Slashdot Mirror
Microsoft Offers A Bounty On Virus Writers
Iphtashu Fitz writes "According to news.com Microsoft will announce a bounty of $250,000 on Wednesday for information on who wrote two recent Windows viruses. The bounty is offered for information that leads to the arrest of the people who released the MSBlast worm and the SoBig virus. Microsoft will officially announce the reward in a joint press conference with the FBI and U.S. Secret Service Wednesday morning. This is the first time a company has offered money for information about the identity of the cybercriminals. Could this be the start of a new trend in going after the writers of viruses & worms?"
Well, ask any doctor and he'll tell you it's better to cure a disease than to treat its symptoms. No virus writers means no viruses, which means no headline news virus alerts and scares.
Of course, the question is how much of the "disease" is the virus writers and how much is Microsoft itself with its sloppy approach to secure computing?
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
So.. like, is the 250K a signing bonus? Or do they get it in stock options? Of course, the real question is... is it cheaper for MS to pay 250K to jail each person that writes a virus exploiting on of their security holes than it is to pay the developers to avoid creating them in the first place?
The last time I wrote code, it was Morse
Ever read the book, "The Silicon Samurai", the cracker in that book was very clever, a master of the art. Still he got caught. Why? Because crackers, virus writers, DDoS organisers have one thing in common. They want fame. They cant sit without leaving clues. History teaches us that the greatest thieves and criminal got caught due to their hunger for fame. This will happen here also. Though i am not to sure if that is a very good thing, coz when such showdowns happen a lot of innocent people suffer.
My Aurora : http://www.youtube.com/watch?v=o91ZsGwJYyg
FB : https://www.facebook.com/TanveersPhotography
This idea is about as retarded as saying that:
- throwing stones through people's windows is good. It encourages them to buy bullet-proof glasses before a real thief breaks through that window.
- lockpicking into someone's house and spray-painting their walls is good. It encourages them to buy better locks, giving a real thief less opportunity to steal stuff.
- poisoning the neighbour's dog is good. It encourages him to get a dog which won't wag its tail when a (potential) thief throws him a piece of meat.
- keying random people's cars is good. It encourages them to park those cars in proper park houses, where presumably a real thief would have a harder time getting away with their car.
And so on, and so forth. I'm sure you get the idea by now.
Basically, no, there is no proper excuse for vandalism. Neither in the proper world, nor in the IT world. And just as any judge would probably just have a laugh if someone pulled the retarded excuse "but the lock wasn't 100% secure, so it's not my fault" in a break-and-enter trial, the same should apply to breaking-and-entering someone's computer.
And if you do go around keying cars or flooding the net with RPC exploit packets, no matter how well intentioned you are, I do hope they throw you in a nice jail cell, with two convicted anal rapists as cell-mates. Yes, that same heartfelt wish goes to whoever thought that an RPC patching worm is a good idea.
A polar bear is a cartesian bear after a coordinate transform.
By offering a bounty on their heads, they only serve to increase the status of worm and virus authors. What was once the loserdom of the script kiddie community is now glamorous.
Now consider what this means to their "secure computing" initiative, how the frustrations from dealing with this shit can make people more accepting of their draconian security measures. Consider the financial benefits of "digital rights management" that they can only realize after the hardware and software is locked down.
You can imagine the conversation that lead to this, like something out of "24" or the Bush administration: Lets allow, no, lets *encourage* a virus 911 so they'll let us lead them to safety!
This bounty is just a PR game to distract from anti-trust, patent violations, anti-competitive fines, security fines. Microsoft's executives and other investors have had enough time now to dump their stock. Game over.
Mind you, some conspiracy theorists also claim that the world is ruled by alien lizards, so I think it's fair to take what they say with a pinch of salt.
:-)
... but it has certainly been exploited in analogous ways by the FBI and the secret service to grab unprecidented power in the United States).
... their theory, while quite possibly false, is certainly worthy of consideration, particularly given the amount of historical fact that illuminates similiar behavior by Microsoft in the past.
Yes, but they aren't the same conspiracy theorists.
On a serious note, folks on slashdot (and indeed, people in general) tend to equate all types of conspiracies (and conspiracy theories) and lump them together...somehow equating Enron with the X-Files, at least until Enron is exposed publicly (then, for some reason, people are able to grasp the difference). This is a real problem, because it means that people will live in denial of real-world conspiracies that are taking place (e.g. Monsanto's conspiracy to dump toxic waste into the rural groundwater of the deep American south in the 1990s, or the current SCO conspiracy to defraud their investors and steal the copyright of thousands of software developers around the world) by dismissing them in their minds as no more likely than alien invasion, UFOs in storage at area 51, or silent black helicopters hovering overhead.
We do know conspiracies exist, therefor, it logically follows that some conspiracy theories are likely to be not out in left field, but rather quite correct.
We know as a matter of historical record that the Nazis conspired to stage a "terrorist" act against the Reichstag as a prelude to a coup d'tate, however, listening to the "conspiracy theorists" of the time would have been like listening to a conspiracy theorist today claiming that 9/11 was staged by Baby Bush (it obviously wasn't
Microsoft has a history of conspiring to do dishonest and disingenuous things that directly (and illegally) harm and coerce their customers and their competitors, indeed, they have been convicted of doing so on numerous occasions (the DOJ anti-trust trial and subsequent sell-out being only the latest example). A conspiracy theorist pointing out a economic or tactical political advantage Microsoft might gain through ill-behavior toward its customers is not out in left field
So IMHO it is a mistake (and disingenuous) to equate actions by Microsoft and the copyright cartels that directly threaten our digital freedoms, and the conspiracies that do in fact drive these agendas (even if said conspiracies have the most banal of motivations: greed for cold, hard cash), with tin-foil hats, ghosts, and UFO sightings, as is so often done by the apologists of such groups.
Expressing concern about corporate or government malfeasance (conspired or not) isn't even remotely analogous to X-Files-like nonsense, and it is time we stopped allowing sceptics to use dishonest means (equating suspicion of the Reichstag burning ^H^H^H Microsoft's exploitation of their woeful security record to political advantage, with suspicion of Alien Lizard ruling the earth) to denigrate those who do express such concerns.
The Future of Human Evolution: Autonomy