[Am-info] MSDOJ: End of the Road

Dave Zapple zappled@odrge.odr.georgetown.edu
Thu, 1 Nov 2001 09:05:36 -0500 

I hope the fact that the States have retained Brendan Sullivan 
indicates that they are going to push ahead with the case and not 
settle. I guess the DOJ willing to settle for another non effective 
decree shouldn't suprise me.

  On the same day that the Washington post article was published I 
recieved the following message from our University network security 
officer. I find it rather ironic.
					Dave Z.

>  >Hello,
>  >
>  >Beginning yesterday afternoon, multiple machines on the GU network were
>  >infected with a new variant of a Microsoft/IIS worm and began attacking
>  >other computers.  The number of infected hosts increased dramatically this
>  >morning; I'm in the process of locating the compromised machines.  All or
>  >many of these new infections may be the Nimda "E" variant.  It's similar
>  >to the original version, but there are some differences, including the
>  >modification of file names used by the worm:
>  >
>  >-The attachment received has been changed to: Sample.exe
>  >-The dropped .dll file is now: Httpodbc.dll
>  >-The worm now copies itself to the \\Windows\System folder as Csrss.exe
>  >instead of Mmc.exe
>  >
>  >Refer to http://www.symantec.com/avcenter/venc/data/w32.nimda.e@mm.html
>  >for complete information.
>  >
>  >Symantec has released a tool to detect and repair infections caused by
>  >W32.Nimda.E@mm.  The tool is available online at
>  >http://securityresponse.symantec.com/avcenter/venc/data/w32.nimda.e@mm.removal.tool.html. 
>
>  >Please run this utility on your system if you believe it may be infected,
>  >or if you're running Windows NT or Windows 2000.  Also, update your
>  >AntiVirus software, enable "AutoProtect", and install all of the required
>  >security patches from Microsoft.  If you are unnecessarily running
>  >Microsoft IIS webserver, please consider turning this service off.
>  >
>  >I believe W32.Nimda.E@mm only infects Windows NT and Windows 2000.
>  >However, other versions of Windows may be vulnerable to the infected
>  >attachments ("Sample.exe") which the Nimda worm spreads via email and open
>  >network shares.  If you have any questions, such as where to download
>  >patches or how to turn of IIS, please let me know.
>  >

http://www.washingtonpost.com/wp-dyn/articles/A21036-2001Oct31.html

First, any settlement is subject to review by the courts, in what is 
known as a Tunney Act proceeding, to
ensure that it is in the public interest. The states could decide to 
challenge the settlement, putting them on theopposite side of federal 
prosectors.

    The states also have the right to pursue the case on their own. In 
the event that settlement talks failed, U.S. District Judge Colleen 
Kollar-Kotelly had scheduled hearings for March 2002 to determine how 
Microsoft's anti-competitive business practices should be rectified.

    Last week, the states hired one of the nation's top trial lawyers, 
Brendan Sullivan of Washington, to represent their interests as the 
case moves forward.

    The proposed agreement touches on some but not all of the most 
contentious charges against Microsoft,
sources said. For example, Microsoft was found by the courts to have 
stifled competition from developers of non-Microsoft applications, in 
part by strong-arming computer makers into excluding or downplaying 
rival software, such as the Netscape Navigator Internet browser.

   The states and the prosecution team under the Clinton 
administration believed that in order to ensure
competition, Microsoft needed to offer the Windows operating system 
with and without its own versions of certain programs, such as the 
Internet Explorer browser, leaving the computer manufacturers to 
decide which application to include.




>http://dailynews.yahoo.com/h/nm/20011031/tc/microsoft_settlement_dc_1.html
>
>http://news.cnet.com/news/0-1003-200-7740275.html?tag=lthd
>
>Few details, no substance. It's unsurprising the hear about a potential
>settlement now that the judge's deadline is approaching, but it seems
>unlikely that all of the states will go along. Then what?
>
>Mitch Stone
>mitch@accidentalexpert.com
-- 

Dave Zapple
Systems Analyst
Georgetown University
zappled@odrge.odr.georgetown.edu