Trilight Zone Forum Index Trilight Zone
Privacy & Anonymity is our speciality !
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Microsoft's Most Wanted

 
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security
Author Message
tricore
Guest
PostPosted: Thu Jan 25, 2007 1:00 am    Post subject: Microsoft's Most Wanted Reply with quote
Microsoft has invited security experts to its Redmond, Wash., campus for super-secret meetings on Thursday and Friday. The two-day event is so hush hush that eWEEK.com has a story about the meeting of security minds.

A real escapade would be some Black Hat live chatting the event over IRC (Internet Relay Chat), because he or she had hacked one of the participant's computers.

Seriously, all ribbing aside, this week's meeting is potentially a watershed event for Microsoft. The proliferation of botnets and increasing number of zero-day vulnerabilities put Microsoft, its customers and the whole Internet at risk. Microsoft is one of several companies capable of putting on the Marshall's badge and standing up to the marauders terrorizing the Netizens. Microsoft is right to rally the security good guys into a posse of botnet hunters.

Some security companies offer bounties on security flaws or malware. Sorry, but that is a way wrong approach. The corporate folks should offer bounties--and real money--on the Black Hats responsible for the botnets. If the botnet hunters turn up a criminal organization, the more should be the reward.

Microsoft could make a Most Wanted list available to people willing to turn their security or hacking skills to another kind of profiteering: Catching the bad guys. The approach would be fitting, as bounties are part of the incentive driving botnet profits. Pay-for-click and pay-for-download help to financially feed Black Hats and criminal organizations; it's the dark, seedy side of Internet marketing. Pennies-a-click amounts to a whole lot of money when multiplied by tens or thousands--or millions.

The Wild Wild West wasn't tamed in a day or decade; neither will be the Wild Wild Web. If anything, the risk to Netizens is much greater today than it was yesterday or even last year. The number of zero-day exploits or shocking increase in ActiveX vulnerabilities are examples enough.

I encourage Microsoft to be that new Marshall in town, rallying its deputies and putting the botnet hunters onto the chase of Black Hats.

If there were real justice, instead of Microsoft bringing together security experts, it would invite the worst Black Hats to meet behind closed doors and lock them in.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security All times are GMT
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group