[governance] 3322.org seized by Microsoft from Chinese DNS service provider

Daniel Kalchev daniel at digsys.bg
Mon Sep 24 02:53:58 EDT 2012 


On 24.09.12 09:30, Chaitanya Dhareshwar wrote:
> Further if there was a pre-loaded malware chances are windows 
> firewall/defender would have been patched to prevent detection of the 
> same - or maybe even removed altogether.

I stand corrected on this part, but then it is indeed curious why 
Microsoft would react this way. It seems that even although the 
computers in question might not have come with "genuine" Microsoft OS, 
they do present threat to other Windows computers.

Here, again, the fault is with Microsoft. Microsoft insists in their OEM 
agreement, that builders of PCs with Windows pre-installed do not 
install it from the original media, but use the OEM Preinstallation Kit 
instead. The OPK builds a new installation DVD media, containing Windows 
+ your additions, from which you must install the PC. If you install the 
customer's PC directly from the Windows DVD media, Microsoft claims, the 
customer copy is not properly licensed. Weird!

So I could imagine the vendor's administrative workstation, where OPK is 
being used might well have been infected with this malware. This whole 
story might have been saved if Microsoft's OEM agreement was different. 
But it is not, because for "direct installation" they sell the same DVD 
are much higher price. There is hope they have revised this attitude 
with Windows 8.

>  Very likely the OS installed on those 'pre-loaded PCs' would have 
> been pirated - if it was, MS would technically have no obligation to 
> support them in any manner.

As far as I understand, Microsoft's problem was not those "pirated" 
Windows computers in China, but the fact that other Windows computers 
all around the world were being infected and joining the botnet.

>  Yes the move to grab the domain was hugely unprecedented, unexpected, 
> and a very bold move even for MS. Why would they waste their time with 
> un-licensed PCs that were pre-compromised? I think there's a larger 
> threat here that's not being made public knowledge. Not a conspiracy - 
> just that details are too sketchy and the move too bold for this to be 
> very minor.

Short version: Microsoft saving face.

By the way this is not the first time Microsoft engages in such 
activity. They have had a number of cases, some involving the takedown 
of huge number of domains in ccTLDs all over the world. All in order to 
stop a botnet infecting computers running Windows.

Daniel

-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list