I also suspect they've managed to botch the technical aspect of it as well.

Presumably the plan was to put their caching name servers in front of the real no-ip servers, and gather the mappings for the malware suspect sites and then blackhole them after getting what they want. The problem was that Microsoft's side appears to have melted down, thus taking everything down. They won't be getting logs, behavior analysis or anything, because its all a pile of wreckage in a crater. Meanwhile, all the "bad guys(TM)" have now had hours head start to delete their C&C node registrations while microsoft's servers are down. And now they've ticked off the no-ip folks, so I wouldn't expect them to be in a cooperative mood to try and help.

Bone headed all round. There's no other way to put it.

The motion is here: http://www.noticeoflawsuit.com...

A quick skim of the motion for the court order gave me the "boilerplate" and "cut & paste" feeling. There is a lot of sloppy line blurring between actions and complaints directed at the Malware authors and the no-ip folks. Sometimes they refer to the "Malware Defendants" and other times the generic "Defendants" when they meant the former. Really sloppy legal work.

There are some real gems in there:

From section 7:
"There is good cause to believe that immediate and irreparable damage to this Court’s ability to grant effective final relief will result from the sale, transfer, or other disposition or concealment by Defendants of the Internet domains at issue"
Say what? How is that related anything? Its not like the TRO will actually prevent people from being able to hit 'delete' via the control panel. Given that everything's busted by their own doing, the bad guys got a huge head start.

From section 8:
"... and the interest of justice require that this Order be Granted without prior notice to Defendants ..."
Wow ...

The full motion text: http://www.noticeoflawsuit.com...

It seems to me that regardless of what good intentions that Microsoft may have had, they've really fouled up the execution. They'll be remembered more for taking out millions of legitimate users than the malware they *might* be able to take down.

The TSA does a whole lot of pre-flight data mining on passenger lists. I recall some discussion a while back about how they included included things like the credit card numbers, billing addresses etc in the mix.

Paying with Bitcoin has the same problem as paying with straight-up cash - it sets of all sorts of red flags because there's no real way to see if you're "connected" to other "interesting" people or not. No data = guilty until proven innocent etc.

When you're on the clock for getting to your departing flight, you really don't want to be on the wrong side of the extra special friendly pat-downs reserved for special troublemakers.

People like Expedia won't be wanting to mess with this can of worms for now, so they'll keep their bitcoin experiments a nice safe distance from the US Federal Government universe.

Yes. This.

Most likely, they screwed up and lost their private keys. ie: Plain old incompetence.

The code that was leaked to pastebin made it look like they were storing these in something like instances on Amazon EC2. If it turned out they were storing it on ephemeral storage rather than EBS, I don't know if I'd laugh or cry. But it would be an explanation if it were true. Again tough, that would come back to incompetence.

GPL didn't stop Xcode existing when it operated around gcc. Xcode will always be an OS X thing, it has nothing to do with the back end compiler license.

Yes, they get a lot of mileage out of tightly coupling Xcode with llvm - eg: they don't have to write the same level of context sensitive language support for editing when you can do constant incremental compiling and inspect the state of the compiler's trees.

BTW; Apple use LLVM for far more than just Xcode. They used it in the display subsystem to run-time optimize code to the actual machine's display configuration.

Being GPLv3 is a bonus for Apple, but it's about more than that. Competition is a good thing.

It had a captive "guest portal" thingy on its own vlan it with a NSA/DHS style logo and "PRISM Data collection and monitoring node" and no other comments. It was under an outside roof overhang with a high power Unifi UAP-LR. It has line of sight from the hillside to a lot of houses. Associating from a long way away seems to be problematic but you can hear the beacons.

I'm a bit worried that certain people won't find it particularly funny so I tend not to leave it operating for long.

My cell phone is called NSA_PRISM too so I can tether with it for a laugh.

Well.. GPLv3 specifically. FreeBSD is stuck on GCC-4.2, the last GPLv2 gcc compiler. It's getting quite dated now. It's a switch from gcc-4.2.2+ hacks/patches to clang instead of a GPLv3'd gcc-4.6 or later.

"Stuck"? FreeBSD gets a foot in the door of companies where GPL (and GPLv3 in particular) is something they'd prefer not to deal with. Being able to use a modern GPL-free OS as a foundation of a product is a convenient option to have. And being GPLv3-free can be even more compelling.

Yes. The article is vague, and the title on /. is worse - implies the source repository. It seems people have been easily mislead as a result. Always read the actual article, not a 2nd or 3rd hand summary.

From there:

"The code modifications did not made it into our source control, just the final package. We are currently investigating older packages to see if they were also compromised. "