
Microsoft, FBI Take Down 'Citadel' Botnet Targeting Bank Info - eplanit
http://www.pcmag.com/article2/0,2817,2420046,00.asp
======
bhauer
I admit this has nothing to do with the content: I have never seen a longer
list of domain names to reject or authorize in Noscript. I gave up and
navigated away in disgust.

~~~
null_ptr
Honestly I whitelist every site in NoScript (but keep it for its click jacking
protection and other things that apply to all websites), and use Ghostery and
AdBlock Plus to block the irrelevant ads and widgets that are everywhere. It's
a nice compromise between blocking evil things and still being able to use
most of the web.

------
ihsw
Their advocacy of public-private partnerships is interesting:

> Creating successful public-private relationships—in which tools, knowledge,
> and intelligence are shared—is the ultimate key to success in addressing
> cyber threats and is among the highest priorities of the FBI.

It sounds like a page out of the CISPA propaganda handbook, and it seems to
indicate that CISPA will eventually pass.

~~~
nknighthb
It's actually a point against CISPA. Its authoritarian advocates keep whining
about how impossible it is for private companies to cooperate with law
enforcement on security issues, yet here we are, no CISPA, and yet Microsoft
and the FBI are cooperating.

~~~
quackerhacker
CISPA was just the 'legal ammunition,' that the gov needed to prove what they
may already know in court...and to of course release liability (more like bad
PR), against the companies who are the sources.

------
spoiledtechie
Love hearing about these takedowns.

------
ambiate
If I had penetrated the bot net, provided full documentation on the incident
and cleansed the drones or controller I would be placed in jail for 30+ years.

~~~
adrr
If you do it under a business entity and for profit, you don't goto jail. Just
get a fine. Good example was the sony rootkit or all toolbars/spyware that use
browser exploits to install their software. Even though these are clearly a
violation of unauthorized access laws.

~~~
greenyoda
Agreed, but your business entity probably has to be big enough to afford very
good lawyers (and maybe have political connections) to avoid criminal charges.
I doubt that a small startup could get away with what Sony did.

