01.05.10
Boycott Novell DDOS; Perhaps Time for Authorities to Ban Microsoft Windows
Summary: Another long batch of denial of service attacks on the site gives room for thought
FOR over a week now, on and off we are being hit by rogue bots that hammer on the server with junk requests to the point where it is unable to serve genuine visitors. It even happened around Christmas.
“Zombie PCs come from all over the place, always sharing one thing in common: they run Windows.”This would not be the first time that we suffer from non-stop or occasional DDOS and downtime. Zombie PCs come from all over the place, always sharing one thing in common: they run Windows.
Australia wants to take such PCs off the Internet, but that would hardly solve the problem at a global scale. As up to about one in two Windows PCs is a zombie PC, the reasonable solution sometimes seems like a worldwide Windows quarantine. Microsoft is only giving people more reasons for resentment, especially people who understand where the problems originate from.
Here at Boycott Novell alone we have been spending many hours in recent weeks merely fighting against these disruptions, also spending hours offline as a result. Who will pay for the damage? Microsoft? Microsoft is only profiteering from its zombies and taxpayers take the bill. Astounding. █
“Our products just aren’t engineered for security.”
–Brian Valentine, Microsoft executive
Yuhong Bao said,
January 5, 2010 at 9:47 pm
Well, I wouldn’t go so far to ban Windows entirely (espcially considering that it is only partly MS’s fault), but banning zombie PCs in general is a good idea.
Roy Schestowitz Reply:
January 5th, 2010 at 10:05 pm
How would you go about implementing this?
your_friend Reply:
January 7th, 2010 at 12:59 am
True, there’s no reason to ban Windows operation, just ban their connection to any public network.
One way to do this is to make people accountable for the poor security of their computers. A class action lawsuit should be launched against Microsoft for every business that has suffered downtime due to DDoS. Companies with large numbers of participating machines can be named as co-defendants. That would clean things up pretty quickly and I can’t believe no one has thought of it …
perhpas they have. Looks like the legal groundwork was all worked out ten years ago, but no one has done anything. Ten years after articles like this put the blame on greedy companies, we now have free systems that take less money and staff but have no security problems. My bet is that the right lawyers simply have not caught up to the problem and potential solutions. The existence of obvious low cost alternatives, combined with a decade of tremendous costs should combine to make some very juicy lawsuits. It’s time to lay the costs of non free software at the feet of it’s owners.
Yuhong Bao Reply:
January 7th, 2010 at 1:51 am
“A class action lawsuit should be launched against Microsoft for every business that has suffered downtime due to DDoS.”
I don’t think so. As I said, it is only partly MS’s fault, and when did it made sense to consider a class-action lawsuit just because a security vulnerability has been found in their software.
Yuhong Bao Reply:
January 7th, 2010 at 1:52 am
“True, there’s no reason to ban Windows operation, just ban their connection to any public network. ”
Banning Windows operation on any PC, zombie or not, would likely be impossible anyway.
your_friend Reply:
January 9th, 2010 at 5:42 pm
No, it’s not. Microsoft does what it can to exclude free software users from hardware and networks all the time. Ports are blocked by ISPs and Universities are blocking systems that are not “up to date”. It would be simpler and more effective to block all Windows computers, Zombie or not, than to try to achieve the impossible and secure them.
Yuhong Bao Reply:
January 9th, 2010 at 6:35 pm
I was thinking of banning *local* Windows operation. But I agree that client-side detection and quarantine, like MS’s NAP, is a bad idea. No need to detect Windows specifically, just detect botnet and worm network traffic on the network side and ban PCs that are sending them.
Roy Schestowitz Reply:
January 9th, 2010 at 6:46 pm
It would not cure those PCs. They would just move on to other targets that are more sensitive.
your_friend Reply:
January 9th, 2010 at 10:11 pm
Botnets are a Global problem but the correction is always local. They should be removed at the local nexus of power that Microsoft usually exploits to discriminate against free software users: ISPs and local government.
The expedient solution is to block access at the ISP level to all Windows computers and this is already necessary. ISPs have periodically disconnected compromised Windows computers but never had a reason to block other kinds. It would be cheaper and more effective to block all versions of Windows. People die when hospital networks are clogged with malware traffic. The economic harm is also high. Individuals caught in Microsoft’s monopoly trap are moving too slowly, so society must use other measures to protect itself.
Tort law can be used as a slow solution by suing Microsoft companies that use Windows and ISPs that don’t take effective measures. Microsoft is directly responsible in a way that only a non free software owner can be. Companies with large Windows deployments are guilty of gross negligence because everyone knows that a high proportion of Windows clients are always compromised. ISPs, such as Comcast, are also grossly negligent. The economic harm from botnets is easier to measure than MAFIAA cases that now clog courts against individuals with the nerve to share. Some smart, brave and honest lawyers stand to make a fortune from companies that are usually guilty of monopoly tactics.
The harm Windows does should be stopped as soon as possible and Microsoft should pay for it. We’ve had more than a decade of excuses but nothing has changed. The slowest solution of all is the one that is ongoing, people realize that free software is a better deal. This would be more effective if society was better at protecting itself from Microsoft’s anti-trust crimes. The sooner all of these crimes and problems are addressed, the better.
Yuhong Bao Reply:
January 9th, 2010 at 8:13 pm
It would not cure these botnet PCs, but it would stop them from connecting to the network, so the attempt by those PCs to send/receive botnet traffic will have no effect.
Roy Schestowitz Reply:
January 9th, 2010 at 8:29 pm
Yes, at the ISP level. Australia considers doing this already.
uberVU - social comments said,
January 6, 2010 at 4:13 am
Social comments and analytics for this post…
This post was mentioned on Identica by schestowitz: Perhaps Time for Authorities to Ban #Microsoft #Windows http://boycottnovell.com/2010/01/05/denial-of-service-again/...