back to article Microsoft borks botnet takedown in Citadel snafu

Security researchers are complaining about collateral damage from the latest botnet take-down efforts by Microsoft and its partners. The Windows 8 giant worked with financial service organisations, other technology firms and the Federal Bureau of Investigation to disrupt more than a thousand botnets. The botnets in question …

COMMENTS

This topic is closed for new posts.
Silver badge
Windows

Sigh!

Ballmer in your sinkhole? It is more likely than you think!

Awaiting Eadon Blast ... any minute now.

2
1
Anonymous Coward

You had one job microsoft

One job

5
4
Silver badge
Meh

Re: You had one job microsoft

Hard to tell if this is inept lack of expertise, or a case of clod-hopper MS World Police.

Bigfoot strikes - again.

5
0
Bronze badge
Linux

Re: a case of clod-hopper MS World Police.

One whose buggy software ought to be banned from connecting to the internet.

Sinkhole Microsoft.com - a den of internet INsecurity.

0
1

Seems they opted for the tactical nuke instead of the precisely targeted strike. Might not be the way to go next time MSFT!!!

4
1

I say we take off and nuke the entire site from orbit. It's the only way to be sure.

I hate to do it but i'm going to side with Microsoft, they should have a much greater freedom to fix the problem since I expect that buried somewhere in the EULA they probably have the right to make critical system updates to ensure security, Im just guessing though, I mean who actually reads EULA's?

However if this is the case then they have the freedom to actually fix the issue whilst the security researchers can only sit and watch.

3
8
Silver badge
Facepalm

Re: I say we take off and nuke the entire site from orbit. It's the only way to be sure.

Because granting yourself the right to do whatever you want via a shrink-wrap clickthrough EULA that no-one reads is a actually a legally recognized way of doing so?

Not unless your name is Obama.

5
2
Silver badge

Re: I say we take off and nuke the entire site from orbit. It's the only way to be sure.

Or Bush, Reagan, Nixon, the list goes on. None of them read the EULA before they started using the system.

3
0
Bronze badge
Boffin

Re: I say we take off and nuke the entire site from orbit. It's the only way to be sure.

"somewhere in the EULA they probably have the right to make critical system updates to ensure security"

I've said it before around the 'reg, but I'll say it again: EULAs do not indemnify you against criminal law, and not for nothing but US court's don't have global jurisdiction. The US keeps this stuff up and the Russians will get more backers next ITU conference - something that's bad for all of us generally, but will make this sort of effort impossible. The aim of the game should be look before you leap - if the data is available, check it.

2
0
Stop

Re: I say we take off and nuke the entire site from orbit. It's the only way to be sure.

You realize that sounds as stupid as suing the Fire Dept. for water dmg after they soaked down your house to put out the fire... You see the parallels, yeah?

MS has made piss-poor decisions in the past and their hands aren't exactly clean, but let's use some common sense before seeing MS in the headline and going full-on flame war.

0
0
Silver badge

More information and detail needed?

Microsoft and the FBI took control of many domains. Were these all .com/.us/(.org?) domains and thus under the responsibility of US authorities? If so, they have the legal right to do that, subject to judicial oversight, I hope.

Were any non-US controlled domains involved? If so, did thay have the agreement of the foreign registries involved?

Had the Swiss organisation sinkholed domains under the control of the US or any non-Swiss registrars? If so, by what process? What is the relationship between the Swiss organisation anf the Swiss legal authorities?

How easy would it be for me to sinkhole your domain, wherever you may live and it may be hosted?

I'm sure someone will say that I ought to be grateful that MS and the FBI etc are taking a stand against 'financial terrorism' and stop asking awkward questions.

5
0

This post has been deleted by a moderator

Anonymous Coward

Re: Windows codename: BOT.NET

I wonder what the O/S of choice for the shadowy figures controlling the botnet is?

Linux Superpowers Used For Evil Fail?

1
3
Mushroom

America, Fuck yeah!

see title

1
0
Silver badge

Scary

Microsoft plans to use intelligence gained in Operation b54 to work with ISPs and Computer Emergency Response Teams (CERTs) around the world to quickly and efficiently clean as many computers as possible.

So now they borked it once, and we're supposed to believe they won't bork it again? This is not an anti-Microsoft statement - just a good old fashioned pragmatic view.

2
1
Go

"Microsoft plans to use intelligence gained in Operation b54 to work with ISPs and Computer Emergency Response Teams (CERTs) around the world to quickly and efficiently clean as many computers as possible. "

They are going to install Linux ! :)

1
0
Bronze badge
Linux

RE: They are going to install Linux ! :)

THE ONLY CURE!!!

BTW, I like your 'handle'.

2
0
WTF?

Orly?

So wait...

The problem here is that Microsoft is stepping on toes because they're doing a better job?

Let's all use our heads and think clearly hear for a second while we weigh the pros and cons.

**Pro - Microsoft takes down *three times* as many domains as all the rest of the other parties combined, while absorbing the 1000 or so that were already looked after.

**Con - ... This is the toughest one to find a con for. The other sites only got 1/4 of what Microsoft grabbed, I don't see what the problem is. Obviously the weren't doing a good enough job with 3x as many domains out there as they had in their possession.

**Pro - MS fixes the problems that the previous viruses created by removing the blackout to ALL (not just Microsoft funded) antivirus websites, restoring the ability to update and redownload AV software, etc.

***Con - MS violates the rights of the users - based on a technicality - by changing settings on users' computers away from what the virus did when it originally violated the users' rights. The difference is that MS is changing settings to help repair the situation and remove the problem and they are ONLY targeting machines that are definitely infected, because they are using the callback domains to do it.

As for whether or not MS is using US jurisdiction domains... Give your heads a shake. You want to allow ANOTHER loophole for these guys, by guaranteeing that non-US domains are free and clear from being shut down?

0
2
Thumb Up

Go MS, kick some dirty criminal **S

Better to lose a few innocent domains along the way than lose the whole 100 to some scum bags who spent their time stealing from the public through their Botnets.

0
0
This topic is closed for new posts.

Forums