"Microsoft are arguing that the malware operation damages Microsoft's brand, instead of putting the fault onto themselves for making vulnerable software."
The entire "desktop" software industry championed by Bill Gates has always relied on this belief. Namely, that Windows exploits are the fault of the people who dare to point out the flaws (before they are fixed, if ever), instead of the "engineers" and management who dared to skip quality control and market software that they knew could be exploited.
In para. 49 MS are also arguing that the botnet is causing damage to MS because MS has to expend resources to investigate and clean it up.
Can we consider the courts' time being wasted because of MS failure to perform quality control. Can we consider the losses of the MS software users. Users are not the ones seeking a TRO and damages, though surely they are sufferring more harm than MS from the botnet. Does MS actually own the infected computers.
Anyway, MS arguments are not limited to trademark.
They argue the botnet operators' use of Windows function declarations is copyright infringment (para. 59).
They argue the botnet operators violated the CFAA by accessing MS computers without authorization and caused "a loss to MS" of greater than $5K in the aggregate in one year (para. 67).
They argue the botnet operators violated the ECPA by intercepting communications between MS and financial institutions (para. 74).
They argue the botnet operators have committed trespass to chattels, i.e., MS computers and networks (para. 99).
They argue the botnet operators have been unjustly enriched through the use of MS software and online account infrastructure (para. 105).
They even argue conversion, as if the software still belongs to MS, not its users (para 112). Not all of these claims are going to stick, obviously.
Software warranties still haven't changed much over the past three decades in terms of product liability under US law. Unless the software causes physical damage to property or physical injury to persons, software companies can successfully disclaim liability for defects. Sadly, Windows users, who always accept MS's licensing terms, generally have no claims against MS for the losses they suffer as a result of Windows' vulnerabilities.
Perhaps the only way to force quality controls into software "engineeering" is to allocate more products liability risk to those multi-billion dollar companies who produce mass market software. If you hate the sound of that, don't worry. I doubt it is ever going to happen.
To me, the "Microsoft brand" is synonymous with vulnerablities, botnets and malware. This is only because I know the full history of the software. In the complaint MS argues users might associate degradation of performance with Windows instead of the botnet (para 48). In theory, MS could make this argument against any author of third party software running on Windows that hides itself from the user's awareness and, for whatever reason, degrades performance.
Today's MS Windows, with its "software subscription" model, IMO is functionally tantamount to a so-called botnet, the only differences being "authorisation" (driven by use of dark patterns) and the definition of "malicious" (intent). Please forgive the provocative nature of that statement. What I mean is MS, like a "botnet", has centralised "command and control" of users' computers through centralised or decentralised communication to install software (updates), it can intercept users' electronic communications through telemetry and it does "exfiltrate" user data to MS. What makes the botnet "bad" and MS "good" is not the means by which each operates (they each excercise considerable remote control over Windows users) but the ends they seek to achieve. Controlling users' computers remotely, under a very thin veil of "authorisation", has become accepted behaviour.
The entire "desktop" software industry championed by Bill Gates has always relied on this belief. Namely, that Windows exploits are the fault of the people who dare to point out the flaws (before they are fixed, if ever), instead of the "engineers" and management who dared to skip quality control and market software that they knew could be exploited.
The Complaint:
http://noticeofpleadings.com/trickbot/files/Complaint%20and%...
In para. 49 MS are also arguing that the botnet is causing damage to MS because MS has to expend resources to investigate and clean it up.
Can we consider the courts' time being wasted because of MS failure to perform quality control. Can we consider the losses of the MS software users. Users are not the ones seeking a TRO and damages, though surely they are sufferring more harm than MS from the botnet. Does MS actually own the infected computers.
Anyway, MS arguments are not limited to trademark. They argue the botnet operators' use of Windows function declarations is copyright infringment (para. 59). They argue the botnet operators violated the CFAA by accessing MS computers without authorization and caused "a loss to MS" of greater than $5K in the aggregate in one year (para. 67). They argue the botnet operators violated the ECPA by intercepting communications between MS and financial institutions (para. 74). They argue the botnet operators have committed trespass to chattels, i.e., MS computers and networks (para. 99). They argue the botnet operators have been unjustly enriched through the use of MS software and online account infrastructure (para. 105). They even argue conversion, as if the software still belongs to MS, not its users (para 112). Not all of these claims are going to stick, obviously.
Software warranties still haven't changed much over the past three decades in terms of product liability under US law. Unless the software causes physical damage to property or physical injury to persons, software companies can successfully disclaim liability for defects. Sadly, Windows users, who always accept MS's licensing terms, generally have no claims against MS for the losses they suffer as a result of Windows' vulnerabilities.
Perhaps the only way to force quality controls into software "engineeering" is to allocate more products liability risk to those multi-billion dollar companies who produce mass market software. If you hate the sound of that, don't worry. I doubt it is ever going to happen.
To me, the "Microsoft brand" is synonymous with vulnerablities, botnets and malware. This is only because I know the full history of the software. In the complaint MS argues users might associate degradation of performance with Windows instead of the botnet (para 48). In theory, MS could make this argument against any author of third party software running on Windows that hides itself from the user's awareness and, for whatever reason, degrades performance.
Today's MS Windows, with its "software subscription" model, IMO is functionally tantamount to a so-called botnet, the only differences being "authorisation" (driven by use of dark patterns) and the definition of "malicious" (intent). Please forgive the provocative nature of that statement. What I mean is MS, like a "botnet", has centralised "command and control" of users' computers through centralised or decentralised communication to install software (updates), it can intercept users' electronic communications through telemetry and it does "exfiltrate" user data to MS. What makes the botnet "bad" and MS "good" is not the means by which each operates (they each excercise considerable remote control over Windows users) but the ends they seek to achieve. Controlling users' computers remotely, under a very thin veil of "authorisation", has become accepted behaviour.