I'm glad this is getting coverage, but this is nothing new to Microsoft- they've been doing this for almost a decade (see for example https://www.zeuslegalnotice.com/). DCU has a great reputation and they're doing great work (in conjunction with law enforcement and legal authorities) to make life better for all of us on the Internet.
I remember when some of the earlier botnets I was exposed to used IRC networks and private/hidden channels to provide command/control interfaces to the bots/zombies/clients. In a lot of cases, the control mechanism had no redundancy (set to one specific network and/or server and channel).
People passed around lots of executables during those days (naively trusting sources/friends) which usually had additional side-loading mechanisms for the bot (sometimes from an HTTP request, sometimes FTP).
Used to grab these modified executables for plugins/game extensions/etc, sandbox them, and identify the control IRC networks, channels, passwords and have the networks shutdown the channels which essentially killed the botnet from further use.
I imagine most the clients are far more resilient and sophisticated these days. I think the largest botnet I identified and 'shut down' (obviously with help from IRC network admins) had around a million clients on separate networks.
Most of these were pushed on smaller relatively unknown/unpopular IRC networks where the admins somehow didn't notice tens of thousands of clients sitting idle on their network.
It was always a bit enjoyable to pop in one of the private password protected control channels and start a conversation, catching someone completely off guard who didn't expect anyone to find their little control interface. I imagine most these were built off a known library which wasn't too sophisticated. Most people were humorously surprised.
The article was devoid of any technical details... what exactly were they doing to "take down" the domains? Were the domains hosted on Azure? Were they given permission by ICANN to modify the DNS? I want details!
I don't know about this one specifically, but in the past, they've taken advantage of the fact that a lot of these scams claim to be Windows tech support and the like. With a creative application of US trademark laws, which allow manufacturers to seize counterfeit goods, they got a court order allowing them to seize the domains and computers hosting the "counterfeit" Microsoft websites.
Makes sense that a company that provides an operating system for billions of devices around the world takes some responsibility for any criminal actions taken on others that use said operating systems' potential exploits/bugs to harm other financially/personally/etc... Really cool to see an article written about it though. Makes you think that Microsoft are the good guys :P
Regardless if size,companies are not law enforcers. MS is also not responisble for the OS it has already sold to customers, that OS is not their property or concern outside of patches (fixing what they broke before sales).
I hate this idea of corporate heroes,next thing they'll let them do offensive operations (hack the hackers without any due process or authority).
Technically MS does own the OS, the end user is just granted a license to use it. They do however not own the hardware it runs on, so there should be limits on what they can do, I agree that the idea that they can act as law enforcement without limits is chilling.
MS is absolutely responsible for the OS it has sold to customers, I expect them to make updates with security fixes and allow me to opt out of those updates if I want.
This also isn't heroics, but I knew, without a doubt, that people would read this headline and get angry because the government is supposed to be the hero. I'm not going to bother making the case for or against that, history can do it for me.
I'll add that it's absurd to compare them to law enforcement. They do not have any authority of using force here. They did not put hands on nor imprison the people running the botnet.
Who is the “they” that will let corporate heroes do offensive operations without due process? If it’s the government, wouldn’t the larger risk be that they just skip due process themselves? If it’s the companies, wouldn’t they then be held responsible for breaking the law?
The idea that Microsoft is responsible for what people do with their software has a lot of problems, IMO.
But Microsoft should be trying to ensure their customers have a good experience, and a majority of these botnets's victims will be people with Windows PC's. Ergo, it makes sense for Microsoft to do what it can to give their customers a better experience.
eight years in the making? six million domain names? (how does one even address/disable/send requests to registrars for that many?)
Big operation on both ends. Yikes.
Their software is in a majority of PCs not due to pure market forces but because of active efforts in the 90's, through OEM contracts, to prevent operating systems other than Windows to be generally available to the public through non-technical channels.
This is such a tired argument. It's been 20 years. You don't think other OS's have had the opportunity?
The fact is, Windows is still king today because of backwards-compatibility and nothing else. No other OS has taken this as seriously. Certainly not Apple. And not Linux either.
You can still run DOS programs on Windows today. And companies do. I personally know of software originally written in the 80's and with many legacy components from that time still running on modern versions of Windows Server.
Companies don't take backwards-compatibility seriously. And if you're constantly breaking things, people are not going to trust your product for serious use to be relied on. It's really not that complicated.
Not to mention the developer tools are second to none. You may not like .Net, or you may have some problem with how Microsoft did business 20 years ago (get over it). But Visual Studio is hands down, without question, the best IDE on the market. And Visual Studio Code is the best text editor. And now, with their open source efforts, it just keeps getting better.
(Yes, I know that's not Apple's intended market, you don't have to tell me. The point still stands. Windows is popular today because of a herculean effort by Microsoft over the years to ensure backwards-compatibility. And yes, I know it's not perfect. You don't have to tell me that either. It's always the same tired arguments. And at the end of the day, the point still stands and no other OS has risen up to take Windows crown. And no, this year is not finally going to be the year of the Linux desktop. Next year either. Or the year after that. It's not going to happen. Get over it.)
> You don't think other OS's have had the opportunity?
For most non-technical people that didn't separate the concept of OS and hardware, there was no opportunity. Even if you were one of those technical people who bought a PC, wiped the hard drive and installed Linux, you still paid the Microsoft tax, which the OEM had to pass on to you in order to sell Windows at all.
It's not a tired argument because the ramifications of that action are still relevant today.
> Windows is still king today because of backwards-compatibility and nothing else.
IE11 is a perfect example of why this is a bad thing.
The fact that people were able to use Office at home and at work, and Office became a strong defacto standard for documents due to the substrate of Windows being ubiquitous, also had a lot to do with it.
> the point still stands and no other OS has risen up to take Windows crown.
The Windows crown is irrelevant in a mostly-mobile-and-server world. Why did Windows 8, 8.1, and 10 try so desperately to force mobile UI on a desktop experience? Why does Windows 10X look more like a Google Chrome UI than anything else?
i'm not saying they do it intentionally. i am saying that they should deal with the consequences and not let taxpayers take the downside while they take the upside
