• Welcome to BellGab.com Archive.
 

fuck you microsoft

Started by wr250, July 01, 2014, 07:46:32 AM

wr250

note: skip over quoted text to get to my rant.
Quote from: $micro$haftMicrosoft takes on global cybercrime epidemic in tenth malware disruption

30 Jun 2014 1:23 PM
The following post is from Richard Domingues Boscovich, Assistant General Counsel, Microsoft Digital Crimes Unit.

Playing offense against cybercriminals is what drives me and everyone here at the Microsoft Digital Crimes Unit. Today, Microsoft has upped the ante against global cybercrime, taking legal action to clean up malware and help ensure customers stay safer online. In a civil case filed on June 19, Microsoft named two foreign nationals, Mohamed Benabdellah and Naser Al Mutairi, and a U.S. company, Vitalwerks Internet Solutions, LLC (doing business as No-IP.com), for their roles in creating, controlling, and assisting in infecting millions of computers with malicious softwareâ€"harming Microsoft, its customers and the public at large.

We’re taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals to infect innocent victims with the Bladabindi (NJrat) and Jenxcus (NJw0rm) family of malware. In the past, we’ve predominately seen botnets originating in Eastern Europe; however, the authors, owners and distributors of this malware are Kuwaiti and Algerian nationals. The social media-savvy cybercriminals have promoted their wares across the Internet, offering step-by-step instructions to completely control millions of unsuspecting victims’ computers to conduct illicit crimesâ€"demonstrating that cybercrime is indeed a global epidemic.

Free Dynamic DNS is an easy target for cybercriminals

Dynamic Domain Name Service (DNS) is essentially a method of automatically updating a listing in the Internet’s address book, and is a vital part of the Internet. However, if not properly managed, a free Dynamic DNS service like No-IP can hold top-rank among abused domains. Of the 10 global malware disruptions in which we’ve been involved, this action has the potential to be the largest in terms of infection cleanup. Our research revealed that out of all Dynamic DNS providers, No-IP domains are used 93 percent of the time for Bladabindi-Jenxcus infections, which are the most prevalent among the 245 different types of malware currently exploiting No-IP domains. Microsoft has seen more than 7.4 million Bladabindi-Jenxcus detections over the past 12 months, which doesn’t account for detections by other anti-virus providers. Despite numerous reports by the security community on No-IP domain abuse, the company has not taken sufficient steps to correct, remedy, prevent or control the abuse or help keep its domains safe from malicious activity.

For a look at how cybercriminals leverage services like No-IP, and advice for customers to help ensure a safer online experience, please see the graphic below.



Microsoft legal and technical actions

On June 19, Microsoft filed for an ex parte temporary restraining order (TRO) from the U.S. District Court for Nevada against No-IP. On June 26, the court granted our request and made Microsoft the DNS authority for the company’s 23 free No-IP domains, allowing us to identify and route all known bad traffic to the Microsoft sinkhole and classify the identified threats. The new threat information will be added to Microsoft’s Cyber Threat Intelligence Program (CTIP) and provided to Internet Service Providers (ISPs) and global Computer Emergency Response Teams (CERTs) to help repair the damage caused by Bladabindi-Jenxcus and other types of malware. The Microsoft Digital Crimes Unit worked closely with Microsoft’s Malware Protection Center to identify, reverse engineer and develop a remedy for the threat to clean infected computers. We also worked with A10 Networks, leveraging Microsoft Azure, to configure a sophisticated system to manage the high volume of computer connections generated by botnets such as Bladabindi-Jenxcus.

As malware authors continue to pollute the Internet, domain owners must act responsibly by monitoring for and defending against cybercrime on their infrastructure. If free Dynamic DNS providers like No-IP exercise care and follow industry best practices, it will be more difficult for cybercriminals to operate anonymously and harder to victimize people online. Meanwhile, we will continue to take proactive measures to help protect our customers and hold malicious actors accountable for their actions.

This is the third malware disruption by Microsoft since the November unveiling of the Microsoft Cybercrime Centerâ€"a center of excellence for advancing the global fight against cybercrime. This case and operation are ongoing, and we will continue to provide updates as they become available. To stay up to date on the latest developments on the fight against cybercrime, follow the Microsoft Digital Crimes Unit on Facebook and Twitter. Microsoft provides free tools and information to help customers clean and regain control of their computers at www.microsoft.com/security.
http://blogs.technet.com/b/microsoft_blog/archive/2014/06/30/microsoft-takes-on-global-cybercrime-epidemic-in-tenth-malware-disruption.aspx

yes i posted the entire article. without permission. because $micro$oft, you an ass.

Quote from: No-IPNo-IP’s Formal Statement on Microsoft Takedown
We want to update all our loyal customers about the service outages that many of you are experiencing today. It is not a technical issue. This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives.

--snip--
Had Microsoft contacted us, we could and would have taken immediate action. Microsoft now claims that it just wants to get us to clean up our act, but its draconian actions have affected millions of innocent Internet users.
https://www.noip.com/blog/2014/06/30/ips-formal-statement-microsoft-takedown/

i use no-ip. it is tied to all my web services. now ,$micro$haft, in pursuit of the almighty dollar, you have provided me with hours of work to remap all my services to an ip number, rather than an dns address. thank you assholes. i promise to never buy or use one of your shitty products again, as well as tell everyone i know to never buy your products. if they insist on using your products i will suggest they pirate them. 

i ran a online lookup tool:
a:minifang.no-ip.info   
Loop detected! We were referred back to '157.56.78.73'

157.56.78.73 belongs to $micro$haft. and on top of that they initiate a infinite loop back to themselves. nice.

QuoteWHOIS-RWS

Network
NetRange   157.54.0.0 - 157.60.255.255
CIDR   157.54.0.0/15
157.56.0.0/14
157.60.0.0/16
Name   MSFT-GFS
Handle   NET-157-54-0-0-1
Parent   NET157 (NET-157-0-0-0-0)
Net Type   Direct Assignment
Origin AS   AS8075
Organization   Microsoft Corporation (MSFT)
Registration Date   1994-04-28
Last Updated   2013-08-20
Comments   
RESTful Link   http://whois.arin.net/rest/net/NET-157-54-0-0-1
See Also   Related organization's POC records.
See Also   Related delegations.


Organization
Name   Microsoft Corporation
Handle   MSFT
Street   One Microsoft Way
City   Redmond
State/Province   WA
Postal Code   98052
Country   US
Registration Date   1998-07-10
Last Updated   2013-08-21
Comments   To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
* https://cert.microsoft.com.

For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
* abuse@microsoft.com.

To report security vulnerabilities in Microsoft products and services, please contact:
* secure@microsoft.com.

For legal and law enforcement-related requests, please contact:
* msndcc@microsoft.com

For routing, peering or DNS issues, please
contact:
* IOC@microsoft.com
RESTful Link   http://whois.arin.net/rest/org/MSFT
Function   Point of Contact
Abuse   MAC74-ARIN (MAC74-ARIN)
Tech   MRPD-ARIN (MRPD-ARIN)
Admin   HUBER45-ARIN (HUBER45-ARIN)

wr250

the loop i spoke of is a potential ddos. and they did it to themselves. idiots.

wr250

more info:
apparently this was an ex parte order. which means the defendants are not given a summons or a chance to answer in the court granting it.

nice.
microsoft: trying to suck more than dave snooron.


But what about Windows 8... and Office 365 and ribbon toolbars.... oh...

Foodlion

I tried understanding what this all means. Is this more data collection?

wr250

Quote from: Foodlion on July 01, 2014, 03:58:36 PM
I tried understanding what this all means. Is this more data collection?

no. microsoft alleged no-ip was hosting malware via its subdomains it gives out free. so microsoft went to federal court and asked for a temporary restraining order granting microsoft control over the dns for said subdomains, which includes taking control of 22 top level domains such as no-ip.info .

microsoft also filed for an ex-parte order, meaning the defendants will not be notified of the order or subpoena to court . this is usually used by law enforcement to prevent the destruction of evidence by the defendant. it also means the defendants cannot defend themselves in court at the time of ruling, but will be able to later.

this came as a total surprise to no-ip.com , and directly affected me, even though i am not listed in the court order. i use no-ip, its free, it works, and customer support is great.

so its more than data collection, its seizure of domains owned and paid for by someone else.

MV/Liberace!

Quote from: Foodlion on July 01, 2014, 03:58:36 PM
I tried understanding what this all means. Is this more data collection?

Let's say you need to be able to connect computer A to computer B.  Computer A is in LA and computer B is in NY.  Computer A would need to know the IP address of computer B to make that happen.  It's easy enough to figure out what computer B's IP address is at a given moment, but what if computer B doesn't have an IP address that stays the same all the time?  Then you have a problem.  Simply unplugging the power from your cable modem can get you a differnet IP address unless you pay for a "static" IP address which doesn't change. 

The solution is to use a type of service called dynamic DNS.  Noip.me is this type of service.  The most common way this works is you set up an account with noip.me and you choose your hostname (like blah.noip.me), and instead of computer A having to know the IP address of computer B, it can simply connect to blah.noip.me and it will always be able to touch computer B, regardless of what IP address computer B is assigned at any given moment.  The most common way this works is computer B always runs a small application that continually tells the noip service what its IP address is.  If the address changes, the new IP is reported to noip.me so that if I try to connect to blah.noip.me, the connection is still made.  You could look at it as a sort of forwarding service.  That's essentially how DNS (domain name system) in general works.  It's a phone book for the internet.  BellGab.com has an actual ip address, and that address can change (if, for instance, the forum gets moved to a different server).  DNS is what prevents you having to know that new IP address.  You can simply type BellGab.com and it'll get you there.

So, back to the Microsoft thing...
Microsoft has determined that a large number of malware authors are using noip.me to enable their malware to communicate with whatever it needs to communicate with.  They've chosen to throw the baby out with the bath water by killing the company's control over its domain names.  This was entirely heavy handed and unnecessary on MS's part.  They could have simply told the people at noip which accounts are abusing the service and noip could have killed those accounts.  Eventually, the problem would have gone away entirely or it would have at least become inconsequential.  But nooooooooo...

Thanks, MS.

wr250

Quote from: MV on July 02, 2014, 04:28:10 PM
Let's say you need to be able to connect computer A to computer B.  Computer A is in LA and computer B is in NY.  Computer A would need to know the IP address of computer B to make that happen.  It's easy enough to figure out what computer B's IP address is at a given moment, but what if computer B doesn't have an IP address that stays the same all the time?  Then you have a problem.  Simply unplugging the power from your cable modem can get you a differnet IP address unless you pay for a "static" IP address which doesn't change. 

The solution is to use a type of service called dynamic DNS.  Noip.me is this type of service.  The most common way this works is you set up an account with noip.me and you choose your hostname (like blah.noip.me), and instead of computer A having to know the IP address of computer B, it can simply connect to blah.noip.me and it will always be able to touch computer B, regardless of what IP address computer B is assigned at any given moment.  The most common way this works is computer B always runs a small application that continually tells the noip service what its IP address is.  If the address changes, the new IP is reported to noip.me so that if I try to connect to blah.noip.me, the connection is still made.  You could look at it as a sort of forwarding service.  That's essentially how DNS (domain name system) in general works.  It's a phone book for the internet.  BellGab.com has an actual ip address, and that address can change (if, for instance, the forum gets moved to a different server).  DNS is what prevents you having to know that new IP address.  You can simply type BellGab.com and it'll get you there.

So, back to the Microsoft thing...
Microsoft has determined that a large number of malware authors are using noip.me to enable their malware to communicate with whatever it needs to communicate with.  They've chosen to throw the baby out with the bath water by killing the company's control over its domain names.  This was entirely heavy handed and unnecessary on MS's part.  They could have simply told the people at noip which accounts are abusing the service and noip could have killed those accounts.  Eventually, the problem would have gone away entirely or it would have at least become inconsequential.  But nooooooooo...

Thanks, MS.

not only that,but they asked for a ex parte hearing to get these domain names. this means the defendant is not notified in any way this was going to happen, or for that matter, there was any legal action at all. no-ip found out the same time the rest of us did that morning.

so again, fuck you microsoft

albrecht

I'm not computer geek but it would seem to me that the lawsuit is really just another attack in the war against online anonymity. There already have been cases forces websites to report the identity (in so much as they can) for posters in the comments section. And calls for an "internet driver's license" etc. Everyday we get scary reports about all the evil stuff going on in the "dark net" or via Tor.

What I don't quite grasp is, one the one hand, we have reports that agencies (like NSA etc) are recording and monitoring all internet, phone, email traffic but, on the other, we get wild claims from governments about how dangerous internet anonymity is. Are they just trying to make it cheaper and easier for them to get the information on everything we do?

wr250

Quote from: albrecht on July 02, 2014, 04:40:26 PM
I'm not computer geek but it would seem to me that the lawsuit is really just another attack in the war against online anonymity. There already have been cases forces websites to report the identity (in so much as they can) for posters in the comments section. And calls for an "internet driver's license" etc. Everyday we get scary reports about all the evil stuff going on in the "dark net" or via Tor.

What I don't quite grasp is, one the one hand, we have reports that agencies (like NSA etc) are recording and monitoring all internet, phone, email traffic but, on the other, we get wild claims from governments about how dangerous internet anonymity is. Are they just trying to make it cheaper and easier for them to get the information on everything we do?

what they are doing forcing people to the "dark web". the more they clamp down, the more people go that way. just like drugs. the more they clamp down, the more profitable the black market is.
same with piracy. all of microsofts (and the RIAA,MPAA, and all the rest) efforts to squash piracy have resulted in moar piracy. yet they keep doing the same thing , over and over. isnt that the definition of insanity?

albrecht

Quote from: wr250 on July 02, 2014, 04:49:29 PM
what they are doing forcing people to the "dark web". the more they clamp down, the more people go that way. just like drugs. the more they clamp down, the more profitable the black market is.
same with piracy. all of microsofts (and the RIAA,MPAA, and all the rest) efforts to squash piracy have resulted in moar piracy. yet they keep doing the same thing , over and over. isnt that the definition of insanity?
Yep. Of course, if this creates more criminals better for one of the only growth industries in the US the prison and legal system (for citizens, at least, illegals get more of a free pass.) The recent decision of AEREO lawsuit is another example. Instead of finding a way to innovate, profit, change business models, or even adapting the entrenched media industries just hire more lawyers to sue and lobbyists to write laws. And people go more to the PirateBays or "dark web". Because instead of making good products or coming up with innovative delivery options they would rather CGI everything and sue anybody who tries to watch more conveniently.

wr250

from no-ip:

A message from our CEO
As you certainly know by now, on Monday control of our most popular domain names were seized. As a result, millions of hostnames have gone dark and millions of our users have been put out of service.

We have been throwing everything we have at getting you back online with the least possible delay. For legal reasons, we have been restricted from reaching out to you, but we simply cannot stay quiet any longer. We are very close to a resolution and we will update you with more information as soon as we can.

We hear your overwhelming support on social media and would like you to know that we share your frustration. Thank you so much for your support! #FreeNoIP

Dan Durrer
Owner and CEO

wr250

apparently no-ip was able to get  the order lifted and are regaining control of their domains. as i believe this was a big steaming pile of bullshit ms laid on a judge who did not understand the technical side, and no-ip's lawyers got it reversed. looks like a huge lawsuit in the making.

notice the #freenoip
i guess the #freeartbell did not go unnoticed by the general populace.

Foodlion

Quote from: MV on July 02, 2014, 04:28:10 PM
Let's say you need to be able to connect computer A to computer B.  Computer A is in LA and computer B is in NY.  Computer A would need to know the IP address of computer B to make that happen.  It's easy enough to figure out what computer B's IP address is at a given moment, but what if computer B doesn't have an IP address that stays the same all the time?  Then you have a problem.  Simply unplugging the power from your cable modem can get you a differnet IP address unless you pay for a "static" IP address which doesn't change. 

The solution is to use a type of service called dynamic DNS.  Noip.me is this type of service.  The most common way this works is you set up an account with noip.me and you choose your hostname (like blah.noip.me), and instead of computer A having to know the IP address of computer B, it can simply connect to blah.noip.me and it will always be able to touch computer B, regardless of what IP address computer B is assigned at any given moment.  The most common way this works is computer B always runs a small application that continually tells the noip service what its IP address is.  If the address changes, the new IP is reported to noip.me so that if I try to connect to blah.noip.me, the connection is still made.  You could look at it as a sort of forwarding service.  That's essentially how DNS (domain name system) in general works.  It's a phone book for the internet.  BellGab.com has an actual ip address, and that address can change (if, for instance, the forum gets moved to a different server).  DNS is what prevents you having to know that new IP address.  You can simply type BellGab.com and it'll get you there.

So, back to the Microsoft thing...
Microsoft has determined that a large number of malware authors are using noip.me to enable their malware to communicate with whatever it needs to communicate with.  They've chosen to throw the baby out with the bath water by killing the company's control over its domain names.  This was entirely heavy handed and unnecessary on MS's part.  They could have simply told the people at noip which accounts are abusing the service and noip could have killed those accounts.  Eventually, the problem would have gone away entirely or it would have at least become inconsequential.  But nooooooooo...

Thanks, MS.

That does make sense. You know the Government and judges are infiltrated by the MS lobbiest anyways, so it's shouldn't be surprising to see.

ziznak

I ddos'd myself 3 times already today... im kinda sore now.

wr250

Update: Details on Microsoft Takeover
July 10, 2014·by Natalie Goguen·6 Comments·30804  Views

Earlier today, we released a joint statement with Microsoft announcing the settlement of the unprecedented and overreaching seizure of 23 of our domains. We are thrilled to announce the settlement of this dispute and are excited to return to work connecting our 18 million users to their website and devices.

How did this happen?
On Monday, June 30, 2014, Microsoft obtained a US court order to take control of our most popular domain names used by both our Free and Enhanced Dynamic DNS services. As a result, nearly 5 million hostnames went dark and 1.8 million customer websites and devices became unreachable.

Why did this happen?
Microsoft suspected some of our customers were abusing our service for malicious purposes. However, instead of reporting the malicious activity to our abuse department or law enforcement, Microsoft decided to secretly sue us in civil court.

By filing an ex parte temporary restraining order (TRO), No-IP was prevented from having any knowledge of the case or offering any support in stopping malicious activity. Had Microsoft submitted evidence of abuse at any time, No-IP would have taken swift action to validate the claims and ban any accounts that were proven to be malicious. Instead, Microsoft wasted many months while malicious activity continued.

To state this as emphatically as possible â€" this entire situation could have been avoided if only Microsoft had followed industry standards. A quick email or call to the No-IP abuse team would have removed the abusive hostnames from the No-IP network.

Microsoft cited 22,000 hostnames that were abusive. Out of those 22,000 seized hostnames, the No-IP abuse department found only a fraction of the hostnames to still be active, which means that many had already been banned through our existing abuse procedures.

Microsoft promised the judge they would only block the hostnames alleged to be malicious and would forward all the remaining traffic for the non-abusive hostnames on to No-IP. This did not happen. The Microsoft DNS servers were misconfigured and failed to respond to our usual volume of billions of queries a day.

On July 1 at 6:00 AM, Microsoft claimed to resolve this error and reported that all domains were fully operational.

zeebo

Quote from: wr250 on July 10, 2014, 01:15:42 PM
... On July 1 at 6:00 AM, Microsoft claimed to resolve this error and reported that all domains were fully operational.

5392 5391 reasons to hate Microsoft.

Quote from: ziznak on July 03, 2014, 07:40:24 AM
I ddos'd myself 3 times already today... im kinda sore now.
LMFAO ! Seriously Z, that made me bust a gut.
Is that a signature ? ;)
;D ;D ;D

Powered by SMFPacks Menu Editor Mod