Prior Art?
There is at least one Android app ("Llama", in Google Play app store) which claims to do this already.
Posts by Whiskers
220 publicly visible posts • joined 15 May 2014
Future Apple gumble could lock fanbois out of their own devices
Zero-knowledge proof crypto scheme divines truths from nothing
Microsoft's anti-malware crusade knackers '4 MILLION' No-IP users
Wednesday 2nd July 2014 11:20 GMT
Legalistic spin
I suspect that the lawyers made much of their allegation that some of the sub-domain names resembled Microsoft trade-marks (and were thus "stolen" from Microsoft) and their assertion that No-IP were damaging Microsoft and Microsoft's customers - either on purpose or by incompetence. That would tend to make a judge sympathetic to Microsoft's request that certain domain names should be handed over to them.
If No-IP were not represented in court or had failed to lodge a written response to Microsoft's complaint (for whatever reason), the court may have had no option but give Microsoft everything they asked for.
Wednesday 2nd July 2014 11:04 GMT
Re: Punishing the victims
I do hope that "head-full of cognitive dissonance" clears up soon.
The only effective cure or prevention of a malware plague, is to design &/or re-design the software being attacked so that the malware cannot function. That should be Microsoft's prime concern and main focus of effort. It's nice that they want to help clear up the mess (albeit more than 20 years late), but there are plenty of others who can do that at least as effectively; only Microsoft can do anything about Microsoft's software, because they don't let anyone else touch it.
Tuesday 1st July 2014 15:32 GMT
Re: Punishing the victims
"To permanently take down a botnet, you need to wipe out all of the C&C infrastructure before the writers can react - and update the system to use new addresses."
That's one approach. Just as rounding up the wandering cattle is one approach to fence design - but a better fence makes the roundup un-necessary. In this case, the fence was built by Microsoft; No-IP are just one of the neighbours over-run by the strays.
Tuesday 1st July 2014 15:23 GMT
Re: Let's clear it up...
I think the Cisco blog article related to this discussion is here (dated 11th Feb 2014) <http://blogs.cisco.com/security/dynamic-detection-of-malicious-ddns/>. At the time of reading, there are two comments shown - one from No-IP referencing a blog article of their own in response, and inviting contact, and the other from Cisco saying they'll be in touch.
So No-IP were certainly aware of Cisco's figures and concerns. But we don't know what they were doing about them.
How long would it take to manually delete sub-domains from a list of (say) 20,000?
Tuesday 1st July 2014 11:52 GMT
Punishing the victims
Surely, as Microsoft know so much about this malware and (I hope) know all there is to know about their own operating systems, they are in a position to stop the malware from functioning at all? A court order obliging them to do so would be a lot fairer than one that virtually destroys at least one independent business and interferes with a great many innocent legitimate internet users.
Why couldn't Microsoft just give their list of dodgy domain names to No-IP and get a court order requiring them to re-direct all traffic to or from them to some disinterested party for forensic analysis? Microsoft are not at all disinterested in this matter.
Facebook: Yes, we made you SAD on PURPOSE... for your own good
Monday 30th June 2014 12:43 GMT 
Just digging themselves into a deeper hole
From Kramer's Facebook post:
"[...]
The reason we did this research is because we care about the emotional impact of Facebook and the people that use our product. We felt that it was important to investigate the common worry that seeing friends post positive content leads to people feeling negative or left out. At the same time, we were concerned that exposure to friends' negativity might lead people to avoid visiting Facebook. We didn't clearly state our motivations in the paper.
[...]"
In other words, Facebook are prepared to distort reality to preserve their own business.
YouTube will nuke indie music videos in DAYS, says Google exec
'Hashtag' added to the OED – but # isn't a hash, pound, nor number sign
Tuesday 17th June 2014 18:06 GMT
Re: Just to muddy the waters further...
@ Don Jefe
On the off chance that you were responding to my comment - we (the workers expected to use it) called it 'the automated switchboard' because that's what it did. I'm sure the people selling it had some fancy name for it with 'system' and 'communications' mentioned somewhere; but that was too much to remember.
Good *# reference, by the way :))
Saturday 14th June 2014 10:34 GMT
Re: Just to muddy the waters further...
I remember the same thing; the printed instruction books for the new automated switchboard we were sold also called it the 'gate key'. I think it's sad that it never caught on; after all, a gate indicates that there is somewhere to go whereas a hash just ... is.
Biting the hand that feeds IT
