01.05.10

Gemini version available ♊︎

Boycott Novell DDOS; Perhaps Time for Authorities to Ban Microsoft Windows

Posted in Microsoft, Security, Windows at 9:32 pm by Dr. Roy Schestowitz

Summary: Another long batch of denial of service attacks on the site gives room for thought

FOR over a week now, on and off we are being hit by rogue bots that hammer on the server with junk requests to the point where it is unable to serve genuine visitors. It even happened around Christmas.

“Zombie PCs come from all over the place, always sharing one thing in common: they run Windows.”This would not be the first time that we suffer from non-stop or occasional DDOS and downtime. Zombie PCs come from all over the place, always sharing one thing in common: they run Windows.

Australia wants to take such PCs off the Internet, but that would hardly solve the problem at a global scale. As up to about one in two Windows PCs is a zombie PC, the reasonable solution sometimes seems like a worldwide Windows quarantine. Microsoft is only giving people more reasons for resentment, especially people who understand where the problems originate from.

Here at Boycott Novell alone we have been spending many hours in recent weeks merely fighting against these disruptions, also spending hours offline as a result. Who will pay for the damage? Microsoft? Microsoft is only profiteering from its zombies and taxpayers take the bill. Astounding.

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

12 Comments

  1. Yuhong Bao said,

    January 5, 2010 at 9:47 pm

    Gravatar

    Well, I wouldn’t go so far to ban Windows entirely (espcially considering that it is only partly MS’s fault), but banning zombie PCs in general is a good idea.

    Roy Schestowitz Reply:
    January 5th, 2010 at 10:05 pm

    How would you go about implementing this?

    your_friend Reply:
    January 7th, 2010 at 12:59 am

    True, there’s no reason to ban Windows operation, just ban their connection to any public network.

    One way to do this is to make people accountable for the poor security of their computers. A class action lawsuit should be launched against Microsoft for every business that has suffered downtime due to DDoS. Companies with large numbers of participating machines can be named as co-defendants. That would clean things up pretty quickly and I can’t believe no one has thought of it …

    perhpas they have. Looks like the legal groundwork was all worked out ten years ago, but no one has done anything. Ten years after articles like this put the blame on greedy companies, we now have free systems that take less money and staff but have no security problems. My bet is that the right lawyers simply have not caught up to the problem and potential solutions. The existence of obvious low cost alternatives, combined with a decade of tremendous costs should combine to make some very juicy lawsuits. It’s time to lay the costs of non free software at the feet of it’s owners.

    Yuhong Bao Reply:
    January 7th, 2010 at 1:51 am

    “A class action lawsuit should be launched against Microsoft for every business that has suffered downtime due to DDoS.”
    I don’t think so. As I said, it is only partly MS’s fault, and when did it made sense to consider a class-action lawsuit just because a security vulnerability has been found in their software.

    Yuhong Bao Reply:
    January 7th, 2010 at 1:52 am

    “True, there’s no reason to ban Windows operation, just ban their connection to any public network. ”
    Banning Windows operation on any PC, zombie or not, would likely be impossible anyway.

    your_friend Reply:
    January 9th, 2010 at 5:42 pm

    No, it’s not. Microsoft does what it can to exclude free software users from hardware and networks all the time. Ports are blocked by ISPs and Universities are blocking systems that are not “up to date”. It would be simpler and more effective to block all Windows computers, Zombie or not, than to try to achieve the impossible and secure them.

    Yuhong Bao Reply:
    January 9th, 2010 at 6:35 pm

    I was thinking of banning *local* Windows operation. But I agree that client-side detection and quarantine, like MS’s NAP, is a bad idea. No need to detect Windows specifically, just detect botnet and worm network traffic on the network side and ban PCs that are sending them.

    Roy Schestowitz Reply:
    January 9th, 2010 at 6:46 pm

    It would not cure those PCs. They would just move on to other targets that are more sensitive.

    your_friend Reply:
    January 9th, 2010 at 10:11 pm

    Botnets are a Global problem but the correction is always local. They should be removed at the local nexus of power that Microsoft usually exploits to discriminate against free software users: ISPs and local government.

    The expedient solution is to block access at the ISP level to all Windows computers and this is already necessary. ISPs have periodically disconnected compromised Windows computers but never had a reason to block other kinds. It would be cheaper and more effective to block all versions of Windows. People die when hospital networks are clogged with malware traffic. The economic harm is also high. Individuals caught in Microsoft’s monopoly trap are moving too slowly, so society must use other measures to protect itself.

    Tort law can be used as a slow solution by suing Microsoft companies that use Windows and ISPs that don’t take effective measures. Microsoft is directly responsible in a way that only a non free software owner can be. Companies with large Windows deployments are guilty of gross negligence because everyone knows that a high proportion of Windows clients are always compromised. ISPs, such as Comcast, are also grossly negligent. The economic harm from botnets is easier to measure than MAFIAA cases that now clog courts against individuals with the nerve to share. Some smart, brave and honest lawyers stand to make a fortune from companies that are usually guilty of monopoly tactics.

    The harm Windows does should be stopped as soon as possible and Microsoft should pay for it. We’ve had more than a decade of excuses but nothing has changed. The slowest solution of all is the one that is ongoing, people realize that free software is a better deal. This would be more effective if society was better at protecting itself from Microsoft’s anti-trust crimes. The sooner all of these crimes and problems are addressed, the better.

    Yuhong Bao Reply:
    January 9th, 2010 at 8:13 pm

    It would not cure these botnet PCs, but it would stop them from connecting to the network, so the attempt by those PCs to send/receive botnet traffic will have no effect.

    Roy Schestowitz Reply:
    January 9th, 2010 at 8:29 pm

    Yes, at the ISP level. Australia considers doing this already.

  2. uberVU - social comments said,

    January 6, 2010 at 4:13 am

    Social comments and analytics for this post…

    This post was mentioned on Identica by schestowitz: Perhaps Time for Authorities to Ban #Microsoft #Windows http://boycottnovell.com/2010/01/05/denial-of-service-again/

DecorWhat Else is New

  1. Links 29/03/2023: Parted 3.5.28 and Blender 3.5

    Links for the day

  2. Links 29/03/2023: New Finnix and EasyOS Kirkstone 5.2

    Links for the day

  3. IRC Proceedings: Tuesday, March 28, 2023

    IRC logs for Tuesday, March 28, 2023

  4. [Meme] Fraud Seems Standard to Standard Life

    Sirius ‘Open Source’ has embezzled and defrauded staff; now it is being protected (delaying and stonewalling tactics) by those who helped facilitate the robbery

  5. 3 Months to Progress Pension Fraud Investigations in the United Kingdom

    Based on our experiences and findings, one simply cannot rely on pension providers to take fraud seriously (we’ve been working as a group on this); all they want is the money and risk does not seem to bother them, even when there’s an actual crime associated with pension-related activities

  6. 36,000 Soon

    Techrights is still growing; in WordPress alone (not the entire site) we’re fast approaching 36,000 posts; in Gemini it’s almost 45,500 pages and our IRC community turns 15 soon

  7. Contrary to What Bribed (by Microsoft) Media Keeps Saying, Bing is in a Freefall and Bing Staff is Being Laid Off (No, Chatbots Are Not Search and Do Not Substitute Web Pages!)

    Chatbots/chaffbot media noise (chaff) needs to be disregarded; Microsoft has no solid search strategy, just lots and lots of layoffs that never end this year (Microsoft distracts shareholders with chaffbot hype/vapourware each time a wave of layoffs starts, giving financial incentives for publishers to not even mention these; right now it’s GitHub again, with NDAs signed to hide that it is happening)

  8. Full RMS Talk ('A Tour of Malicious Software') Uploaded 10 Hours Ago

    The talk is entitled "A tour of malicious software, with a typical cell phone as example." Richard Stallman is speaking about the free software movement and your freedom. His speech is nontechnical. The talk was given on March 17, 2023 in Somerville, MA.

  9. Links 28/03/2023: KPhotoAlbum 5.10.0 and QSoas 3.2

    Links for the day

  10. The Rumours Were Right: Many More Microsoft Layoffs This Week, Another Round of GitHub Layoffs

    Another round of GitHub layoffs (not the first [1, 2]; won’t be the last) and many more Microsoft layoffs; this isn’t related to the numbers disclosed by Microsoft back in January, but Microsoft uses or misuses NDAs to hide what’s truly going on

  11. All of Microsoft's Strategic Areas Have Layoffs This Year

    Microsoft’s supposedly strategic/future areas — gaming (trying to debt-load or offload debt to other companies), so-called ‘security’, “clown computing” (Azure), and “Hey Hi” (chaffbots etc.) — have all had layoffs this year; it’s clear that the company is having a serious existential crisis in spite of Trump’s and Biden’s bailouts (a wave of layoffs every month this year) and is just bluffing/stuffing the media with chaffbots cruft (puff pieces/misinformation) to keep shareholders distracted, asking them for patience and faking demand for the chaffbots (whilst laying off Bing staff, too)

  12. Links 28/03/2023: Pitivi 2023.03 is Out, Yet More Microsoft Layoffs (Now in Israel)

    Links for the day

  13. IRC Proceedings: Monday, March 27, 2023

    IRC logs for Monday, March 27, 2023

  14. Links 27/03/2023: GnuCash 5.0 and Ubuntu 20.04 LTS on Phones

    Links for the day

  15. Links 27/03/2023: Twitter Source Code Published (But Not Intentionally)

    Links for the day

  16. IRC Proceedings: Sunday, March 26, 2023

    IRC logs for Sunday, March 26, 2023

  17. Links 26/03/2023: OpenMandriva ROME 23.03, Texinfo 7.0.3, and KBibTeX 0.10.0

    Links for the day

  18. The World Wide Web is a Cesspit of Misinformation. Let's Do Something About It.

    It would be nice to make the Web a safer space for information and accuracy (actual facts) rather than a “Safe Space” for oversensitive companies and powerful people who cannot tolerate criticism; The Web needs to become more like today's Gemini, free of corporate influence and all other forms of covert nuisance

  19. Ryan Farmer: I’m Back After WordPress.com Deleted My Blog Over the Weekend

    Reprinted with permission from Ryan

  20. Civil Liberties Threatened Online and Offline

    A “society of sheeple” (a term used by Richard Stallman last week in his speech) is being “herded” online and offline; the video covers examples both online and offline, the latter being absence of ATMs or lack of properly-functioning ATMs (a growing problem lately, at least where I live)

  21. Techrights Develops Free Software to Separate the Wheat From the Chaff

    In order to separate the wheat from the chaff we’ve been working on simple, modular tools that process news and help curate the Web, basically removing the noise to squeeze out the signal

  22. Links 26/03/2023: MidnightBSD 3.0 and FreeBSD 13.2 RC4

    Links for the day

  23. IRC Proceedings: Saturday, March 25, 2023

    IRC logs for Saturday, March 25, 2023

  24. Links 26/03/2023: More TikTok Bans

    Links for the day

  25. Links 25/03/2023: Gordon Moore (of Moore's Law) is Dead

    Links for the day

  26. Links 25/03/2023: Decade of Docker, Azure Broken Again

    Links for the day

  27. [Meme] Money Deducted in Payslips, But Nothing in Pensions

    Sirius ‘Open Source’ has stolen money from staff (in secret)

  28. IRC Proceedings: Friday, March 24, 2023

    IRC Proceedings: Friday, March 24, 2023

  29. The Corporate Media is Not Reporting Large-Scale Microsoft Layoffs (Too Busy With Chaffbot Puff Pieces), Leaks Required to Prove That More Layoffs Are Happening

    Just as we noted days ago, there are yet more Microsoft layoffs, but the mainstream media gets bribed to go “gaga” over vapourware and chaffbots (making chaff like “Bill Gates Says” pieces) instead of reporting actual news about Microsoft

  30. Sirius 'Open Source' Pensiongate: Time to Issue a Warrant of Arrest and Extradite the Fake 'Founder' of Sirius

    Sirius ‘Open Source’ is collapsing, but that does not mean that it can dodge accountability for crimes (e.g. money that it silently stole from its staff since at least 12 years ago)

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts