedded in it(IE: randomhexspamtheworld). When the bot receives the search string, it validates against the author

Re:Contingencies

[TheLink]

If I wrote malware (I don't), I'd use google, other search engines and maybe even twitter (but that's probably covered by search engines nowadays) to search for new instructions :). So you could post the instructions "anywhere" in the world along with keywords. The search engines would find it. Naturally you'd check the signatures to see if the instructions are valid.

I'd also write the malware in perl. Pretty easy to do such stuff with perl - can also fork and run the instructions in an eval (if you think people are going to crack your malware). It'll be interesting to see how the AV people cope with TIMTOWTDI. Probably trivial to whip up equivalents in python or similar.

Such malware could run on windows, Linux, *BSD, OSX :).

Re:

[MikeBabcock]

On a similar note, this is why many malware authors used IRC for bot controlling. Connecting to a well-known IRC network and listening for commands pretty much prevents your 'server' from being taken down.

Re:Contingencies

[pehrs]

Not a new idea. Google is working actively to stop this kind of abuse, which they do by forcing you to go through a captcha if you try to search for terms that are related to malware. I have taken apart a few "evil" programs that did google searches, and each time I found that the search terms had a captcha block.

State of the art for malware is to use a generator function (typically a hash) to generate random domain names. If it loses contact with the C&C servers it will use this generator to try domain names until it finds a new configuration file (propperly encrypted and signed). For the controller they only need to register one of the domain names generated by the hash and eventually the bots will all reconnect.

Re:

[maxume]

Slashdot comments would be a great place to put a bot domain lookup (you could check every story for anonymous comments containing domains, check every story in a certain section for anonymous comments containing domains, or even check a certain account).

The relatively strict attitude about 'freezing' things means that they probably wouldn't disappear, compared to blog comments, where a given blogger might zap stuff or not.

contingencies

[symes]

Probably a one off - botnet designers will now write in contingencies so that access can be re-established in the event of visible domains being taken off-line. In fact - i'd be surprised if Waledac didn't rise from the dead.

Re:

[nacturation]

I would have it passively scan well-known websites for hidden messages. For example, browse Slashdot at -1 and pick up posts which contained a specifically formatted payload. Once the message was decoded, verify the message's signature against a public key and execute the payload.

Or on places which allow for image uploading. Use steganography to embed the payload into the images. Or Twitter status messages... look for specific hashtags such as #flamewar or something relatively obscure then follow the UR

Re:

[Missing_dc]

##Monkey Cow Chicken Fly 128!k93>>22k5gg91

I find your proposition utterly preposterous! ;)

Can they recover from this?

[jonwil]

Presumably if Microsoft have done their homework, they have identified every possible machine that these bots could try to contact to receive new instructions (such as new SPAM messages to send) and had VeriSign disable every domain name so it cant be registered or used.

Does this mean the botnet is dead?
If so, great. And lets hope people are working to repeat the excercise and block the domain names used for control of any other botnets that talk to specific servers by name for instructions.

most likely not dead

[someone1234]

If i was a botnet author, i would keep a list of my zombies and code the bots in a way they respond to a secret password.
Thus it doesn't really matter if a command center is down, i could just start a new one and it reclaims all orphaned zombies.

Cutting a few command centers is futile.
The only solution is to burn all zombies overnight and prevent reinfection.

Re:

[Tom]

If i was a botnet author, i would keep a list of my zombies

Which would leave a trace back to you, because that list has to be assembled somewhere.

Re:

[jonwil]

Given the way these worms/trojans spread and the sort of PCs they are most likely to infect, even if you COULD compile a list of valid IP addresses its a good bet that those machines would be
A.No longer infected (because its been cleaned by the Windows Malicious Software Removal Tool or by anti-virus or by a re-image of the computer from a recovery partition/CD/DVD or a standard corporate disk image)
B.Firewalled off (corporate networks etc)
C.Running behind NAT (again corporate networks using NAT or home use

drones

[Max_W]

1,5 billions of spam messages per day. Multiply each message by 10 seconds of working time it takes to activate e-mail window and delete the spam-message, and it becomes clear what damage to the word economy it brings. Let alone disrupted work-flow.

It is the weapon of mass economic destruction.

Such spammers should be warned, once, twice, and if they do not cool down a drone should come above their building and shoot a "Hellfire" missile right into the server room.

Or at least black-clad agents should enter t

Re:

[argent]

So you want Mossad to take over antispam operations, then?

Deactivated?

[gmuslera]

New set of domains acquired and botnet spamming again in 3..2..1..

99% of Businesses Fail Because?

[LifesABeach]

No one knows they exist.

And sometimes, that's a good thing...

I must have missed the memo

[OzPeter]

Is today the day we like Microsoft?? I just want to make sure I have that right. Its not some trick to cover them acting like vigilantes is it??

Standing

[Adrian Lopez]

As glad as I am when botnets are crippled or shut down, I can't help but ask: Why is Microsoft the one pursuing this in court, rather than the government? Under what legal principle does Microsoft, a private corporation, have standing to sue for control of these domain names?

Re:

[tnk1]

You must have missed where Microsoft bought out the government. Please report to your local Microsoft (Re)Education Center for more details. Bring your passport.

Re:

[VertigoAce]

I assume that by owning @hotmail.com and @microsoft.com, Microsoft itself was the target of a large amount of spam from this botnet. That would give Microsoft standing to sue, as well as a lot of evidence to back up its claims.

Cyber war initiated by DOJ

[RichMan]

At least that is what the headline could be. Disabling foreign internet service is a big deal.

Could be a serves them right for registering as .com rather than .country. But this is one branch of the US government disabling some foreign infrastructure.

Easier method

[aapold]

Going by the microsoft graphic of the operation [microsoft.com], they could just arrest people who wear dark sunglasses and colored head scarves.

Re:

[lordandmaker]

This has nothing to do with malicious code in the OS. It's to do with malicious code exploiting crap code in the OS. And all software has *some* crap code in it.

Re:"East European"

[FyRE666]

It's not crap in the OS that causes the vast majority of infections. It's crap in the user's heads.

Why not just add code to check for an infection in the next Windows update. If found, then the user is presented with a dialogue at every boot that they must ok, and prevents them from logging in for 5 minutes for the first boot, increasing by 1 minute for each subsequent boot. Even lazy idiots will eventually get sick of this and do something about their machines.

Re:

[Anonymous Coward]

MS has the "malicious software removal tool" that shows up monthly in Automatic Updates and it will take care of it - but unfortunately WAY too many people don't have the automatic updates enabled or just refuse to run them. If they would run them a couple of these botnets would be gone.

Re:"East European"

[jtdennis]

This can also be started manually by running "MRT.exe" from the run prompt. The month of the update is in the title bar, so it's easy to tell if you're current or not.

Re:

[Anonymous Coward]

If MS would stop including questionable programs or new versions (not just bugfixes) in their Automatic Updates, people would trust them more. But there's nothing like having a working system screwed up by some new version of software to make you turn the damn thing off.

Automatic Updates should not be the equivalent of loading some unstable branch in Linux. We pay MS a lot of money to get this shit right, and they're full of fail.

Re:"East European"

[Tom]

It's not crap in the OS that causes the vast majority of infections. It's crap in the user's heads.

Cheap cop-out.

You're in a mass-market. You can not expect the majority of users to know anything about computers. You can debate that point all you like, but that's how it is. Saying otherwise is like saying only car mechanics should be allowed to drive cars.

Re:"East European"

[fuzzix]

Cheap cop-out.

You're in a mass-market. You can not expect the majority of users to know anything about computers. You can debate that point all you like, but that's how it is. Saying otherwise is like saying only car mechanics should be allowed to drive cars.

No, it's more like saying "people should know how to drive before taking their car on public roads"

Re:

[Tom]

No, it's more like saying "people should know how to drive before taking their car on public roads"

No, it isn't.

They know how to "drive" - they can click those buttons, enter a URL, write an e-mail.

Their errors are not in the driving. They're in - to stay with the analogy - where they are driving to. Someone taught them how to drive, but nobody told them not to drive their nice Porsche into the Bronx.

Re:"East European"

[Bakkster]

You're in a mass-market. You can not expect the majority of users to know anything about computers. You can debate that point all you like, but that's how it is. Saying otherwise is like saying only car mechanics should be allowed to drive cars.

But you can tell them to perform preventative maintenence like fluid changes, etc. Then it is their fault if they think they know better and ignore the manufacturer's recommendations.

An example would be brake pads. If you're lazy, you might never replace your brake pads, making you a hazard to everyone else on the road. So, brake pads have metal filings in the last portion of the pad to make an obnoxious grinding noise when it's time to change them. What better way to get people to take care of their car/computer than to annoy them until they fix the issue?

Re:

[Krneki]

Maybe it is time to allow only mechanics to drive cars. At least it will solve congestion problems.

Re:

[sleigher]

Before you do that let me open a school to train auto-mechanics.

Re:

[WCguru42]

It's not crap in the OS that causes the vast majority of infections. It's crap in the user's heads.

Saying otherwise is like saying only car mechanics should be allowed to drive cars.

I'll take your first point about how we can't reasonably expect everyone to know about computers and the internet but I believe your analogy is flawed. The equivalent to the car mechanic is the person who can build and repair the computer (hardware, software). With cars we don't allow you to drive if you're not 1) licensed and 2) insured. I'm not saying we need to add computer insurance for people but maybe a minimum level of education on what the internet is and how unlikely it is that a random stranger

NO SUCH THING AS IDIOT-PROOF!

[Chas]

Because idiots are amazingly inventive, persistent, and breed at a rate so ferocious that rabbits are envious.

Come up with a "foolproof" way for securing a system and some imbecile will find a way around it.

Not to mention all the inconveniences such a lockdown method would inevitably entail.

Re:

[Tom]

You expect someone who drives a car to understand that they need to change the oil, fill up the gas, etc.

Uh, no?

I drive rental cars, don't own one myself (several reason, not important here why). I don't care about changing oil or even washing the damn thing, and if filling up the gas wouldn't be so expensive at the rental company, I'd let them do even that.

Lots of people who do own cars don't change oil, either. They bring it to a garage and let them do it.

And why shouldn't they? It's not as if being able to change the oil makes you a better driver.

Re:

[Tom]

Most user don't realize that it is an executable, and the blame for that lies 100% with Microsoft.

Re:

[Andy Dodd]

If it were that easy to check for and find all infections, we wouldn't have them.

Re:

[Krneki]

If it were that easy to check for and find all infections, we wouldn't have them.

This ain't the problem. The problem is that you are not allowed to fix a computer that isn't yours without the explicit consent of the owner.

Re:

[poetmatt]

this is not an explanation that's really going to help people understand why linux is overall a better bet (specifically for longevity) than windows.

Try explaining things more simple:

it's more secure
you know what the program does (nothing hidden)
everything is free (and high quality)
if you don't know how to do something it can easily be google'd to find the answer.

etc.

explaining MS's closed repositories is not even a compelling reason for folks who are programmers.

Re:

[TheCycoONE]

Linux isn't all that secure in the way people care about. Most Linux users care about and are aware of security so they tend to only run programs they get off their package manager or other trusted sources and not run them as root.

However I've introduced windows users to Linux, and they keep their windows habits like downloading random programs off the internet until told otherwise. A malicious program in Linux can do all the bad things a malicious program in Windows can; and if the program has a little d

It pains me to say this...

[MrNaz]

... but HOORAY FOR MICROSOFT!

Re:It pains me to say this...

[eyrieowl]

I think it's something along the lines of closing the barn door after the horse has left. The insecure OS installs are out there, and there's not much they can do to make them secure after the fact. I mean, they *could* go really black-ops and push security updates using botnets and whatnot...but I imagine the hue-and-cry would make the Sony rootkit dispute look like fan-mail.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Runaway1956]

You have a point - any system CAN BE rooted. The thing is - it isn't being done, right? And, there is no reason to think that it is going to be done any time soon. As I say - if/when Microsoft makes systems that are at least as secure as the most popular Unix derivative (Would that be Mac, or Ubuntu?) THEN MS will deserve a hooray. I'm not even suggesting that SEL be enabled. I'll accept Ubuntu's default security settings, or Mac's or Redhat's - it doesn't matter. Default.

Yes, Windows 7 is pretty good

Re:"East European"

[nacturation]

The Ukranians, Poles, and Chechs called. They're insulted that you're lumping them in with the Rooskies, and they're rooting your box.

The insulted Czechs are now rooting your box.

That explains all the spam. The Czechs are in the mail.

Re:

[__aasqbs9791]

That's just what they want you to think. They are the East European Ninja's Ninja. First Rule of the Chech Dynasty is you don't talk abou.@$!@$&*

Re:

[WrongSizeGlass]

Can't we get even a little love for a Seinfeld reference? I mean really, what is this world coming to?

Re:

[happy_place]

In 1984 only the government owned the internet. It was called Darpa.

Re:Methods - Ends Justify the Means?

[OzPeter]

It's not "president". You probably meant "precedent".

No he really does mean "president". You see, now that Bill isn't there, Microsoft has this big tank of goop out in the back, and whenever they need a new VP to make a bold policy change they open a valve and flow the goop into a person shaped mould. Then they have to let it harden or "set". After which time they decant the new president and set him to work

Thus the OP was expressing his concern for the Zombie like creatures that this policy has brought to (semi) life

He must be a member of PETZ

Re:

[flimflammer]

First of all, I doubt it was strictly "They're doing something bad; can we put a stop to it?"

Second, do you own the world supply of tin foil? Spread the wealth, my good man.

Re:

[nacturation]

So Microsoft secretly filed a suit against 27 unnamed individuals, and got a secret order taking 277 domain names away from them, all based on a mere accusation.

I take it you've read the court proceedings and are intimately familiar with the evidence Microsoft presented before the judge?

Re:

[Adelbert]

Does it matter? I mean, are you saying you believe everyone has the right to face their accuser and defend themselves - unless the evidence is really convincing?

Re:

[darkmeridian]

It's not unheard of for parties to act without the knowledge of the other party (ex parte) to prevent them from frustrating relief. For instance, sometimes you can get a seizure order of copyrighted goods without the other side's knowledge if you can prove that they'll just move the goods away if you sue them normally with notice. The moving party has to show that they have a good case, and that there's a good reason notice cannot be given. Federal courts are pretty uptight about granting ex parte orders. I

Re:Secret courts, secret orders, ...

[Steve Hamlin]

It called a Temporary Restraining Order (TRO). In civil court cases, the Plaintiff can ask the judge to issue a TRO to prevent ongoing harmful conduct that later monetary damages after trial are insufficient to remedy. In other words: "Your Honor, this can't wait until the trial is over." The standards are high, and courts do not do this this without a very compelling set of alleged facts. Requesting Plaintiffs are often required to post a significant cash bond to cover damage to the enjoined party in case the TRO is not, in hindsight, the proper pre-trial remedy.

In most cases, a court won't issue a TRO without notice to the defendants and a hearing to allow the sought-to-be-enjoined party to response to the Motion for TRO. In some situations, like this, where mere notice might allow the Defendants to further the harm, the court orders the TRO without notice to the enjoined party. The Order allows the Plaintiffs to demand third parties to do or stop doing something for the enjoined party - the first notice to them is when they can't access bank accounts, or their vendor refuses to cooperate, etc.

The safeguards built into the system are (1) the cash bond, (2) a neutral judge that weighs the likelihood of irreversible damage and proof of the initial allegations against the harm from enjoining a party before a verdict, and most importantly, (3) that these are TEMPORARY. The judge will order a hearing with BOTH parties within (usually) 10 days of the TRO issuance, at which time the Defendants can object, rebut the Plaintiff's allegations, and ask the court to lift the injunction. At that point, it is a dispute between two noticed parties before a neutral court.

not atypical

[ericbg05]

So Microsoft secretly filed a suit against 27 unnamed individuals, and got a secret order taking 277 domain names away from them, all based on a mere accusation.

Oh, but since we're fighting spam, I guess that's okay.

Wait until Microsoft starts doing this to go after copyright violations. Will y'all be cheering then?

My fiancée IAL working in a federal district court. I have mod points, but I guess it's more illuminating to reply than mod down this ridiculous comment.

Stuff is filed under seal in court all the time. The idea is that you don't want the defendant you're pursuing to know you're pursuing them if there's a high chance they can cover their tracks. You can't just make a "mere accusation" and get a court to do whatever you want. That, of course, would be silly.

Most judges are really quite reasonable about the decision to keep things sealed. In any event, all the docs will become unsealed relatively quickly -- and if you think the court was *unreasonable*, that they abused their discretion somehow, you can take your complaint to the appellate court.

Court proceedings are slow, but some crooks (especially intelligent, well-funded crooks) can move fast. This is the balance we've found between thinking things through carefully, and satisfying the public's right to this information, while still prosecuting agile crooks.

In copyright infringement cases, the plaintiff would probably have a hard time convincing the judge that docs need to stay sealed.

Believe it or not, the system actually works pretty well sometimes.

Look, I'm all for an intelligent discussion of the shortcomings of the legal system, of which there are plenty. But you should really try to learn something about it before criticizing it. Otherwise you're just wasting everyone's time.

mod parent up

[argent]

I was going to say...

Re:Microsoft

[WrongSizeGlass]

I am by nature a MS basher ... at times even a rather venomous one .. but let's give MS some credit here. They went to court and obviously provided enough evidence that a judge was convinced (yes, yes, I hear the chorus of 'what qualifications did the judge have?'). They didn't take actions into their own hands and they released the information about it once the court ruling was made.

The fact remains that MS was actually acting in their own best interest and that of their customers. Those of use who don't use Windows will probably benefit by receiving a little less spam every day, too.

Hmmm ... I feel a little dirty now ... I better go clean up. I'm pretty sure Steve Jobs will personally come over to repossess my Apple Fan Boy card. Sniff, I'm going to miss it ... a lot. But, I'm rather excited to finally meet Mr Jobs :-)

NOT a DNS issue you boob!

[Chas]

This has nothing to do with US control of DNS.

They went to the domains' REGISTRAR (GoDaddy) and got THEM to disable the domains.

Control of DNS could be in the hands of Bumblefuckistan and they still could have done this.

Re:

[gravyface]

Right back at you, AC: what the fuck are _you_ smoking? I was referring to the authors of the Waledac's botnet, not law enforcement officials... on second thought, I'm not even sure if you're replying to the right comment, that's how fucking high you are.