A federal judge has allowed Microsoft to secretly deactivate nearly 300 domain names that the company alleges were part of a giant spamming network. While its intentions are good, Microsoft's approach is problematic.
Microsoft argued that it had linked 277 domain names to a botnet, a network of compromised computers instructed to perform a task such as denial of service attacks and sending spam e-mails. Some computers in a botnet are run by spammers themselves, but the majority are "drones" or infected computers whose owners are unable to stop or unaware of the task being performed. Microsoft alleged the domains were part of a botnet called Waledac, which the company estimates includes between 30,000 and 90,000 drone PC's, according to The Journal.
On Monday, Microsoft was granted a restraining order against the domain-name owners, who have until March 8 to reclaim their addresses. The company said it tried to ensure that the targeted computers were only being used for the Waledac botnet, which was responsible for sending 651 million spam e-mails to Hotmail addresses over an 18-day period last month.
While the company's fight on behalf of its users is admirable, its approach is questionable. For one, it runs the risk of collateral damage, as The Journal points out:
The single U.S.-based registrant of a suspect domain in Microsoft's complaint, Stephen Paluck of Beaverton, Ore., said in a phone interview that he was doing nothing wrong from his Internet address, Debtbgonesite.com. Mr. Paluck said he didn't know what a botnet was and wants Microsoft to return his domain name to him, which he last used to send email from in December.
It's not difficult to imagine a legitimate website owner -- perhaps with a hijacked PC -- being mistakenly targeted. If even one of the domain names taken down belonged to a legitimate small business, the order would be financially disruptive.
The court order also sets a bad precedent by granting Microsoft the power to shut down domains. Just yesterday, the company convinced an Internet Service Provider to shut down a site that hosted a leaked guide to how Microsoft shares information with law enforcement agencies, ReadWriteWeb reported. Some, including the spokeswoman for the Electronic Frontier Foundation, a digital rights advocacy group, have argued that the move was a form of censorship. The editor of the guide argued that it sheds light on alleged violations of consumer privacy. While the ISP's removal of the site seems more likely motivated by fear of Microsoft than a legal directive, the botnet court order establishes a new legal avenue for Microsoft to use to silence some critics, such as the editor.
But if Microsoft's approach was a poor choice, how else can it keep up the necessary fight against spam? Engage law enforcement. As The Journal reported, the FBI and other overseas agencies already pursue botnet operators. Law enforcement agencies should be the ones shutting down the spammers, not corporations.
(Image: Wikimedia Commons)