Microsoft Settles With No-IP After Malware Takedown 83
Trailrunner7 (1100399) writes It's been a weird couple of weeks for Microsoft. On June 30 the company announced its latest malware takedown operation, which included a civil law suit against Vitalwerks, a small Nevada hosting provider, and the seizure of nearly two dozen domains the company owned. Now, 10 days later, Microsoft has not only returned all of the seized domains but also has reached a settlement with Vitalwerks that resolves the legal action. Some in the security research community criticized Microsoft harshly for what they saw as heavy handed tactics. Within a few days of the initial takedown and domain seizure Microsoft returned all of the domains to Vitalwerks, which does business as No-IP.com. On Wednesday, the software giant and the hosting provider released a joint statement saying that they had reached a settlement on the legal action. "Microsoft has reviewed the evidence provided by Vitalwerks and enters into the settlement confident that Vitalwerks was not knowingly involved with the subdomains used to support malware. Those spreading the malware abused Vitalwerks' services," the companies said in a joint statement. "Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware. The parties have agreed to permanently disable Vitalwerks subdomains used to control the malware."
"Sorry about that" (Score:5, Informative)
Re:"Sorry about that" (Score:4, Informative)
"And luckily no one will remember what our employees were posting in public forums about the issue, nor our sock puppets that modded them up"
http://yro.slashdot.org/commen... [slashdot.org]
Re:Short version of article (Score:5, Insightful)
Not really. They got away with it at no real cost. Chances are our "small Nevada hosting provider" was cooperating fully with Microsoft, and playing the victim card helps avoid bad press. Or it could be covering up a National Security Letter.
I don't know, the message from No-IP includes the statement: "While we are extremely pleased with the settlement terms, we are outraged by Microsoft’s tactics and that we were not able to completely and immediately restore services to the majority of our valuable customers that had been affected." This sounds an awful lot like code for "Microsoft paid us a metric crap-ton of money, but part of the agreement is that we wouldn't tell how much."
Re: (Score:1)
"Microsoft paid us a metric crap-ton of money..."
Petty cash... And besides, this "news" is a press release. Everybody got what they were looking for (except the users of the domains) and it will be forgotten like yesterday's lunch. Smells like fish
Re: (Score:3)
Shoot first, ask questions later (Score:1)
It's the law. According to an American judge.
Complete clusterfuck (Score:5, Interesting)
Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware.
Yeah, if waking up one day to find that most of your business has been handed over to another company is what passes for "notification" these days.
I hope Microsoft paid them handsomely.
Re: (Score:2)
For the land of the free, judicial misbehavior never seems to be mentioned when due a mention while it is blared from the rooftops when they rule correctly. IT SEEMS to me that the most important target of criticism here is missing since Microsoft went to--and got--an order by an authority, who should have had the compe
Re: (Score:2)
They were disabling the domains not selling them to another company to use. And it seems like this incident was settled by using the protections built into the judicial system. In the end the company was compensated and MS got the offending domains disabled. The bigger question is why does MS even make the effort to root out malware and shut it down? Identifying and taking down malware networks benefits everyone using the internet not just MS.
Could have been avoided (Score:1)
If only the idiot judge that approved the request for injunction had demanded to see some factual evidence that No-IP was actively aiding from the two bot herders also listed in the motion instead of just taking Microsoft's flimsy insinuations for it. Plus, it might have helped if the judge had given No-IP the chance to defend themselves before court instead of permitting the ex-parte session.
Re: (Score:2, Insightful)
More importantly, it's absolutely *insane* that companies can seize other companies' assets like this. This is something only law enforcement should be able to do.
Re: (Score:1)
Re: (Score:2)
I see these and laugh (Score:5, Insightful)
I always find it funny to see Microsoft using legal actions to fight malware rather than just fix the problem...
Re: (Score:2)
If every program ran in its own sandbox there wouldn't be any scary warning and there wouldn't be any malware.
Yeah, because who cares wehther the bad guys are capturing everything you type into your web browser?
Re: I see these and laugh (Score:1)
Re:I see these and laugh (Score:4, Informative)
Re: (Score:2)
actually, 90% of malware these days relies no non-OS / browser specific exploits. Its all flash, Java, PDF.
Of course, 98.27% of stats online are plucked from the ether.
Re: (Score:3)
When lawyers make decisions, the decision is always 'Pay some lawyers!' Never 'Pay some engineers!'
In other news... (Score:4, Funny)
...an unnamed small Nevada hosting provider was the subject of an intense and unannounced BSA audit on Thursday...
Re: (Score:2)
...an unnamed small Nevada hosting provider was the subject of an intense and unannounced BSA audit on Thursday...
I get the feeling that the actual headline is "Vitalwerks staff vacationing in the Caribbean for the next couple of months".
Re: (Score:3)
If you think about it, Microsoft has a close relationship with the NSA - see the _NSAKey scandal.
Routing all traffic No-ip traffic through MS controlled servers, it can safely be assumed the data was routed to the NSA.
The full list of no-ip names and associated internet addresses (and thus identities of the users) I think could be a very valuable thing for the government.
It smells wrong.
Um you could get their identity by traceing each dns entry to its ip address in most cases
Good Job, Microsoft (Score:2, Insightful)
Re: (Score:1)
To compare spam filters and such with seizing a company's assets using the power of government thugs is absolutely absurd. I'd say you seem like a shill, but in reality, that's wishful thinking on my part. Shills and the mentally challenged are often indistinguishable.
Re:Block all IE browsers (Score:1)
Microsoft enforcement policy: "Ready! Fire! Aim!"
BTW, I didn't see where Microsoft apologized for their actions to the Internet community.
How does it NOT? (Score:3)
If Microsoft wasn't the "bad guy", why offer a settlement less than two weeks later?
For some reason I feel like doubting the sincerity of this statement.
Re: (Score:2)
If Microsoft wasn't the "bad guy", why offer a settlement less than two weeks later?
To avoid court costs.
And you don't know that they offered a settlement. MS could have simply told them to STFU or they'd be countersued for X, Y, and Z. Maybe MS threatened to publicly release evidence that showed they were actively aiding and abetting the malware shit MS was called in to clean up.
You can blindly hate MS all you want, but no-ip and its siblings have a less than stellar reputation themselves.
Re: (Score:2)
Because they knew they had fucked up. Badly. Claiming that a corp the size of Microsoft is afraid of a little lawsuit - days after having someone's business raided - is about as believable as your Craigslist ad for oceanfront property in Nebraska.
Your protests don't pass the laugh test. If Microsoft could sue for X, Y, or Z, they never would have agreed t
Re: (Score:2)
so why are you slobbering their knob?
A real malware takedown... (Score:3)
...would be shutting down these god damn Windows machines that are infected zombies taking on the malicious tasks that this whole damn situation is about. No-IP is nothing without Microsoft's infected junk spewing garbage and infections all over the Internet. It's not like Microsoft doesn't hold the keys to immobilize a system running their own operating system anyway, they have the kill switch built right in to the OS before you even buy the license to run it in the form of WGA.
The numbers never did add up (Score:3)
Re:The numbers never did add up (Score:4, Informative)
Great. Now what about Github? (Score:2)
There's at least one clear takeaway from this... (Score:1)
Azure doesn't scale. The load placed on if by redirecting the domains was probably far less than the surge that a suddenly-popular web host might encounter, yet it failed miserably.
Microsoft might not have to pay any monetary damages for the havok they caused, but they might get a hit to their pocketbooks anyway.
People looking to move their operations to the "cloud" would do well to look at this performance, and consider what might happen to *their* traffic...
Re: (Score:1)
It wasn't a load problem. The setup was just wrong (recursive resolvers used as authoritative servers didn't answer non-recursive queries correctly). It wouldn't have worked if Microsoft had given it all the CPU power and network capacity in the world. Garbage in, garbage out.
Re: (Score:2, Interesting)
The takeaway is either:
1. No business should use Azure because Azure doesn't scale. OR:
2. No business should rely on Microsoft services, because Microsoft does not have the necessary competence.
This is only the latest in a line o
A quick question, if I may? (Score:5, Insightful)
Who made Microsoft the fucking internet police anyway?
Re: (Score:2)
A judge who clearly needs to be impeached for wild and willful violation of the Fifth Amendment.
Re: (Score:1)
Innocent victims (aka the third parties) might have a window for a class action suit versus Microsoft for the damage/losses they caused by this wee stunt. Hurting an innocent third party or few isn't smiled upon I would hope.