Microsoft Files Suits Against "Malvertisers" 205
eldavojohn writes "Reuters is bringing us news of five civil lawsuits filed by Microsoft against 'Soft Solutions,' 'Direct Ad,' 'qiweroqw.com,' 'ITmeter Inc,' and 'ote2008.info' that allege they 'used malvertisements to distribute malicious software or present deceptive websites that peddled scareware to unsuspecting Internet users.' Microsoft's Tim Cranton outlined the suits and provided links to all the filings for download. 'Cranton added that names of specific individuals behind these activities were not known and the lawsuits were being filed to help uncover the people responsible.'"
Re:This seems simillar... (Score:3, Informative)
While my feelings towards the parent post may be colored by the Pavlovian hatred I feel every time someone uses "lol" as a word in a sentence, how are they in any way similar?
Let's compare the two:
a) Committing fraud to compromise people's computers, violating their privacy and potentially exposing them to such risks as identity theft or credit card theft.
b) Selling gold in an online RPG, causing no direct harm to anyone.
And unlike Blizzard who went after a bot creator through a ridulous copyright claim [wikipedia.org] that should have been thrown out of court at first glance, Microsoft is fully in the right here.
Re:Brain... locking... up... (Score:3, Informative)
Really [lwn.net]?
Re:Brain... locking... up... (Score:3, Informative)
I don't believe you can run an .exe file on Linux or MacOSX. You can only do that in Windows.
MacOSX tells me whenever I ask it to run a file downloaded from the net for the first time. The OS needs to get in the user's face a little, because downloaded executables carry risks that executables installed from local media do not.
Re:Brain... locking... up... (Score:4, Informative)
Except that IIS has fewer. Let's see:
IIS7 [secunia.com], first released in a server OS (Win2K8 - it was actually present in Vista before that, but no-one would run a server using it, so we don't consider that period) in January 2008, has 2 vulnerabilities in its entire lifetime, and only one of those is remote. That makes it 1 vulnerability per 10 months, or 1 remote vulnerability (which is usually what you care about for servers exposed on the Net) per 20 months.
Apache 2.2 [secunia.com], first released in December 2005, has 16 vulnerabilities in its entire lifetime, 15 out of which are remote. That's roughly 1 remote vulnerability every 3 months.
"Oh, but no-one uses Win2K8 and IIS7", I hear people saying. Very well, let's look at the generation before that - IIS6 [secunia.com] vs Apache 2.0 [secunia.com]. IIS6 was released with Win2K3 in April 2003; Apache 2.0 was released in April 2002, a year before that. Lets see:
IIS6 - 8 vulnerabilities to date
Apache 2.0 - 38 vulnerabilities to date
In the interests of fairness it should be noted that a larger percentage - twice as many - of IIS6 vulnerabilities would give the attacker system access (i.e. provide an infection vector), compared to Apache. Even so, in absolute numbers, it's 3 system access vulnerabilities for IIS6 vs 7 such vulnerabilities for Apache. So, even accounting for that extra year, Apache still has worse security record overall for the last two major releases (or the last 6 years).
A secure OS would make sure that all code downloaded from the net is identified to the user as code downloaded from the net and its source/publisher, and a secure OS does not allow the downloaded code to execute until after the user has acknowledged that it is a downloaded program and given explicit permission.
This is precisely what Vista and Win7 do [case.edu]. If you download an executable, it will have a flag set in file meta-information that basically indicates that the source was network... when you run it, the OS will warn you and ask to confirm.
The problem is that this is not fool-proof. Consider this: how is the OS supposed to know that file comes from the network? From OS point of view, files don't "come" from anywhere - it's just that some application opens a file and starts writing data into it. The fact that said data was received from an open socket to a remove server a few milliseconds ago is not something an OS can reasonably detect. Thus, it really is all up to application to set the flag correctly. IE does that, and so does Firefox; other browsers might, or they might not.
Meanwhile, no other desktop OS that I know of does anything similar, and it's certainly quite possible for a Linux browser to download an executable file and chmod+x it - the OS won't stop it, because how could it possibly know that it's a bad thing, or even distinguish such a syscall from another one originating from user explicitly running chmod in the shell?
Re:Brain... locking... up... (Score:3, Informative)
MacOSX tells me whenever I ask it to run a file downloaded from the net for the first time.
So does Vista [case.edu] - in fact, if you have antivirus installed (and it properly integrates with OS by using the corresponding APIs), it will even make it scan the file before starting it for the first time.