Bonum Certa Men Certa

ISP Under Unfortunate 'DDOS Attack' by Microsoft Corporation; Liability of Software Debated in Europe

Stranded



Summary: Microsoft servers run amok and questions about liability return

SIMON PHIPPS has just found this very interesting message about an ISP which was brought down to its knees by "Windows Update". It is actually a recurring issue that affects networks in all sorts of ways (e.g. global Skype downtime).

We were facing a distributed denial of service attack from the world's largest "botnet:" Microsoft's "Windows Update."

[...]

As Spider-Man creator Stan Lee once noted, "with great power comes great responsibility." Microsoft, by virtue of its control over Windows-based PCs, has the ability to shut down the entire Internet at will -- and must be careful not to do it, inadvertently, by turning 90% of the world's PCs into a "zombie army."

Furthermore, content delivery networks such as Akamai, which distributes Microsoft's updates, must not be allowed to discriminate against smaller providers by making updates uncacheable (at least by a standards-conforming Web cache) and then denying smaller ISPs access to a cache that WILL cache them.


This is reminiscent of past incidents (see [1] and [2] at the bottom of this post). Yesterday we wrote about FAA where the damage of Microsoft's security, reliability and stability track record seems immense (in a very negative way). Now we find this from UC Berkeley right at the top of the news.

University of California, Berkeley, officials said Friday that hackers infiltrated restricted computer databases, putting at risk health and other personal information on 160,000 students, alumni and others.


Can liability put an end to this? That's the question the European Commission is asking and Glyn Moody reports on this matter.

Should Software Developers Be Liable for their Code?



Should Microsoft pay for the billions of dollars of damage that flaws in its software have caused around the world? It might have to, if a new European Commission consumer protection proposal becomes law. Although that sounds an appealing prospect, one knock-on consequence could be that open source coders would also be liable for any damage that errors in their software caused.

Here's what the European Commission is proposing:

A priority area for possible EU action is "extending the principles of consumer protection rules to cover licensing agreements of products like software downloaded for virus protection, games or other licensed content", according to the commissioners' agenda. "Licensing should guarantee consumers the same basic rights as when they purchase a good: the right to get a product that works with fair commercial conditions."

EU consumer commissioner Kuneva said that more accountability for software makers, and for companies providing digital services, would lead to greater consumer choice.


We have already covered this issue of liability and a reader wrote to us yesterday and offered his opinion too:

I suppose that this means that it is soon possible for the new administration to use military force to deal with Microsofters, if they don't dismantle their movement voluntarily:

Pentagon girds for cyber warfare

Official: No options ‘off the table’ for U.S. response to cyber attacks

Not so long ago, someone (or some group) did the electronic equivalent of cutting holes in the perimiter fence and taking out the guard towers by deploying Microsoft products inside a US Army base inside Afghanistan. The damage was quite bad as a result, and maybe the corrective actions were kept quiet and in-house, but certainly there is a paper trail leading back to those who brought MS products into the base.

In a recent speech, President Obama mentioned that US workers must come first. If that priority is followed, then it leads to removal of threats to US workers. Considering that the conficker Windows worm cost over $ 9.1 billion in the first three months, and that is on par with the other Windows worms, the 100's of billions saved over a few years by getting rid of any last trace of MS can easily pay for a new tech sector *and* a new economy.



Should Microsoft be made responsible and liable for damages caused by its software? Would this serve as a preventive measure? ____ [1] Are we being DOS attacked by a Microsoft employee?

Now I find it funny that a person that lives about 5 minutes from Redmond which is the headquarters of Microsoft is DOS attacking us and I don't believe that this is a coincidence.


[2] Bots Helped To Boost Microsoft Live Search Gains

In a blog post, Compete analyst Steve Willis attributed Microsoft's search gains to prizes awarded to users participating in Live Search Club, which features games that post queries to Microsoft's search engine.

[...]

Microsoft is essentially being DDoSed by thousands of people hundreds of times per minute, but they are mistaking this rise in traffic for people actually using Live Search."


Recent Techrights' Posts

Helping Microsoft 'Hijack' Developers (to Make Them Work for Microsoft, Not the Competition)
VS Code is proprietary spyware of Microsoft. Jack Wallen keeps promoting its use.
 
Outreachy, GSoC-mentors & Debian-Private may soon become public records in federal court
Reprinted with permission from Daniel Pocock
Links 28/02/2024: Many War Updates and Censorship
Links for the day
Gemini Links 28/02/2024: Social Control Media Notifications and Gemini Protocol Extended
Links for the day
Links 28/02/2024: Microsoft the Plagiarist is Projecting, Food Sector Adopts Surge Pricing
Links for the day
Gemini Links 28/02/2024: Groupthink and the 'Problem' With Linux
Links for the day
Android Rising (Windows Down to All-Time Lows, Internationally)
This month was a bloodbath for Microsoft
HexChat Looks for Successors to Keep IRC Growing
IRC is far from dead
[Meme] Just Make Him Happy
Y U no produce more monopolies?
End of a Long February
top 10 posts
[Meme] The EPO's Relationship With Patent Examiners
Nobody is "safe"
New Pension Scheme (NPS) at the European Patent Office Explained at the General Assembly
Investing in the future, or...
Donald Trump & FSFE Matthias Kirschner election denial
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, February 27, 2024
IRC logs for Tuesday, February 27, 2024
Links 27/02/2024: PlayStation Layoffs and More Oppressive New Laws for Hong Kong
Links for the day
Gemini Links 27/02/2024: Facebook as Containment Field and Depression Driven Development (DDD)
Links for the day
They're Adding Warnings Now: The Site "It's FOSS" is Not FOSS
It's better that they at least explicitly state this
Links 27/02/2024: Nevada Versus End-To-End Encryption, Birmingham Bankrupt
Links for the day
End of an Era
The Web isn't just filled with marketing spam but actual disinformation
[Meme] Onboarding New EPO Staff
You read the patent application and grant within hours
The Legacy Prolific Writers Leave Behind Them
"Free Software Credibility Index" after more than 15 years
The Ongoing Evolutionary Process of News-Reading (or News-Finding) on the World Wide Web
it gets worse
Phoronix in Google News
congratulating or welcoming Embrace, Extend, Extinguish (E.E.E.)
Google Fired Many Employees Working on Google News (Which Had Deteriorated and Became Gulag Noise, Littered and Gamed by Blogspam, Plagiarism, and Chatbot/Translator-Generated Spew), Now Comes the Likely 'Phase-out'
No wonder many yearn for the days of DMOZ and Web directories in general
IRC Proceedings: Monday, February 26, 2024
IRC logs for Monday, February 26, 2024
Over at Tux Machines...
GNU/Linux news for the past day
"It's Obvious There's No Future For Any of Us from Blizzard at Microsoft"
The rumours suggest that more Microsoft layoffs are on the way
[Meme] Who's the Boss?
"I thought EPC governed the Office"
Salary Adjustment Procedure (SAP) at the EPO and Why Workers' Salary is Actually Decreasing Each Year (Currency Loses Its Purchasing Power)
outline and update on a years-old blunder
Exposed: FSFE, Legal & Licensing Workshop (LLW), Legal Network & Modern Slavery
Reprinted with permission from Daniel Pocock