back to article Microsoft botnet smackdown 'caused collateral damage, failed to kill target'

Microsoft is attracting fresh criticism for its handling of the Citadel botnet takedown, with some security researchers pointing to signs that the zombie network is already rising from the grave again. Redmond worked with financial service organisations, other technology firms and the Federal Bureau of Investigation to disrupt …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Given the problems these botnets cause to everyone, and not just the suckers who have an infected computer, I f think remotely neutering them may be the best option.

    Sure it is going to upset the owners, but disabling internet access and forcing them to take it to someone who knows enough to fix it is a kindness in the long run. Yes, it might be an act of questionable legality in some places, but the last time I read a Windows EULA it allows them to 'break' it for DRM reasons so I can't see much reason they can't do it for reasons of it causing trouble world-wide.

    Now if said computers are doing something safety-critical there is a problem but:

    1) Windows is not certified for that by the EULA

    2) Whoever is in charge of the system should be getting a kicking for not having cleaned it up already.

    Discuss...

    1. The_Regulator

      I agree, while there is bound to be collateral issues taking down whatever you can is the way to go. Monitoring is one thing but monitoring is not helping anyone except for the security researcher doing the work....

    2. Anonymous Coward
      Anonymous Coward

      "I f think remotely neutering them may be the best option."

      They are thinking seriously about this. But I suspect they are holding off as there's more complexity and unintended consequences than we realize. They fear A. making false positives / outright mistakes, B. Counter attacks by hackers who make legitimate systems appear compromised. Think Syrian Electronic Army, China, Iran etc...

    3. Daniel B.
      Boffin

      There's a point...

      Now if said computers are doing something safety-critical there is a problem but:

      1) Windows is not certified for that by the EULA

      Maybe security researchers & honeypots should simply send the kill switch to these botnets. Anyone stupid enough to use Windows for real-time things or actual mission-critical stuff shouldn't be doing so in the first place, and even MS can claim its a violation of the EULA. In most of these cases, only the botnet zombie client is removed.

    4. Bob Vistakin
      Linux

      There's only one thing to do...

      FTFY

    5. Jamie Jones Silver badge
      Stop

      "Yes, it might be an act of questionable legality in some places, but the last time I read a Windows EULA it allows them to 'break' it for DRM reasons "

      It doesn't matter - no EULA can override local laws. Period.

  2. Anonymous Coward
    Anonymous Coward

    Eadon...people are stil waiting over here for your insightful comments

    ----->

    http://forums.theregister.co.uk/forum/2/2013/06/07/android_obad_trojan/

  3. hplasm
    Meh

    Microsoft's Digital Crimes Unit

    Like watching kittens swimming in treacle.

    1. Anonymous Coward
      Anonymous Coward

      Re: Microsoft's Digital Crimes Unit

      "kittens swimming in treacle"

      Is that on YouTube yet? Pretty much everything else kitten-related is there.

      1. Destroy All Monsters Silver badge
        Windows

        Re: Microsoft's Digital Crimes Unit

        ~~~~Nyan ~~~~Nyan ~~~~ Nyan ~~~~ Nyan ~~~~ Nyan ~~~~

        Ok, Microsoft, this was pretty much "mission failure". How are you guys doing this? Is Gaius Baltar one of your brainboxes or what?

  4. Anonymous Coward
    Anonymous Coward

    Not so sure

    I'm not so sure about the alleged collateral damage but I do know that all hackers and those who perpetuate bots, should be shot dead.

    1. eulampios

      Re: Not so sure

      So you wanna kill 10,000 people employed by Microsoft, Adobe and others? This is too blood thirsty, amigo. Please see a doctor!!

  5. tempemeaty

    Damaging the competition

    Damaging security companies abilities to do what they do could be seen as an anti-competitive action to make Microsoft the only business in town.

    1. Anonymous Coward
      Anonymous Coward

      Lol, here is your 2 step plan for the day:

      1. Get a clue

      2. Remove post, repost with information that makes sense.

      Ohh and 3. Have a nice one on idkwtf island!!

  6. Anonymous Coward
    Anonymous Coward

    Microsoft patented botnets ..

    Microsoft should patent botnets, that way they can generate revenue from them ...

  7. Old Handle
    Stop

    Since "hacking" is considered worthy of a 30-year prison sentence int he US, I hope to see several Microsoft execs behind bars for this. There's no question that what they did was illegal. If they had only sent the malware instructions to cease operating or uninstall itself, that would have been justifiable IMHO. But they chose to interfere with access to a legitimate website (or Facebook anyway), which regardless of their intentions is, not a reasonable thing to do to somebody's computer without their permission.

    Is there some technical detail I'm missing as to why this is supposedly okay?

    1. Anonymous Coward
      Anonymous Coward

      The bit where Microsoft did this in cooperation with the FBI is probably enough to shield them from any legal action.

      By the way, what sentence do you think is appropriate for the person responsible for a PC that is infected with a Botnet agent? They're running a machine that is being used to attack other machines, or to generate spam. Complete disconnection from the Internet until they fix the problem seems like a perfectly reasonable penalty as far as I'm concerned.

  8. eulampios
    Linux

    @sisk

    Eadon, your argument about hiding extensions is just plain stupid given that a file in Linux can carry any extension, even .txt, and still be executable).

    Eadon's suggestion was not about hiding or not the file extensions but the outrageous fact that Windows OS (at least, up until Windows 7) would base its file recognition on the extension solely. NTFS fs might support the POSIX file permissions, this is irrelevant when you are in Windows Explorer.

    Funny thing, I so many times seen a sight of a "Windows geek" changing the file extension (to .txt) to view it in the Notepad.

    On a *nix system, mailcap or the file, test utilities etc help automate the process of file recognition. Even though, if I change the file extension of a file, most GUI file managers (like caja/nautilus or kde-thingy) won't be fooled.

    As far as *BSD is concerned, why do you generalize? OpenBSD is what you prehaps mean.

    Microsoft have not yet come to neither secure repositories/BSD ports nor to a sophisticated apps uid isolation and permissions transparency similar to Android's Microsoft have nevertheless amended the Windows EULA to withhold the users of their right to decline it.

    Hence, Redmond FAILS once again in security!

  9. Anonymous Coward
    Anonymous Coward

    Go read the EULA

    again, if you think MicroSloth is doing anything remotely illegal by unilaterally uploading mods to Zombies or their masters which happen to be running on MS product.

    Fubar (anon cuz I dig the mask)

    1. Jamie Jones Silver badge
      FAIL

      Re: Go read the EULA

      ARRRRGH.

      Why do so many people blindly accept the terms of any EULA to be binding?

      EULA's cannot override laws

  10. Wzrd1 Silver badge

    What I see here is an objection to national sovereignty. Some seem to wish to do their own thing, re-invent the wheel, ignore it of bribed, heaven knows what else.

    In reality, Microsoft, for a change, is behaving like a comic book superhero, Ironman, if you will (Sorry, my wife is hooked on part of that franchise, probably also due to Hulk being present, as Incredible Hulk and Incredible Bulk are trivially confused).

    Microsoft is playing Ironman. Some nations seem to object to someone not from their land enforcing laws that they refuse to enforce or at least get credit for enforcing.

    Others benefit from non-enforcement.

This topic is closed for new posts.

Other stories you might like