Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Industry Watch » The Technological » Hall of Monkeys

Richard Boscovich

Another MSFT spin dog.


Get It

Try It

Today's clown is Richard Boscovich. Boscovich works for Microsoft but unsurprisingly there's little information about him at the Microsoft website. The Lloyd's website seems to have more.

Richard began his career as a corporate tax attorney at an international law firm in New York City. He then served for 17 years at the US Department of Justice as an assistant US attorney in Florida's Southern District. He directed the Computer Hacking and Intellectual Property unit where he prosecuted numerous high profile computer intrusion cases, including the first federal juvenile prosecution of a 17 year old computer hacker. During the last two and a half years of his tenure at the DOJ he served as chief of the Major Crimes unit where he managed the activities of 25 assistant US attorneys.

So he's into law and doesn't know diddley-shit about computers. To be expected. And now he works for Microsoft. Some would say he's a shill in a fancy suit. But let no one rush to judgement.

Richard is a senior attorney on the Internet Safety Enforcement Team at Microsoft. His work focuses on malicious code and spyware enforcement cases.

Yes - on the legal pursuit of malware. Not on its analysis. Boscovich's the typical MSFT tool. Bill Gates doesn't have him in his back pocket - he's got him stored somewhere behind his commode.

Richard Boscovich figures prominently in a piece run on Friday by BBC News making the bold claim that Microsoft's legal pursuit of 277 Internet domains responsible for the Conficker botnet was as Shakespeare would have put it: 'sound and fury signifying nothing'.

Richard Cox of Spamhaus would certainly agree. Few are as privy to spam and malware trends as Spamhaus and Cox.

'If this did affect spam, we haven't noticed.'
 - Richard Cox, Spamhaus

But Microsoft can't let something as impartial as Spamhaus reports destroy their day. And so they send out attack dog Richard Boscovich. Who knows absolutely diddley-shit about computer science. He hasn't even got the 'crash course' some of the other 'cyber security experts' get.

Boscovich really put his foot in it for the BBC. Grab a flight bag.

We aim to be more proactive in going after botnets to help protect the Internet. We will do whatever it takes to look out for our customers and our brand.
 - Richard Boscovich, Microsoft

'Proactive' is definitely the name of the game, Richard. But 'proactive' in this case means protecting your fucking operating system - not chasing the bad guys ten years after the fact because your system is so crappy you can't protect your customers. And excuse us dearly, but what is 'proactive' about going after a botnet that's already reaped hundreds of millions of rubles?

And sorry again, but you say you'll all do 'whatever it takes'? O RLY? Well then how about showing your customers how to get and use a live CD? How about warning them about how crappy and unfit for use your software is?

But you won't do that, will you, Richard? Spin spin spin! Sorry, but that broken record gets monotonous and annoying.

This was a worldwide problem and we scored a big, big victory.
 - Richard Boscovich, Microsoft

It still is a worldwide problem, Richard. It's a big worldwide problem - the biggest fucking Internet problem in the world. And the problem is the software you are spinning about. And victory? What victory? Spamhaus haven't seen any change. The botnets are already regrouping - they still have access to millions upon millions of hopelessly infected Windows computers. And they'll keep doing this with little tangible resistance until your software is outlawed.

We convinced the court that Microsoft's customers and those of other companies worldwide were suffering irreparable damage and that there was a high probability that evidence would be destroyed.
 - Richard Boscovich, Microsoft

It's not hard to demonstrate the damage the botnets are causing. It's quite another thing to trick them into going along with your cheap PR stunt.

A unique way to solve a 21st century problem.
 - Richard Boscovich, Microsoft

You're damn right, Richard. It is a unique way - very unique. It uses an 18th century technique. Actually the technique probably goes farther back than that.

It's called 'bullshit'.

Sweep the floor, Richard. Dinner's at 19:00, lights out at 20:00. Get your butt in gear.

No one is yet asking for class action suits against Microsoft or other software vendors for the massive outbreaks of bots which are enabled by the lax security models of certain vendors who only respond with reactive not proactive measures.
 - 'JS'

See Also
Antisource: ZeuS
abuse.ch: Zeus Tracker
Wikipedia: Zeus Trojan
Rants: The Malware Ruse
MDL: Malware Domain List
Prevx: Test Your FTP Logon
Rants: The Microsoft Ghetto
The Technological: Wsnpoem
NetWitness: Kneber White Paper
YouTube: Zeus Bot: Under Watch
Rants: ;DECLARE @S CHAR(4000);
Fortiguard: Zeus: God of DIY Botnets
Rants: Fighting Malware on Windows
The Technological: They Think It's OK
WSJ: Broad New Hacking Attack Detected
NetworkWorld: Malware Infects Space Station
Webroot: One Click, and the Exploit Kit's Got You
NetworkWorld: America's 10 Most Wanted Botnets
Reuters: Zeus Attacks Department of Transportation
ZBot data dump discovered with over 74,000 FTP credentials
Krebs on Security: Zeus Attack Spoofs NSA, Targets .gov and .mil
Hindu News: UAB computer forensics link Internet postcards to virus
Trusteer: Measuring the in-the-wild effectiveness of Antivirus against Zeus (PDF)
Washington Post: More than 75,000 computer systems hacked in one of largest cyber attacks

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.