Microsoft turns to FBI in hunt for Rustock ringleader Microsoft lawyers have sealed their victory over the operators of what was once the world's biggest source of spam after winning a court case giving them permanent control over the IP addresses and servers used to host the Rustock botnet. The seizure was completed earlier this month when a federal judge in Washington state …
First I think we should never forget that MS is in the end a company which means that their own interests prevail over that of others (recently dumping their Gold partner for example; no disrespect intended but lets not forget that by doing so MS also thwarted possible threats to their own reputation and credibility).
Still, having said that I also think that they're doing a recommendable job here. Not only did MS try to keep their OS environment safe, they also /actively/ started hunting down the cause of the threat and took it down. And you can't ignore the fact that it probably have cost them quite a few bucks and resources to do so.
So I say congratulations and kudo's to you!
They're doing all this after giving "the bad guys" a decade or so of head start. Recall that micros~1 veep admitting that securing their software was "not a priority"? So while it's positive to see them to try and catch up, let's not forget that they have quite a lot of catching up to do yet.
This is not to say anything but what it says: Praise where praise is due, but that's not quite all there is to it. They do have a bit of history with negligence to make up for: Had they been dilligent then, it would've saved everyone quite a lot of trouble now. Oh and yes they did get into this global network game late enough that it was already abundantly clear that some dilligence was definitely needed.
Yes, I know that detail but...
In such events I always come to ask myself: are they really doing nothing here, or do they want to keep up that appearance ?
Because the last thing you want is to alert the bad guys that something big is coming, that by itself could make catching them a whole lot more difficult.
So Cosma2k is Russian. Has he broken any Russian laws?
The official Russian position in the Litvinenko case is that their constitution prohibits extradition. It follows that there is no prospect whatsoever of prosecuting this guy except in a Russian court for crimes under Russian law. Unless MS can find victims who are both in Russia and willing to stand up in court against someone who is presumably a bit of a player in the local crime world, the whole exercise is just willy-waving.
<<which at its height enslaved about 1.6 million PCs>>
Still this is three orders of magnitude difference, isn't it (whereas, as for the MS fanboys themselves, the desktops numbers are a two)?
And BTW you must know something I don't, could you pls point at the evidence of thousands of "rooted Linux and BSD boxes" ? (Don't bother about hijacked php services, though)
"(Don't bother about hijacked php services, though)"
Why not? With the quite large amounts of local root explains in the open ?
Seriously though, I am indeed tempted with the opinion that in most cases people sooner recognize a hacked Windows box than a rooted Linux server. THAT is not something I can back up with facts but one has to wonder...
(yes; this may seem like a troll, its not. If you don't believe me then check my previous posts)
...one has to wonder that a compromise at the very heart of Linux (kernel.org) took 17 /days/ before being noticed. And these are the people who developed, created and (so one may assume) know Linux by heart.
How would a regular sysadmin fare ?
The difference is the default setup, It is harder to root a typical *nix box than a Windows box. Read Anon about the hbgary.com hack (arstechnica.com)
Say, on Ubuntu the desktop (not the server) setup disables the root account, i.e., it does exist, however one cannot login as root. To handle admin tasks the sudo utility is used, not su, (sudoers will define the group of admins). Using the command "passwd root" and typing in a password will enable the root though.
On Windows, by default, the first user will have admin rights. If you are an admin you, every time you login, there is a great risk for the system. Besides, MS has a "Run As" utility which is closer to su, rather than sudo,
"They're doing all this after giving "the bad guys" a decade or so of head start." .... Anonymous Coward Posted Thursday 22nd September 2011 23:57 GMT
And what whenever the bad realise good is better and more satisfying and rewarding? Do they then act as a lead authority with novel programs and fab projects?
The posit here is that of course they do. Wouldn't you? It is quite natural if looking for the really smart and flexible of position and fluid in direction of wonderfully accommodating motion.
These are entertaining times as main stream comes to terms with future underground control of all key sublime power systems.
A little something which Total Information Awareness of Systems assists.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
