Microsofts "Honeymonkey" Project

g0bshiTe writes "Ever hear the saying, 'given enough time a room full of monkeys could type out Shakespeare'? Well Microsoft seems to be taking this saying to heart, and taking a cue from the Honeynet project, they have created what they have dubbed 'honeymonkeys.' Security Focus has an article which describes this honeymonkey network, which is little more than a network of virtual Windows XP boxes in various patch states. These boxes are setup to crawl the seedier side of the web in search of vulnerabilities not bieng reported, and are being actively exploited in an attempt to further secure their product. Sounds like a decent idea from the Redmond crew to me."

secret name of the honeymonkeys

[Hank+Chinaski]

they call these guys "customers" over in redmond ...

Re:secret name of the honeymonkeys

[GoClick]

I like BBQ Monkey personaly,

but BBQ Microsoft Developer would also do

Re:secret name of the honeymonkeys

[AVIDJockey]

Actually, I think that it's Melinda's pet name for Bill.

Re:secret name of the honeymonkeys

[krakelohm]

No, I think I had heard it was moneymonkey.

Re:secret name of the honeymonkeys

[Tackhead]

> they call these guys "customers" over in redmond ...

No, those are developers. Developers. Developers. Developers. Developers. Developers. Developers.

Re:secret name of the honeymonkeys

sigh...

I like monkeys. The pet store was selling them for five cents a piece. I thought that odd since they were normally a couple thousand each. I decided not to look a gift horse in the mouth. I bought 200. I like monkeys.

I took my 200 monkeys home. I have a big car. I let one drive. His name was Sigmund. He was retarded. In fact, none of them were really bright. They kept punching themselves in their genitals. I laughed. Then they punched my genitals. I stopped laughing.

I herded them into my room. They didn't adapt very well to their new environment. They would screech, hurl themselves off of the couch at high speeds and slam into the wall. Although humorous at first, the spectacle lost its novelty halfway into its third hour.

Two hours later I found out why all the monkeys were so inexpensive: they all died. No apparent reason. They all just sorta' dropped dead. Kinda' like when you buy a goldfish and it dies five hours later. Damn cheap monkeys.

I didn't know what to do. There were 200 dead monkeys lying all over my room, on the bed, in the dresser, hanging from my bookcase. It looked like I had 200 throw rugs.

I tried to flush one down the toilet. It didn't work. It got stuck. Then I had one dead, wet monkey and 199 dead, dry monkeys.

I tried pretending that they were just stuffed animals. That worked for a while, that is until they began to decompose. It started to smell real bad.

I had to pee but there was a dead monkey in the toilet and I didn't want to call the plumber. I was embarrassed.

I tried to slow down the decomposition by freezing them. Unfortunately there was only enough room for two monkeys at a time so I had to change them every 30 seconds. I also had to eat all the food in the freezer so it didn't all go bad.

I tried burning them. Little did I know my bed was flammable. I had to extinguish the fire.

Then I had one dead, wet monkey in my toilet, two dead, frozen monkeys in my freezer, and 197 dead, charred monkeys in a pile on my bed. The odor wasn't improving.

I became agitated at my inability to dispose of my monkeys and to use the bathroom. I severely beat one of my monkeys. I felt better.

I tried throwing them way but the garbage man said that the city wasn't allowed to dispose of charred primates. I told him that I had a wet one. He couldn't take that one either. I didn't bother asking about the frozen ones.

finally arrived at a solution. I gave them out as Christmas gifts. My friends didn't know quite what to say. They pretended that they like them but I could tell they were lying. Ingrates. So I punched them in the genitals.

I like monkeys

Re:secret name of the honeymonkeys

[st1d]

Nope, it's B.G.'s pet name for Steve Ballmer. I thought everybody knew that...

Re:secret name of the honeymonkeys

[st1d]

That was a laugh I needed today, thanks. :)

Re:secret name of the honeymonkeys

[DaHat]

I think you forgot another 27 "Developers."

Re:secret name of the honeymonkeys

[Karl+Tacheron]

And the sweating.

Re:secret name of the honeymonkeys

[iced_773]

Add 8 more developers and you've got 42. With the Ultimate Answer maybe BSODs and security problems will go away.

Re:secret name of the honeymonkeys

I'm a good CEO ... a very good CEO, yeeeeah. Developers developers developers developers developers developers developers developers... yeeeeah.

Re:secret name of the honeymonkeys

[killermookie]

Your post reminded me of this video I have.

Domopers Developers

The last few minutes are really funny with Domo and cheerleaders.

Re:secret name of the honeymonkeys

[aklix]

Perfectly crafted joke. It gets funnier and funnier, ironic twists, and concludes with an original relation to the beginning of the joke.

Re:secret name of the honeymonkeys

9 more

Re:secret name of the honeymonkeys

[iced_773]

No, those are developers. Developers. Developers. Developers. Developers. Developers. Developers.

...another 27 "Developers."

7+27+8=42, but I see where you are coming from. I don't blame you for not counting the first "developers".

Re:secret name of the honeymonkeys

[SeventyBang]

They haven't been brainwashed by M$ yet.

They're known as Summer Interns.

Re:secret name of the honeymonkeys

[QMO]

You know yhat song, "99 Dead Baboons"?
I heard it on the Dr. Demento show.

Re:secret name of the honeymonkeys

[mollymoo]

Offtopic? Get a grip mods, it's about monkeys, which is half the topic. If you can't supply your own honey then use your left hand.

Mod parent +5 funny!

Re:secret name of the honeymonkeys

Sure is a good idea, next thing you know they will be applying for a patent to "expose operating systems to the internet environment in order to create a secure operating system"

Re:secret name of the honeymonkeys

[FreakyControl]

honeymonkey, n: pet name used by Bill Gates' mistress

ex. "How much cash has my little honeymonkey brought me today?"

Re:secret name of the honeymonkeys

Get a grip mods, it's about monkeys...

...so naturally the mods spanked it.

Re:secret name of the honeymonkeys

[springbox]

Too bad the score has a limit of 5

Re:secret name of the honeymonkeys

[b0r0din]

That's Monkey Boy. Watch him dance!

Re:secret name of the honeymonkeys

[Ian+Wolf]

Posted AC too.

Man, that made my day.

Re:secret name of the honeymonkeys

Incredibly well written. B-)

Re:secret name of the honeymonkeys

[Twistopher]

lol... exactly what I needed today... I hadnt read that joke in a few years but it was one of those that always cracked me up when I read it.

Re:secret name of the honeymonkeys

[HTH+NE1]

I'm not sure why they feel they need to come up with a new name for this. They sound like canaries to me:

In the 19th Century, when miners went down a pit, they'd lower a canary down first in a little cage, and if the atmosphere was noxious, as it frequently was, guess what the canary did. It died!

The canary's job was to go into the most dangerous, unpleasant, and smeggy situations and see if it could stay alive. Then they'd know if it was safe to send in the important people.

Though whether the appellation applies more to the honeymonkeys or the customers is a matter for debate.

Hmm.

[AVIDJockey]

I'm sure "honeymonkey" is a euphemism for something. I'm just not sure what. You dirty honeymonkey.

Re:Hmm.

[lcnxw]

No, it is the start of Microsoft Newspeak. Longhorn will no longer say "Memory Page Fault" but instead "memfault." "Blue Screen" (bluescree) will lose its negative meaning and come to be a blessing from m.s. (Microsoft). Words like honeymonkey will eventually take on meanings like Ingsoc or doublethink, and there will be no more crashes, because it is no longer possible to concieve a crash.

"he is a doubleplusgood honeyeymonkeyer."

"Bluescree! Praise m.s.!"

"MSCalc: 2+2=5!"

Re:Hmm.

[Heliologue]

Computers are supposed to crash. Computers have always crashed.

Re:Hmm.

[st1d]

I don't know about that, but I tend to crash when our computer (aka, the accountant) starts talking about her work...

Re:Hmm.

I belive you're thinking of "chowdermonkey".

Re:Hmm.

[Alsee]

One minor correction to your post...
The last line is actually Intel's Intellectual Property.

-

Re:Hmm.

[CableModemSniper]

Memory Page Fault -> memfault
Blue Screen -> bluescree
Microsoft -> ms

Copy -> cp
Move -> mv
list -> ls
create -> creat

My god! Its becoming unix!

Did the sun rise from the West?

[nydanceboy]

I can't believe this... praise for Redmond in slashdot. Did the sun rise from the West?

Re:Did the sun rise from the West?

[KiloByte]

Did the sun rise from the West?
Sort of.

A good idea from the MS guys is a really rare thing.
And as such, it is certainly worth the praise.

Re:Did the sun rise from the West?

[EpsCylonB]

A good idea from the MS guys is a really rare thing.
And as such, it is certainly worth the praise.

No its not, from a company that has a 50 billion dollar warchest and can afford to hire the best and brightest, you should expect only good ideas.

Re:Did the sun rise from the West?

[winkydink]

Yeah, and everybody should hold hands around a campfire and sing Kum-bay-yah too, but the real world tends to be a little different.

Re:Did the sun rise from the West?

[ScrewMaster]

Okay, so they're using virtual PCs but this is just an extension of someone else's idea ... which for all Microsoft's billions is all they ever manage to get to market. Bill Gates claims that "technological miracles cross my desk every week" but he doesn't actually market any of them. Still ... I won't be surprised if this results in Microsoft being issued a patent on the concept of a honeypot, though, virtual or otherwise.

Re:Did the sun rise from the West?

[jproudfo]

Just because good idea (aka "miracles") cross his desk every week, doesn't mean they are ideas worth bringing to market. A good/interesting idea doesn't always make a good product.

I'm sure MS Bob seemed like a good idea, at the time. Certainly an interesting concept. I'm not sure the market was (or will ever) be ready for it, though. Even Microsoft's marketing machine can't turn that much crap into gold. :)

Re:Did the sun rise from the West?

[st1d]

Actually, there's one school of thought that this is how the rich (individuals or companies) gain that wealth. Sam Walton (of Walmart fame) loved the comparison, and continued to own old pickups that most people would be embarrassed to own. Look at some of the companies you've worked for (especially the smaller, privately-owned ones), and wondered, "Why the heck don't they toss some of this old crap and (or) get something newer and better?"

Now you know. :)

Re:Did the sun rise from the West?

[sumdumass]

Well it is ironic that a company like microsoft who charges for thier product and maintains a warchest places an somewhat inferior product out for sale.

Inferior doesn't exactly mean that windows isn't as good as the alternatives but the coding behind it might not be. At least with free (as in beer) products, this type of initiative has been around and used to make open source software more robust and secure then it once was.

Expecting a company like microsoft with it's large war chest to do somethign like this from the start is a little idealistic. It is somethign that would be done out of necesity. While others would think it is more of a necesity, somethign had to make them think it was important enough to do it.

Maybe the real moral of this story isn't that microsoft has decided to do somethign good rather that microsoft has finaly found enough pressure from enough places to do somethign like this. I don't know if this means that open source product or even closed source alternatives are threatening microsofts business model enough for them to take notice. Or if microsoft has been forced to change its posistion because of other deals. It would be interesting if the reasoning was actualy competition instead of a general concern for product security. Microsoft has alot of things going for it that open source just doesn't. Open source has some thigns too. I think this is an attemp to stop competitors from "outdoing" or tipping the scales of whats going good.

Re:Did the sun rise from the West?

[ScrewMaster]

Oh, I agree ... but wouldn't you think that the financial and technological resources of a Microsoft would run to more than Windows XP and Microsoft Office, with or without Bob? Even IBM, as evil a corporate entity as it has been in the past, has been responsible for some truly remarkable advances. AT&T and Bell Laboratories achieved some great things and they were just the phone company.

In terms of technical achievement, Microsoft is little more than a third-rate software company that made its pile through getting in on the ground floor and a stream of shady/illegal business practices, not to mention ripping off any good ideas it happened to come across. Honestly, at times I wonder just how far ahead the computer industry would be today, if Microsoft hadn't achieved supremacy and ruthlessly suppressed anyone and anything that got in its way.

Re:Did the sun rise from the West?

[Deeze]

Your post sounds a bit naive. It's not ironic that MS have the most money, and an inferior product, that is the norm for a company in a monopolistic position. No competition, no reason to do anything better. Just keep the party line.

As far as the real moral of this story, I don't know where you got the idea that MS was trying to do anything good, because the only place you'll hear that is from them and their fanbois, the *only* motivation they have is the competition that has cropped up to threaten them. If that had not occurred, they'd be doing absolutely nothing more than they had for the last 10+ years. Lets just say, MS have definetly noticed Linux, and they are feeling quite threatened... mainly because they have no idea what to do about Linux, because it's not a company, and it can't be bought, or undersold into bankruptcy.

MS have had the market in stagnation for far too long. It's about time we saw some action in the arena. Topple the giant I say.

Re:Did the sun rise from the West?

[SparafucileMan]

o stfu. don't hate.

Re:Did the sun rise from the West?

[l3v1]

you should expect only good ideas.

Well, that _is_ some quite an optimistic viewpoint. Be that about MS or else.

Re:Did the sun rise from the West?

[gatzke]

Yeah, like Microsoft Bob. Total flop, supposedly worst product ever.

Clippy. Same lines as Bob, computer is smarter than you. Not the best feature.

Windows 3.1 was not the best in the world, or the entire Win ME series.

I do like office to some extent. LaTeX slides just look like crap, and Word is sufficient for one page letters.

Re:Did the sun rise from the West?

[marafa]

yes but its not original .. just a twist on an existing idea

Re:Did the sun rise from the West?

[sumdumass]

microsoft deciding to do somethign "good" is just an percieved impression. Setting up a system of honey pots is a good thing. Using it to find security flaws and then fix them is a "good" thing. If MS is trying to do somethign that happens to be "good" they are doing a "good" thing.

Doing a good thign doesn't address the reasoning behind why they are doing. It isn't like my statment was implying microsoft was being a good citizen on purpose or anytjhing. They are just doing somethign that i as well as other percive as a good thing. This doens't make us fanbois or microsoft representatives either.

As for linux being the reason they decided to do this, thats pure speculation. Microsoft does know what to do about linux and if you don't think they do then look into the idiotic pattens they ar e applying for. Guess who they will be used against when the time is right. (not apple or any other company that can muster enough money to throw them out.) Your right that linux can't be bought but your wrong about bankrupting it. All they have to do is manipulate the licensing of the software to include a chunk of change for them. If "linux" doesn't pay they can effectivly stop linux from being viably sold to any market or cause the price to be inflated to enourmous level and stop it's adoption outside indevidual hobyist. Microsoft would be in position to control this with a few more pattens on what everyone has come to expect as the norm for computing.

I'm not saying microsoft should or will do anythign like this but it wouldn't surprise me when they do. To think linux is out of the scope of microsofts claws is naive and exactly what will cause it to fall. With a few more pattens, it would be possible to stop linux from even being able to compete on the same grounds it is now. When surveys are saying vender lockin is one of the bigest reasons people are going with open source products, it is only reasonable for microsoft to lockin open source products and maintina thier revenue stream.

Again the moral of the story is what made microsoft take these actions (honey monkeys) wich apear to be honey pots with a little extra. It could be fear of linux, or maybe fear of apple who has a better percieved security tract record as well as a better desktop. It could also be some ploy to fend off litigation were they didn't take steps to secure a product they are selling as secure. It may be that in order to sell to certain organizations, they have to do this or it just may be that they are trying to clean thier reputation up a little. It is all just a guess.

Re:Did the sun rise from the West?

[innocent_white_lamb]

I'm sure MS Bob seemed like a good idea, at the time. Certainly an interesting concept.

But not an original concept.

Re:Did the sun rise from the West?

[PartyBoy!911]

Your right that linux can't be bought but your wrong about bankrupting it. All they have to do is manipulate the licensing of the software to include a chunk of change for them. If "linux" doesn't pay they can effectivly stop linux from being viably sold to any market or cause the price to be inflated to enourmous level and stop it's adoption outside indevidual hobyist. Microsoft would be in position to control this with a few more pattens on what everyone has come to expect as the norm for computing.

Don't forget about the huge amount of companies (Software, Hardware, Embedded, etc) and government agencies that have tied themselves to Linux.
Maybe Microsoft can kill small parts of Linux but going up against companies like IBM and for example the Chinese government would be a bit too much even for MS.

Re:Did the sun rise from the West?

[ravind]

Since you used the word thrice, I think this might help:

patten (n.) : Any one of various types of wooden-soled footwear, such as a sandal, shoe, or clog, worn to increase one's height or to keep one's feet out of the mud.

patent (n.) : A grant made by a government that confers upon the creator of an invention the sole right to make, use, and sell that invention for a set period of time.

Re:Did the sun rise from the West?

[sumdumass]

That would be the point of all the patents microsoft is carrying. Only the big players and rogue developers would be able to continue using linux for anyhtign substancial. IBM and the chinese government would have to "pay to play" of sorts and m icrosoft would be getting about the same profit margin if not more.

Of course if demanded, IBM or china would pay homage to the patten holder because they wish to do business in certain markets that would require it. We recently saw a patten on a way to treat email as an object that would only seem as an obvious next step but because of the timeline it was implemented they got away from it. It is possible for any competing email program to actualy haved to pay an outlook/MS office fee now just to compete with microsoft. This allows microsoft to win even when loosing.

I'm curious though, how ldap directories would interact with this patten because they treated employee information as objects and inturn created an email address that is actualy an object and stored in a location for retrieval. Maybe i'm going into too many different places now. i guess my point is that microsoft has began to adjust it's stratigy to match with it colapsing monopoly. They have the ability to profit from other peoples work without buying them out or stealing thier products. Linux could eventualy be effectivly killed as we know it today except for a few large companies who sell it at a high price because of patent fees. I 'm sur emicrosoft won't trump anythign for a while until it has more of a patent "war chest" but it won't be long before this scenario could be carried out.

Re:Did the sun rise from the West?

[PartyBoy!911]

I agree and also noticed the shift to an IP company at Microsoft. People always say MS has until now never abused it's patents... but the "until now" part is the most scary IMHO.

I think they are definately going to try but I personally believe they are not going to make it as there are far more heavyweights backing Linux than they can go up against and the chinese don't care about patents. This will give a problem to the chinese trading in the us, but MS needs the growth in the emerging markets to keep it's shareholders happy.
IBM, CA, Cisco, etc. patent portofolio dwarfs MS and it's unavoidable that the y violate lots of them.

Maybe Microsoft should stop producing software at a point and become a company of laywers :-)

Re:Did the sun rise from the West?

[sumdumass]

Well i can see your side about the big players. Thats probably why it isn't already happening. I'm not sure that microsoft would need the emerging markets when they can charge somethign for whatever is being sold there. It is like a big pyramid scheme and all they have to do is sit back and wait for more "other people" to make them money.

It may be possible that microsoft's product do in fact violate other patents. On the other hand, there probably is some kind of arangment already in place that might allow this violation so i would be a little cautious on banking on that. My hopes are that what you say is true and the big guns can save linux and opensource if it comes down to it. It apears that IBM has already feilded an attack from SCO and is doing well. The problem is were companies analize the lawsuites and build another from the conclusions of that. Eventualy someoen might win against IBM or the big guns might give up the expense of fighting. I am a big opensource fan but i'm not afraid to state what i percieve as obvious. We are in exciting times and i look forward to the outcome. Hopfuly it is as optamistic as you are. Linux and opensource is in a state that it can explode into wonderfull thinks. Some people want it to replace microsoft, i just want it to work for me. the closer to the former we get, the more we have to worry about microsoft changing the game.

Re:Did the sun rise from the West?

[Quixote]

and can afford to hire the best and brightest,

So why haven't they? The problems with Windows have been around for 10 years, and yet Windows is still notoriously insecure. If the availability of money was the sole arbiter of excellence, then Windows would be the most secure/best/whatever OS around, and Linux (because it lacks money) would be like DOS 3.0.

Re:Did the sun rise from the West?

[cybergrunt69]

I really wish I had mod points. That echos my thoughts exactly.

The ONLY reason that MS is now trying to act proactively, and saying that security is important to them, is because the see a threat. They are doing what their only option is now - make good newsblips and start laying the groundwork for lawsuits by patenting everything they can.

I couldn't have said it better: MS is threatened by insert FOSS name here because it is not a company, it can't be bought, or undersold in bankruptcy.

Get ready for a ton of these

*GENERIC JOKE ABOUT MONKEYS BEING IN CHARGE OF MS WINDOWS SECURITY*

Just thought I'd head everyone off here...

(lameness filter padding lameness filter padding lameness filter padding)

Re:Get ready for a ton of these

"The Department of Redundancy Department".

hmm..

[AhuraMazda]

Does that mean no more monkey business from Redmond either?!!

Doesn't surprise me

[coljrigg]

I always assumed Skynet was based off of Windows XP.

Re:Doesn't surprise me

[Walker2323]

No, Skynet is based off of Windows Millenium.

Warning: This Operation Has Side Effects

In addition to getting info on new vulnerabilities, they'll probably also get loads of malware to add to the anti-spyware tool. This is a good thing.

Re:Warning: This Operation Has Side Effects

[uvsc_wolverine]

Not to mention lots and lots of pr0n.

Re:Warning: This Operation Has Side Effects

Be nice if all such sites were added to a database that used Windows Update to change these sites to restricted status in IE security settings.

mmmmmm... honeymonkey

[DaedalusLogic]

Sounds delicious.

But the real reason they named the project this is because they intend to sting you like a bee and then throw fecal matter at you.

Re:mmmmmm... honeymonkey

[Rorschach1]

Could this be a related species, perhaps?

Re:mmmmmm... honeymonkey

vulnerabilities not bieng reported, and are bieng actively

Give me a fucking strength! How hard is to run a quick spellcheck: samzenpus. Where is slashdot finding its editors?

Re:mmmmmm... honeymonkey

[Spy+der+Mann]

mmmmmm... honeymonkey
Sounds delicious.

Oh, and you haven't tasted... Snake Surprise!

Re:mmmmmm... honeymonkey

[50m31sl4sh.]

Mmmmmmmmonkey...
http://www.weebl.jolt.co.uk/anywhere.htm

Re:mmmmmm... honeymonkey

But the real reason they named the project this is because they intend to sting you like a bee and then throw fecal matter at you.

I don't quite get your comment. But, they named the project this? That's a fucking awful name.

Re:mmmmmm... honeymonkey

[Lesson+No.+25]

Hysterical. I laughed so hard I almost cried.

I'd give you that last mod point if I had any.

Good idea

[X0563511]

This is a pretty good idea. If anything, it will help curb the script kiddies indesciminantly flinging exploits around. Unless you want that overflow you found to get patched, pick and choose your targets carefully.

Re:Good idea

[harrkev]

Sure. It sounds like a good idea -- until these boxes hit some warez and mp3 sites. Next thing you know, the BSA and MPAA are knocking on Microsoft's door. I wonder how many licenses for Windows and Office the BSA will force Microsoft to buy...

Re:Good idea

[aardvarkjoe]

Unless you want that overflow you found to get patched, pick and choose your targets carefully.

Given that most of the heavy-hitting worms and malware use already-patched exploits, I don't think that this is all that much of a concern to the typical script kiddie.

Re:Good idea

[st1d]

This is a pretty good idea. If anything, it will help curb the script kiddies indesciminantly flinging exploits around. Unless you want that overflow you found to get patched, pick and choose your targets carefully.

Not really, as script kiddies, by definition, don't typically discover exploits, they're more thrill seekers looking for an ego trip. When an exploit stops working, they'll just move on to another. When (if?) exploits become hard to find, because true crackers protect them better, the script kiddies will return to their previous pursuits, games and porn.

Re:Good idea

[Feanturi]

Unless you want that overflow you found to get patched, pick and choose your targets carefully

Nah, you'll still get to have a few months of fun.

Re:Good idea

[Skye16]

So script kiddie-ism is the next stage in my evolution?

...

God I'm depressed now.

Re:Good idea

[NutscrapeSucks]

Generally true, but the big example of MS Blaster was on the loose in the skript kiddie community before Microsoft released a patch.

Re:Good idea

[StewedSquirrel]

When (if?) exploits become hard to find, because true crackers protect them better, the script kiddies will return to their previous pursuits, games and porn.

And that, my friend, is why it would be so excellent.

Stewey

Re:Good idea

[Phil06]

This would have been a great idea about 4 years ago, now it is a too late idea.

Re:Good idea

HMMM... honeymonkeys....flinging.....

Oh, wait......

"bieng"?

[Cheap+Imitation]

It looks like the monkeys aren't only working on Shakespeare...

Re:"bieng"?

[spacepirate09]

Twice in a row, too. Are monkeys even capable of that?

Re:"bieng"?

What wroth hath hacked thine pitard oh prince?

Naught but a script-villain good sir!

Re:"bieng"?

yeah, way to get it wrong twice in the same sentence moron

Comment removed

[account_deleted]

Comment removed based on user account deletion

A good idea

[Clown+Jizz]

This is actually a pretty good concept. I have my doubts that there are many exploits that are being actively exploited that aren't known about at all, though, which seems to be what they're banking on.

Re:A good idea

[penix1]

From TFA...

""Just by visiting a Web site, (if) suddenly an executable is created on your machine outside the Internet Explorer folder, it is an exploit with no false positive -- it's that simple," Yi-Ming Wang, senior researcher with Microsoft Research, said during a presentation at the IEEE Security and Privacy conference in Oakland last week."

Want this sillyness fixed? Kill the ActiveX shit! Microsoft created that mess in the first place trying to dominate Java and like usual instead of going for the cause they go for the symptom.

B.

Mmmmm

[Pedrito]

Isn't honeymonkey a dish in Africa?

Re:Mmmmm

[ScrewMaster]

Hey! My girlfriend is African and I have to say ... some of the things she cooks resemble that remark.

Re:Mmmmm

[Tumbleweed]

Yeah, only not so much with the 'honey.'

Hmm sounds like a great idea

Queue the typical Slashdot groupthink about how Microsoft is somehow evil/stupid for doing this.

Actually attempting to use their product as if they were an end user in the wild of the internet. Seems to me this shows that Microsoft is definately moving towards a more security conscious mindset.

Re:Hmm sounds like a great idea

[kicken18]

I would totally agree here. MS seams to be really pushing for a turn around for the company. I mean a few months, even yeas back we saw tehf rist turn arounds form MS and "promises" but it looks like these things are actally comming together. I hope MS is going to continue these good moves, since I dont think hatred of MS (and the fact they do things to make peole hate them) gets our world anywhere in IT things

Re:Hmm sounds like a great idea

English, motherfucker! Do you speak it?

Re:Hmm sounds like a great idea

[vistic]

More like queue the typical slashdot groupthink about how there's so much typical slashdot groupthink.

In articles I tend to see just a small fraction of posts showing this supposed typical groupthink... and then a gigantic mass of posts from people who think they're observant and different and insightful for pointing out that it's going on.

Re:Hmm sounds like a great idea

Shut up, you groupthink fuckhole.

Re:Hmm sounds like a great idea

[Progman3K]

>Queue the typical Slashdot groupthink about how Microsoft is somehow evil/stupid for doing this.

Not at all. Although I was under the impression that this was how they wrote most of their software...

Re:Hmm sounds like a great idea

I agree!

Re:Hmm sounds like a great idea

More like queue the typical slashdot groupthink about how there's so much typical slashdot groupthink.

Next, cue all the spelling nazis for pointing out....ah, never mind.

I'm available...

[kid_wonder]

...crawl the seedier side of the web.

I like to call it, "break time"

Re:I'm available...

I like to call it "Slashdot time".

Similar Story

[UnixRawks]

The Onion has a similar story regarding monkey delicacies.

hehehe

so it seems like we have to stop attacking their network, so they can;t find our 0.day exploits :-D

Sounds stupid

Why are they in various patch states? If you are looking for unknown exploits, the latest patchlevel will be just as useful, and you won't spend your time with millions of false alarms when known exploits get a hold of them.

Re:Sounds stupid

[LurkerXXX]

Maybe some of their non-critical patches actually fix an unknown exploitable hole. They might want to change the status of those fixes from optional to critical.

Re:Sounds stupid

[galdur]

I suspect the discovered exploits won't turn up in exploit-patch statistics - a critical patch could well fix other vulnerabilities behind the scenes.

Re:Sounds stupid

[temojen]

Newer patch states may conceal still-present older bugs. I.E. the SP2 firewall may stop someone from exploiting a long-unnoticed remote vulnerability... until the attacker comes across a machine with the firewall turned off.

Re:Sounds stupid

[Crash+Culligan]

In addition the the reasons cited by other replies to your question, bear in mind that sometimes when you patch one thing you break something else. If it can happen on something as simple as a website, it can happen on something as complex as an operating system.

This way, they should be able to catch exploits that open up because of poorly designed patches. If a later patch-level machine comes down with something and an earlier version doesn't, they'll know it happened, and that's a first step to making sure they don't do it again.

euphemism...

[kn0tw0rk]

I think you're after "spanking the monkey" - meaning self gratification.

Re:euphemism...

so then honeymonkey is just backwards, and more properly monkeyhoney?

"John, did you clean up the monkeyhoney?"

err... eew.

Re:euphemism...

[st1d]

That's disgusting. I'll be using it tomorrow. :)

This group also did "ghostbuster"

[nweaver]

This group has done several impressive projects. Among them is the "Strider Ghostbuster" Rootkit Detector.

This is part of the general Strider Project in Microsoft Research. They do very good work.

Re:This group also did "ghostbuster"

[josh3736]

From the linked page:

• See the Slashdot postings:
• http://it.slashdot.org/it/05/02/18/1920244.shtml?t id=201
• http://it.slashdot.org/it/05/02/23/1353258.shtml?t id=172&tid=218

Do you understand what this means? They're watching us. Tinfoil alone might not protect you from the Evil Minions. There is nowhere safe.

/confused

Re:This group also did "ghostbuster"

And you can download it from where?

Re:This group also did "ghostbuster"

[bergeron76]

Yeah right.

Given that there are, let's see - around 8 Microsoft OS'es, hundreds of patches/security fixes for them, and several different flavors of each; it's kind of like the "there are over a billion ways to get your burger".

Simple mathematics dictates that this is a collosal waste of money.

I guess it's as good a way as any to give back the $40 Billion they have stockpiled though - to give it back to the "chimps" they took it from.

well duh

Sounds like a decent idea from the Redmond crew to me.

A thousand monkeys stealing millions of ideas are bound to find a good one.

I say

[smittyoneeach]

Put these honemonkeys on a network with a bunch of other computers running Firefox/greasemonkey, and let them fight it out.

Re:I'M AN OPEN PROXY, BAN ME!

[vettemph]

So. WTFIT? Is it some reverse psychology to cause us to ban anonomous remailer and other useful tools? The only "crapflood" i've seen today was from Anonymous Coward. That guy must not sleep, he posts more shit here than anyone else. :)

So your saying...

[denissmith]

A roomful of monkeys wrote Windows XP? OK, I'll buy that.

Re:So your saying...

[Upphew]

You just buy a new computer, XP comes "free" with it...

Re:So your saying...

[Daktaklakpak]

you'll buy it? why don't you pirate it like everyone else? ;)

Spank the honey monkey

Hmm. I've eaten honey. I've spanked the monkey. I've never contemplated doing both at once.

** aycee eyes the honey bear **

Exploits on real vs. virtual XP boxen

[G4from128k]

Virtual boxen will catch a wide array of exploits, but may miss some. For example, it sounds like they look for attempts to create executables on disk, so a RAM resident nasty might escape notice. Also, some exploits many only work on "real" machines such as those proposed for exploiting hyperthreading.

The point is that to the extent that the virtual XP box fails to emulate ALL the features of real hardware, there will be some room for doubt. Despite this misgiving, I commend Microsoft for tackling this problem.

Re:Exploits on real vs. virtual XP boxen

[temojen]

It's a lot easier to detect changes to RAM on a virtual machine (which can be halted and examined) than on a real machine (which must be rebooted to run a clean system).

Innovation from Redmond?

[maniac/dev/null]

I never thought I'd see the day Microsoft actually did something smart... but the cynic in me can't help but think they'll use this as a way to find all the warez'd Windows Serial Numbers to set up a blacklist at Windows Update.

Re:Innovation from Redmond?

[Umbral+Blot]

wait, so them stoping people from illegally pirating their product is a bad thing??

Re:Innovation from Redmond?

I'm pretty sure there's a keygen for that now, so it's sort of a moot point. Of course if they designed the key system intelligently, the current operating system version's key checker will be fairly primitive, and will pass some invalid keys (more invalid than valid, in fact), but the next iteration will invalidate most of those keys, and so on.

Re:Innovation from Redmond?

[Baricom]

Yes.

Blocking people from doing security patches means more infected computers on the Internet, and better odds that one will find a paying customer to infect.

I think software activation is unethical also, but I'll save that debate for another day.

Holy Shit a new worm propagation tool

[namedcowards]

Now it would be possible for the worm writers to just target Microsoft honeymonkey crawler to fire up the internet.

Re:I'M AN OPEN PROXY, BAN ME!

I bet its an automated program rather then someone with too much spare time on their hands.

So what else is new

I thought AOL patented this years ago.

Re:So what else is new

Ah, but haven't you heard? Microsoft have just patented e-mail addressess. Next will be the internet...

why various patch states?

[v1]

It would seem like a futile thing to try to study older versions of your product - why aren't they just focusing on the most up-to-date patched versions of their various products? Anyone running an unpatched windows box is insane...

Re:why various patch states?

[CaymanIslandCarpedie]

I found that a bit strange as well. If there is already a patch for it, why study it? I realized though this could actually be useful info. If they realize there is a certain exploit (though already patched) which is getting taken advantage of a lot, they could beat some admins/users on the head. "Hey you REALLY want to apply this patch", there are a number of admins/users who don't stay up to date with patches (not too smart), but its true. This info could help to "convince" these people to patch the machines.

Still seems a bit strange, but I guess having more info about what is really happening out in the wild cannot hurt.

Re:why various patch states?

They do this to establish a bechmark to measure against. With the information they can make pretty graphs to show PHB's how Microsoft strives for 'continuous improvement' and is working towards 'zero defects' under their new 'quality initative'.

Re:why various patch states?

[YrWrstNtmr]

why aren't they just focusing on the most up-to-date patched versions of their various products? Anyone running an unpatched windows box is insane...

Maybe because they're trying to simulate the real world?

Re:why various patch states?

[LiquidCoooled]

Because MS knows their product is NEVER going to be 100% upto date patched and ready.

A side effect of this may be a smaller, more targetted software defense update which could be applied to *all* versions of XP would help more people.

Normal Windows update for pre sp2 computer = ~200mb

Targetted Surgical update = ~10mb.

Both will prevent the trojans and viruses, but one is easier to apply than the other.

Re:why various patch states?

[DerekLyons]

Why various patch states? It would seem like a futile thing to try to study older versions of your product - why aren't they just focusing on the most up-to-date patched versions of their various products?

Because in the real world not every user is patched up-to-date.

Re:why various patch states?

I run XP SP1a, and to be perfectly honest, I feel just as secure (with regard to the internet) running it as I do with SP2, OS X, or Linux. If they discover an exploit in my router (which runs BSD), they might be able to get in, but when only running extremely limited services it's doubtful they could do much besides DoS it. Basically if you don't have a hardware firewall between your computer and the internet, you're an idiot, no matter what you run, and if you do, it really doesn't matter, unless you run anything you find on the internet, and in that case no operating system in the world is going to protect you.

this news is BIG

[muszek]

Pre-Monkey Era:
-- someone exploits a vulnerability
-- 2 weeks later someone discovers it
-- half a year later M$ patches it
-- three years later new version of Windows is released and finally the last 80% of users have patched systems.

it took 3 years, 6 months and 2 weeks to patch most computers.
Post-Monkey Era:
-- someone exploits a vulnerability
-- 2 days later monkeys report it
-- half a year later M$ patches it
-- three years later new version of Windows is released and finally the last 80% of users have patched systems.

it took 3 years 6 months and 2 days to patch most computers.

nice PR move though.

Re:this news is BIG

[muszek]

sorry in advance for writing this...

I don't feel very confident about my English, so in case you didn't get my point: "to me time needed to find an vulnerability is just a tiny % of the total time needed to patch most people's OS (most people don't update, M$ doesn't issue patches very quickly, etc.)"

Re:this news is BIG

[putaro]

Your English was fine. It was quite clear.

Re:this news is BIG

True. However it sounds like they are going after the exploits that are not reported, but just used to do things.

Its a *GOOD* idea. Open source should take a leason here.

I know how about we do nothing. As it is pointless to do this. Yep, no problems here. I will take my red hat ver 6 and put it on the net shouldn't get rooted right? It was perfect out of the box.

You are bitching for the sake of it. Please stop.

Let me show you your timeline again in relation to the exploit type in question.
-- someone exploits a vulnerability
-- X days later someone might report it if they notice it
-- half a year later M$ patches it
-- three years later new version of Windows is released and finally the last 80% of users have patched systems.

So X could be 0 to N days. N being a large number. They are going after the exploits no one is reporting!

Color me impressed.

[Vertdang]

If it works the way they intend, this should VASTLY improve security/spywarehandling in the OS. golf clap? golf clap.

Put away your "Jump to Conclusions" mat

[DietCoke]

Considering MS's stance on things like Linux, etc, I wouldn't jump to conclusions. They may consider "seedy" to be competitors, the DOJ, etc.

I'm sorry to break it to you, but your porn habit may still not be helping you in your job-hunting :)

They are Building Security Rep

[mpapet]

This the kind of BS that they will use to claim "PronHorn is more secure!!!" The reality of this would go something like:

1. Set up weak boxes
2. Send them to questionable sites.
3. Watch them get infected.
4. Figure out how they got infected.
5. Report how they got infected.

Then
A. Do nothing, there's "no budget" to fix the problems. (very likely)
B. Modify the code -just- enough to get rid of the worst offenders. (least likely)
C. Charge the end-user a subscription to "protect" them from threats found in their research with another enterprise software package. (my choice as most likely)

In the end Microsoft says, "We've committed billions to increased security in pronhorn. It's more usable and real secure and "just works." Apply more anti-competitive practices liberally and maintain monopoly.

What bugs me the most is it will sound like it's true and kill Linux adoption. But the security patches will just keep coming.

Re:They are Building Security Rep

[omb]

Linux adoption dosn't depend on this, security
is one thing, but stability and usability are others.

Then there is the downside of proprietary data
formats and resistance to economic imperialism.

Finally, M$ is firmly between the rock and the hard place
since most of their security flaws are design errors, not random exploits.

Finally CEOs are, by nature, pragmatic and, usually quite bullshit resistant ... so after
the 21st try of:

-- it happens to everybody

-- 99% uses windoze so that is where the expoits
are

the CIO is told "Find something better, or I will"
which concentrates the minds of PHBs instantly

Re:They are Building Security Rep

[mpapet]

There are weaknesses with these value statements that are easy to exploit by MS.

-Stability and Usability are pretty much there for the average XP/2000 desktop user on MS. They don't know any better and tend to be satisfied. In the server world, it's a different game. The places I have worked tend to be small and they rely exclusively on M$ products in the back room. It's like the devil they know. (because they advertise/use M$ on the desktop...)

-The apps to open these proprietary files comes on most new PC's. The perception is that everyone has the applications to open these files.

-Most of us desire wealth and power. Imperialism is wealth and power on steroids. In a funny way, Americans like to be ruled too. So DRM lock-in makes users feel safer. So, arguing against either is not the smartest way to go.

Linux is great. It's a huge threat to M$'s wealth and M$ knows it. It's missing a killer something though. Something that redefines the marketplace. I'd love to hear some ideas because I want to put it into words. Feel free to email me to discuss further.

how much thought went into this?

[ChipMonk]

Two simple questions:

1. Are these machines using non-Microsoft IP addresses for their 'net access?

2. If not, how long until the worm authors take that into account?

Re:how much thought went into this?

That is actually the main part of the plan -- it was the only way they could think of to protect the Microsoft addresses from being overwhelmed with spyware and viruses and worms and the like.

Re:how much thought went into this?

[lost+in+place]

Good point. But this leads to more general issues:
- how long will it be until the worm writers start to care about the honeymonkeys?
- how long will it be until the worm writers figure out how to differentiate between a honeymonkey and a normal host?
- how long will it be until they figure out how to respond to the two differently so as not to set off honeymonkey alarms?

As with many things on the net, this can turn into an arms race, and that would be the first cycle of it.
(Personally, I think there are so many unprotected/unpatched hosts that the honeymonkey effort won't make a dent in worm propagation, but I'm willing to be proven wrong.)

Re:how much thought went into this?

No offence intended, but If you were able to work that out I'm sure Microsoft have as well.

waiiiiit a second...

Hasn't M$ been telling us that security vulnerabilities only happen because of "irresponsible disclosure" and because they release patches that get reverse engineered... Looks like they don't believe that bullshit any more than I do

Seedier?

[chucks86]

I wonder if the ??AA is involved in all of this... Who is responsible for all of the illegal data that will inevitably end up on these computers...

Can you imagine one/several of these computers gets compromised and ends up an xdcc server on one of the "seedier" irc channels?

Re:Seedier?

Well the NCAA is very concerned with viruses...

Re:Seedier?

[chucks86]

You're right... that should have been "[^Nn][^Cc][Aa][Aa]".

Note: I'm not a regex-expert.

Re:I'M AN OPEN PROXY, BAN ME!

Please, can anyone patent or trademark or register this word honeymoney?

HONEYMONEY $$$$$

HoneyMoney $*$*$

HoNeYmOnEy @$@$@

HaCKivisTuX ©

Re:New job posting at Microsoft

Help Wanted:
Do you have an urge to click anywhere, anytime?
Are you easily persuaded to perform some "maintenance task" to your computer just by some email you received?
We want you!

Seedier Side of Web...

I wonder how Microsoft defines the "seedier" side of the web, and how the sites the various computers visit are regulated.

It would be interesting to run the same test, but equipping half of the machines with an alternative browser.

"if ($body_maintext[$n] =~ /ActiveX|Microsoft\sVM/) {
$seedy_side_of_web=1;
}
"

Re:Seedier Side of Web...

[netsharc]

And I wonder if the test program clicks "Yes" when asked "Do you trust this web site to install software on your computer?", the way IE users do.

Sigh, people are dumb, even when the dialog box says "this may be dangerous!", people keep clicking on "Yes" or "Open attachment". Maybe a new OS/browser should have a quiz when you install/use it for the first time.. when the user is dumb, make it real hard to do something stupid, and when the user is a pro, make it real easy. Maybe the lusers should be put in a sandbox that prevents stupid changes to be permanently made.

Re:Seedier Side of Web...

Never underestimate the ingenuity of complete fools.
Never underestimate the foolishness of Microsoft.

Re:Seedier Side of Web...

[innocent_white_lamb]

And I wonder if the test program clicks "Yes" when asked "Do you trust this web site to install software on your computer?", the way IE users do.

The article says that it does indeed click "Yes" as required.

Great now just report back in 3 months

[TLouden]

Seriously. How many 'great' ideas come out of some over paid monkey's ass each day. It's nice to know about new ideas but what's really nice is to hear about the ones that last a few months and aren't just a marketing ploy.

illegal??

as i recall, werent honeypots dubbed illegal, because they were a wiretap of sorts? i know its a good thing m$ is doing for once, but if its illegal how will m$ get out of the lawsuits from the 'hackers', and virus creaters. 2 wrongs do not make a right, and the courts usually uphold that.

The First Crash

[nmb3000]

Here's the first crash

I think they were computing pi.

Honeymonkey Blacklist

[kjfitz]

Seems like the simple counter measure is a "blacklist" of the honeymonkey servers. Granted the IP addresses of these PCs should be secure but A LOT of info leaks / is stolen / is hacked / is accidentally exposed.

Re:Honeymonkey Blacklist

way to not understand the concept of dynamic Ips

Re:Honeymonkey Blacklist

[Zak3056]

Seems like the simple counter measure is a "blacklist" of the honeymonkey servers.

You're ignoring that the honeymonkey people will undoubtedly react to those countermeasures... and I think it's safe to say they'd win in the end. Given that worms, spam, spyware, etc are everyone's problem, it's in the interest of large ISPs to cooperate by providing resources to this effort.

A blacklist won't be so simple when you have to worry about more than just Microsoft's netblocks... and blacklisting those belonging to, say, AOL kind of defeats the purpose of writing the worm to begin with.

Re:Honeymonkey Blacklist

[benjamindees]

So, you're saying, an organization, having been provided a list of "honeymonkey" IPs, possibly by Microsoft, can continue to use their pet exploits without fear of them being discovered and patched?

And you're saying this also gives Microsoft the plausible denyability to ignore reports of exploits that aren't discovered by their "honeymonkeys"? And, according to you, this also reduces companies' incentive to hire security experts to independently monitor for and discover said exploits, instead relying on Microsoft and their unholy alliance with this select group of hackers?

Well, that's some conspiracy theory you've concocted. I think you need to put on your "tinfoil hat", crackpot...

I can just picture it...

[the-stringbean]

I can just picture future Slashdot articles on this:

Newsflash: Microsoft becomes number 1 spam centre after a new worm infiltrates the "Honeymonkey" network, unleashing havoc upon the web

Jokes aside I think that Microsoft are on to something good here and it's nice to see them being more proactive about Windows security.

Honeypots, Honeymonkeys...

[uchi]

Geez...What is next? Honeybees?

Re:Honeypots, Honeymonkeys...

[Ziviyr]

I think this is just a gratuitous use of the word monkey.

Spiders would be a better fit. Moreover, the honey is behind the spiders, so it'd be a SpiderHoney network.

Re:Honeypots, Honeymonkeys...

[Tribbin]

http://www.sashimidesign.com/honeybear.jpg

Disappointing story

[aslate]

I thought this article was going to say "So they've hired an entire team of moneys to get them to write the next Windows". Infact it's just a load of machines doing nothing. I prefered my idea, much more chance of shit-fights between the moneys.

Re:Disappointing story

[Wordsmith]

With unpatched windows xp machines surfing the web LOOKING to be tripped up, I'd say there's still plenty chance of shit-fights.

Re:New job posting at Microsoft

Pay commensurate with experience?

I'll be RICH!

Seriously, this is a great idea. I bash MS as much as anyone, but I have to give them credit for this idea. Especially if they run Windows Media Player in some of those seedy locations. Errr.. a friend from work said that is a real vulnerability.

Re:I'M AN OPEN PROXY, BAN ME!

Quick!!!
Before than flying Microfost arrives against you!!!

With apologys to Scissor Sisters

Honeymonkey why you lookin' at me?
Honeymonkey why don't you climb that tree?
Hairy people love the Honeymonkey dance
Hairy people love the Honeymonkey dance dance

No! More!
Honeymonkey's havin' fun
No! More!
Honeymonkey's on the run

Bananas don't grow in the Louisiana swamps
So the Honeymonkey's comin' to the monkey baby funk

Honeymonkey's bangin' at my door
Honeymonkey's got me on the floor
Honeymonkey's tryin' havin' fun
Honeymonkey's still the only one

I'm pretty tolerant of misspellings...

[urdine]

But spelling "being" wrong twice in a paragraph is a little much.

Maybe a lot of thought

[JoeBuck]

Suppose Microsoft wanted to come up with a way to get the bad guys to avoid attacking Microsoft. Maybe they could spread the word that a significant range of IP space is honeypots and honeymonkeys and lions and tigers and bears, so then all the kiddies go off and attack someone else.

Re:Maybe a lot of thought

[stoney27]

Suppose Microsoft wanted to come up with a way to get the bad guys to avoid attacking Microsoft. Maybe they could spread the word that a significant range of IP space is honeypots and honeymonkeys and lions and tigers and bears, so then all the kiddies go off and attack someone else.

You are giving someone too much credit, but I am not sure which one.

-S

Think about the possibilities.

[khasim]

You could find an exploit that was fixed by a patch you already issued that wasn't applied ...

and then you could issue a new patch to fix that exploit.

I'm sure people who didn't apply the first patch would be happy to apply the second patch. Really. I'm sure they'd be happy to.

Re:New job posting at Microsoft

[Ithika]

Do you have what it takes to hit the (honey)monkey?

It's a coverup

[bman08]

Somebody at MS got caught surfing porn/warez and cooked up this 'honeymonkey' nonsense to cover his dirty buttocks.

Re:It's a coverup

must b some PR

Re:It's a coverup

[ivow]

I'm bringing the idea up at the next IT meeting. They'll go for it.

Virtual boxes /= invulnerable

[halleluja]

Well, they might get less vulnerable to adware but are more vulnerable than a single non-virtual *bsd box w/apache to /.

=Loading=

Wouldn't those be targetted?

[khasim]

If you're uber-elite, would you target just any machine with your non-publicly-released exploitation?

If it was me, I'd save the big guns for specific sites.

I'd use the common ones to crack the random boxes and use those boxes to map/probe my specific targets.

Once you start hitting everybody, someone will notice and start digging. Then you'll lose your secret toy.

Prior Art!

These guys are already doing it!

Not really an automated effort,

[demonic-halo]

... But just a bunch of guy surfing porn sites on company time.

What? How dare you?

[east+coast]

From the blurb: Sounds like a decent idea from the Redmond crew to me.

Sir, you should be taken to the public square and put in the stocks where you will be beaten by peasants for 32 days! How dare you compliment Microsoft on Slashdot? Do you not know that it's considered heresy?

Nope...

[Pheersome]

Ever hear the saying, "given enough time a room full of monkeys could type out Shakespeare"?
Never in my life have I heard that saying. Not once, in all of my years on the Net, have I come across any reference to typing monkeys. What a concept!

Er, Seed

...crawl the seedier side of the web.

Or as I like to call it, the side of the web I use to spill my seed ...all over my fat honeymonkey.

Rootkit detector

[halleluja]

The rootkit detector is based on the assumption that a clean, uninfected version of the OS is available on CDROM for comparison.

Then, the honeymoon project should not have started after the rootkit detector, right?

Hmumumum...

I wonder if those xpboxes will start up after a day of surfing. I wonder if they'll even make it through the day.

I think i know whose crawling the net on those boxes. *cough*billgates*cough*

It would be a good idea to test other platforms.

[callipygian-showsyst]

Sounds like a decent idea from the Redmond crew to me."

If I were Microsoft, I'd test Mac OS, Free BSD, and L*nux the same way, in order to best server the public, and to show that Microsoft products (we would hope!) are no more fundamentally flawed than other modern networked operating systems.

I have proof

Just look at Linux and you'll see the result of thousands of monkeys working together.

DÆT SÆNDWITCH LUHKS GUD

This message is posted from an open proxy. Open proxies are used to crapflood sites like Slashdot. Please mod this comment down so the proxy gets banned. If you don't care about open proxies, please mod this comment down because it's offensive to NIGGERS and KIKES.

BA DA PA PA pA! I'M LOVIN' IT!

Re:New job posting at Microsoft

[nbert]

Porn? C'mon. Everybody knows that there is no better way to get infected than to google for "Office Serialz" - just try it with a box lacking 3 month of updates ^^

MS sued for negligence?

[blugeoned]

Imagine if MS's honeypot became owned by a bot that brough down another company. Imagine the look in their lawyers' eyes...

honeymonkey good idea???

[joeyblades]

Let me get this straight. Someone thinks it's a good idea for Microsoft to exploit their own security vulnerabilities in order to poke around on other people's computers looking for someone else exploiting Microsoft security vulnerabilities???

Automated scanning not worth anything

THey need to have people doing the crawling .. not some bot. Hire what .. 10 or 20 college kids of diverse interest and pay them to visit the "seedier side" .. this doesnt just mean surf pr0n.

Of course I am fundamentally against the idea of M$FT becoming a police force. No harm done .. doubt they read slashdot. Net should be free of policing. Period.

how will this improve *security*

This is an interesting idea, but it only improves *patching*. It does nothing to increase the quality of software when it's shipped.

When is Microsoft going to understand, they have to write software that's secure in the first place. Strip out features, turn things off by default, hire competent programmers.. whatever it takes.

It is completely inexcusable that software has to be constantly patched just to fix the same types of bugs that we saw twenty years ago (buffer overflows, unchecked inputs, etc).

Remote install debian

[chris_mahan]

I need someone to show us how to remote install debian on these machines.

That'll show the microsofties.

Upcoming Presentation on a Similar Topic

[knwang]

I'm giving a talk on a similar concept at the upcoming RECON. I call this concept 'honeyclients'. As part of the talk, a BSD-licensed honeyclient prototype will be released. Another person who is doing work in this area is Thorsten Holz, of the German Honeynet Project. His whitepaper is here.

New Ballmer's mantra

[50m31sl4sh.]

I guess Ballmer should now be singing:

Monkey, monkey, monkey, monkey
Virus! Virus!
Monkey, monkey, monkey, monkey
Argh! It's a spam!

Elaborate pr0n scheme

Sounds like an elaborate scheme by Microsoft engineers to surf the 'seedier side of the web' and get paid for doing it ;)

Nope

[Mr.+Underbridge]

I always assumed Skynet was based off of Windows XP.

It takes a Terminator to defeat Skynet. It takes a script kiddie and a buffer overflow to defeat Windows.

Re:Nope

[compm375]

Exactly. Skynet must be based off of Longhorn.

Re:Nope

It takes a Terminator to defeat Skynet.

As far as I can tell, no one has defeated Skynet. I assumed that the Terminator Chick is the one who created it (the virus that prompts them to activate Skynet and subsequently the virus infects Skynet, too) because they never explain where else it would have come from.

Re:Nope

Skynet *is* the virus. Were you not paying attention during the film? They say that quite clearly. Their network became self aware or whatever.

Re:Nope

As far as I can tell, no one has defeated Skynet. I assumed that the Terminator Chick is the one who created it (the virus that prompts them to activate Skynet and subsequently the virus infects Skynet, too) because they never explain where else it would have come from.

The whole point of sending terminators back through time was to knock off major figures in the human resistance; Skynet was most definitely on the losing end, or it would have been a waste of resources.

Of course, if the "good" terminator in the last film was to be believed, Judgment Day is supposed to be inevitable. That would imply to me that the human victory is in turn inevitable, and Skynet's attempts to change the present by altering the past are exercises in futility anyways.

Re:Nope

[FidelCatsro]

1'll b3 B4k ,PWNZ0RED .1 W1n 17

Re:Nope

[sveskemus]

It takes a Terminator to defeat Skynet. It takes a script kiddie and a buffer overflow to defeat Windows.

Did you not see Terminator 3?

Re:Nope

back in my day, we could do it with rocks....

Re:Nope

[dosboss]

It takes a Terminator to defeat Skynet. It takes a script kiddie and a buffer overflow to defeat Windows.

Just goes to show you Windows is more secure - it takes TWO things to bring it down, not just one.

That those two things could be a (code)monkey and some (buffer)honey are beside the point.

Better Late than Never

[Ridgelift]

FTA: "Just by visiting a Web site, (if) suddenly an executable is created on your machine outside the Internet Explorer folder, it is an exploit with no false positive -- it's that simple," Yi-Ming Wang, senior researcher with Microsoft Research, said during a presentation at the IEEE Security and Privacy conference in Oakland last week.

With all the hoopla a couple years ago about how Microsoft is serious about security, I had ASSUMED they were doing this! The Honeynet project is coming up on 6 years, so it's not as if Redmond didn't see others doing this.

Really, for a multi-billion dollar company, it's inexcusable that they have not been running a honeynet with their product. Oh well, better late than never.

How can it go wrong?

[__aanmcy3303]

With all that honey soaked into the monkey's fur, there's bound to be a few "accidents"...

...And it'll probably take microsoft 6 months before they start to clean it all up. :p

What shall we do with the drunken customer...

[syousef]

...earl-eye in the mornin'? ...put him in bed with the OS from Redmond ...she's so ugly she looks like a honeymonkey...

And another reason..

[cianduffy]

By having tens of thousands of automatically web roaming MSIE boxes, Windows and IE usage figures on the web stay high... these boxes will be able to 'surf' faster than the average human, and will be visiting the kind of sites that have tracker scripts installed...

It has to be said

[majest!k]

theres a slew of reasons this is a stupid idea that should be painfully obvious to most slashdot readers...

[1] whatever number of machines microsoft uses to "crawl" the "seedier side of the web" , they will NEVER be able to crawl all of it, all the time.

thus: THERE WILL ALWAYS BE A WINDOW OF OPPORTUNITY BETWEEN SCANS FOR A NEW, PUBLIC EXPLOIT TO WREAK HAVOC - BEFORE MS EVEN SEES IT

[2] more often than not, the non-reported vulnerabilities ("0day") are NOT used to mass-attack random IP's. they are used in targeted attacks against specific machines.

thus: THIS WILL NOT HELP MS DETECT UNREPORTED VULNS

[3] running VM's does not emulate all hardware of a machine, and therefore cannot accurately represent an end-user's scenario.

thus: THIS IS NOT AN ACCURATE MEASURE OF HOW SECURE A WINDOWS BOX IS ON THE INTERNET

the very idea of microsoft going out looking to get hit, instead of just securing their fucking OS to begin with, is plain stupid. this is like leaving your car unlocked with the windows rolled down in the ghetto and then watching from your apartment to see who jacks it.

/. really needs to stop gobbling up lame MS PR. this is getting old.

Re:It has to be said

[dampjam]

Honestly, do you even know what you are talking about?

Plugging in a different mouse or keyboard does not make your computer more vulnerable to spyware. All of the problems, and I fully admit that Microsoft has many, are software.

Microsoft spends significantly more on research than most companies their size. I happen to like many things Microsoft does.

On the other hand, I exclusively use linux now on my laptop. Just because of their name, does not mean that we cannot give them Kudos for something good.

Every comment that is highly rated in this thread is a joke. Is this about objectivity? I think not.

Re: It has to be said

[plenTpak]

[1] Even though Microsoft will not be able to find every single vulnerability, this will help them find and fix common vulnerabilities that appear. Since they'll know where the problem came from, they'll also be able to test any solutions they come up with. And there always is a "window of opportunity", but this will help Microsoft shorten it.

[2] According to the description, the network is set up to crawl websites looking for vulnerabilities. If one of the websites infects the crawler, then they will have found a vulnerability. So it could help. In fact, they could also watch for non-browser related exploits, which are commonly used by worms. So in both cases, it very well could help Microsoft detect unreported vulnerabilities.

[3] All they need to do is use IE. If their system gets infected, that's enough to raise an alarm. They don't need matching video cards to see if IE has a buffer overflow in its image rendering module. And they are trying to secure their OS -- that's the point of this research! Discover holes, and fix them. A more apt analogy would be letting people try to break into your car, and then installing countermeasures against whatever techniques succeded.

Sure, it's not the perfect solution (as if one exists), but it's a good idea.

Re:It has to be said

[Quantam]

I applaud your courage, being the lone voice of reason when the majority of Slashdot has fallen prey to the deception of the Great Satan. I mean, it's not like having the machine get infected right in front of you so that you can whip out a kernel debugger would be any more effective than end users reporting that their computer just went down in flames, anyway. And certainly it's only rational that programmers go hunting for things hackers already figured out, rather than spending their time looking for undiscovered holes, and letting bots do the rest for them. Better yet, MS should just whip out their omniscience machine that they've been building in secret with their hundreds of billions of dollars, and instantly find every problem in the millions of lines of existing code, and build an OS so secure that God Himself couldn't hack it!

Re:It has to be said

[stw0ng]

[1] whatever number of machines microsoft uses to "crawl" the "seedier side of the web" , they will NEVER be able to crawl all of it, all the time.
Yes, because they're not set up to crawl some of the seedier IRC channels you see some untrustworthy figures hanging about and linking flamebait in. This must all be part of Microsoft's grand scheme to find a large excuse to download large amounts of porn.

[2] more often than not, the non-reported vulnerabilities ("0day") are NOT used to mass-attack random IP's. they are used in targeted attacks against specific machines.
generic /. anti-M$ comment: In Microsoft's case, I don't think "0day" is a good name for unreported vulns... you know, "1month" sounds a lot better to me.

[3] running VM's does not emulate all hardware of a machine, and therefore cannot accurately represent an end-user's scenario.
So, Microsoft will not, unfortunately, get the opportunity to say... HELP MY MOUSE IS MOVING BY IT SELF

Huh.

[GungaDan]

Is that what Laura calls him?

A Little OT

[bad_fx]

But since the OP mentioned Shakespeare and monkeys, don't forget to visit the

Monkey Shakespeare Simulator! :)

Monte-Carlo Simulation

[kukickface]

Obviously not in a numerical sense, but it seems like an apt enough analogy.

Strange, I've received these ads

Slashvertisements - by Google

Adds Spyware - Free
Adds Spyware, Adware, & Parasites with PopUps & Identity Theft!
www.claria.com

Automated Anal Systems
GET FUCKED HARD BY THESE MACHINES NOW!
www.fuckingmachines.com

Are yuo a lonely parent of twelve, young, hot teenagers?
Holy shit, somebody buy me and CowBoyNeal those fucking machines NOW!
cmdrtaco.net

Re:I'M AN OPEN PROXY, BAN ME!

Hmm, must be a distributed automated program. I count 12,834 IP addresses.

Tommorow's Story...

[Shads]

... "Today microsoft removed the honeymonkey program as a redundent system. Spokesman for the company had this to say, "We figure with can save our systems admins millions of hours reconfiguring compromised windows systems here at redmond by just turning on crash collection data in the field as our calcuations put the exploited rate of windows boxes in the field at about 99.999999%." "

rofl. In all actuality though, it's a good plan. Maybe ms will someday not be a scriptkiddie's wetdream.

Infintie Monkeys

[tyman]

"given enough time a room full of monkeys could type out Shakespeare"

I believe the quote is "If you placed an infinite number of monkeys on an infinite number of typewriters, one of them would eventually produce the collected works of Shakespeare." rather than the grammatical nightmare stated above.

The Infinite Monkey Theorem

Re:Infintie Monkeys

[hanshotfirst]

If it is TRULY Infinite (though not in the quote) they would create an infinite number of the complete works of shakespeare.

By the same logic, they could also produce a secure version of Longhorn (maybe that's why it is taking so long - not breeding monkeys fast enough).

Of course, they would also produce the complete body of SCO code, so the monkeys would be fined and jailed before they could complete the other works.

I wonder what an infinite number of penguins would produce?

about this "groupthink" bullshit

Queue the typical Slashdot anti-{anti-MS groupthink} groupthink. Fucker.

I freakin' hate Microsoft. But I really like this idea. :O

I think I just ate your lunch.

Just so you know, while many ignorant folk are indeed on the I-HATE-MS bandwagon just because it's cool, it doesn't mean that the bandwagon itself isn't solid, or that some of the musicians on it aren't serious rockers who know their shit. It means that in addition to being smart, it's cool. At least... it was before they hopped on.

Still, you're welcome. I'll turn off my anti-anti kneejerk and take back the "fucker" I flung at you earlier. Hop on.

So let me sum in case you're stupid:
I-HATE-MS: well-founded
I-HATE-MS-kneejerkers: exist, I'm sorry -- doesn't invalidate I-HATE-MS
I-HATE-I-HATE-MS-kneejerkers-kneejerkers: that's you

Please, next time pack a more nutritious lunch.

Bill Gates...

[Synth3t1c]

Is working with his own kind.... Microsoft is stupid for doing this; if they find one messup I will end my life now!

Ummmm.....

[khellendros1984]

Spell check, aisle 1!

Dirty Dozen

Looks from the article that MS will commit a dozen or so boxes to this project, so if someone knew the boxes were running under different patch levels, it would be possible to exploit the boxes to prevent it from crawling further.

If you can stop all 12 boxes from crawling, then this little project is a complete waste.

You could even write exploit boxes to just stop this honey-monkey thing.

If security equates to 12 boxes at MS, that's pretty sad.

It was the best of times...

[dg41]

"It was the best of times, it was the ... blurst ... of times! You stupid monkey!"

an interesting approach

[brre]

I think I'll send out a fleet of ships designed and built with thousands of serious leaks in their hulls, and, as they sink to the bottom, they send back sophisticated damage reports.

Or wait, here's an idea: how about I fix the f**king leaks.

There's nothing wrong with a honeypot, but you really don't learn much from exposing systems already known to be utterly insecure.

You know what else monkeys could write?

[weavermatic]

Lame anti-Microsoft jokes and Linux praise.

Really people, get over it. Hey ,Windows has it's uses and strengths just as Linux does, and Mac, and everything else out there running a computer somewhere. It's a toolbox, and you pick the right tool for the job. Do you go around making fun of the screwdriver all day because it's not effective at hammering in nails? No, you grab a hammer.

Brilliant!

[ToasterofDOOM]

Given enough time, even monkeys might possibly be almost sort of able to get windows (mostly) right. All in theory of course.

Have hackers do it.

[rice_burners_suck]

Maybe what Microsoft truly needs to do is hire a bunch of hackers, crackers, phreakers, h4x0rz, skript k1dd13z, and whatever other scum they can find, and pay them minimum wage to sit there and hack/crack Windows, finding vulnerabilities. "What?" you say, "only minimum wage?!" Well, that's not the whole story. Each time someone finds a way to screw up Windows, they will get paid $50. Therefore, most novice skript k1dd13z in junior high should be able to earn a $250,000 salary a year when working 10 hours a week from home.

Sam Walton

"this is how"
I couldn't tell which method "this" was referring to.

However, Sam Walton was a genius, and his kids are not. They're ruining the company, and it would already be dead if he hadn't built it so well.

sounds to me like they copied this guy

[austad]

Sounds to me like they copied this guy's idea:

http://www.malwareblog.com

He's been doing this exact same thing for almost the past year. The site just went up a couple months ago, but he's been sending his findings to AV companies and some mailing lists for much longer. There's a lot of undiscovered stuff floating around out there.

Buffer Overflows

[DarkRecluse]

I wonder how much more time it would take for microsoft to pour over all those millions of lines of code looking for buffer overflows, which seem to make up the majority of the vulnerabilities we see. I'm guessing that's not very cost effective:)

Besides that, what responsibility does Microsoft have to the community of internet users that could be "attacked" by this honeynet. What kind of analysis they are going to use to find these vulnerabilities quickly and what kind of mitigation do they plan once compromised?

New source of zombies; Microsoft

[Progman3K]

Great idea, Microsoft. This one won't blow up in your face... Not!

Dedicate a few thousand machine to getting infected, and give them access to the net...

I wonder how long until people start noticing that the zombies trying to compromise their systems are located in Microsoft's network.

Microsoft just made the net even more unsafe.

Let the lawsuits commence.

Re:New source of zombies; Microsoft

[Legion303]

"I wonder how long until people start noticing that the zombies trying to compromise their systems are located in Microsoft's network."

Because, of course, not one person at MS has ever heard of egress filtering, right?

Re:New source of zombies; Microsoft

[Progman3K]

They are having the machines crawl the web.
Sounds like egress to me.

Re:New source of zombies; Microsoft

I wonder how long until slashdotters will stop saying "I wonder how long" as though they know the answer is "soon."

Re:New source of zombies; Microsoft

[Legion303]

You're right. I bet lots of trojans run on port 80.

Re:New source of zombies; Microsoft

[Progman3K]

>You're right. I bet lots of trojans run on port 80.

Code Red is one example.

I feel that it's reckless to think it can be contained and controlled.

If you have thousands of unpatched machines actively trying to get infected, that becomes a resource to be exploited.

Virus-writers are clever devils and if you set any egress constraints, they'll just code up a virus that works within those restrictions.

ONE machine, with people analyzing the packet flow and contents can be used to learn things, but you would need active analysis from the people running the honeypot. If you have thousands of machines then it makes it almost impossible to assure so much traffic, doesn't it?

And you have to wonder exactly how many people would be working on the project. Virtual machines may not cost very much, but people to actually analyze the data from them do.

It just seems like a recipe for disaster to do something like that on such a big scale.

Maybe you are right, and it could be controlled, but I feel it is playing with fire and has the potential to actually cause harm.

I suppose in time we'll see, and I hope it turns out that you are right.

Download...

[nweaver]

You can't download it yet, but...

Sysinternals has a similar rootkit detector, instead of scanning the registry from safe media, it does it at a very low level as well as high level, thus it is possibly foolable but still pretty good.

You can get a Knoppix CD and do it for Linux: From within the possibly rootkitted system, MD5sum everything on the disk, reset and boot into Knoppix, repeat the MD5 sum process and look for any differences.

spell check

[Lil-Bondy]

looks like there is a bug in your spell check program, its BEING not bieng.

honeyd already did this long ago

The honeyd project is all about spoofing to see what results.

So uSoft is doing the same thing and putting out press as if this is their idea?

Do they have no shame?

They created their full 0f holes Operating System and they are ultimately culpable in their negligence for the billions in loss that their POS OS (piece of sh** operating system) causes.

I'm Gunna Be A Monkey

[lanner]

Why is it that I have that Ren & Stimpy song playing it my head?

For Those in the Corporate IT World

[eander315]

I don't have to squint too hard before this honeymonkey project, "...which is little more than a network of virtual Windows XP boxes in various patch states", starts looking like the network I work on every day. Remove the word "virtual", call it the usermonkey project, and you're most of the way there.

it would all make sense

if i know what bieng was.. ?

"not bieng reported, and are bieng actively exploited"

U LINUX FAGS

[SparafucileMan]

Look. It's a good idea what they've done.

And yet every +4 post here, with the exception of 1, is a rip on M$.

Don't get me wrong, I'm not a M$ lover, but look, their idea is decent, you have to admit. And yet where is the intelligent discussion of the matter? None.

M$ finally does something good and everyone rips on them. What a bunch of dorks.

There's a reason your jobs are getting shipped to India!

Re:U LINUX FAGS

[turgid]

There's a reason your jobs are getting shipped to India!

Dude, you're 5 years out of date. India is saturated. My job just went to Beijing in China.

Re:I'M AN OPEN PROXY, BAN ME!

[panic_paranoia]

I would like to take a moment to thank you for taking the time and effort to make things better around here. I don't know what we'd do without you.

Its 'i' before 'e'

[crovira]

"not bieng reported, and are bieng actively"

Sorry to nit-pick but...

sounds like a good idea

[sven_eee]

sounds like a good idea, i wounder who they stole it from?

You mean...

[Bun]

...they don't do something like this already? How does their security team do research, anyway?

Re:yo yo

Those big dick niggers would be so proud of you. -Slash-Girl

An (im)modest proposal

[Markus+Registrada]

I wrote about something sort of similar:

A Modest Proposal, or not

The upshot is that (1) the rootkits will close the holes they use, (2) the vulnerable machines will be tucked behind firewalls, infected via the web and e-mail, and (3) the bad guys can send bad e-mail to victims, but the honeymonkeys can't.

Monkey jokes- death of a thread

[GermanShorthair]

I'm toast, moving on.

Flaw in the concept...

[ttimes]

Given enough time the monkeys in said room would exhibit two things. First, the Near Misses, i.e. not quite Shakespeare renditions (think "To be or not to be- Hey! Thats my banana!") and the direct hits. And what of the later? Well gven enough time, when you finally open the door on those monkeys, they will be us. And we have already written Shakespeare...

MS - the security company (?)

[l3v1]

Will the day come sometime in the future, when MS will be a security company ? Maybe. The strange thing is, they are looking for ways (like the av and antispy sw acquisitions) to defend a basically unsecure os, and not for ways to make the os itself more secure. My foremost problem with this is, that I don't feel optimistic enough to trust in security questions a company with almost none security-related success stories in their past. But, no doubt, there are many of such optimistic people out there. In the meantime, all their honeys can crawl my home debian for free, given they most certainly will not be able to crawl my work windows boxes.

Re:New job posting at Microsoft

Great benefits -- unlimited tissues!

I honestly have doubts.

[beware1000]

and arn't black hats the ones we are worried about most anyway?

in an on-going related project

[naph]

the dedicated windows monkey team are still having difficultyrandomly producing the perfect operating system. the monkeys have been working at the typewriters for nearly 30 years now with little more than windows xp to show for it. microsofts head bill gates said he has not lost faith, the project will continue.

Just great

So that means that when you have had enough of MS security, you simply slap the monkey?

Here is the good news.

[WindBourne]

I did this same thing over 3 years ago for another company i.e. it has prior art. If MS persues a patent on it, and my old company did not, I will be hitting them with the PA.

The million monkeys doesn't work

[thomasj]

It is an illusion to think that a million monkeys behind a million typewriters will eventually produce something valuable.

Just look at Usenet, Slashdot and IRC.

Microsoft has Decent Idea?

[DavidD_CA]

Sounds like a decent idea from the Redmond crew to me.

Wait a minute... is this still Slashdot?

Re:New job posting at Microsoft

[Westacular]

Help Wanted:
Can you surf for porn at least 8 hours a day?
Self-motivated, goal-oriented individual needed full-time.
Pay commensurate with experience.

Non-simians need not apply.

HonkeyMoney would be cooler...

...since it'd mean that Bill was finally sharing his cash reserves.

IE....

[JCWDenton]

"If we ever identify a fully patched machine that got exploited, we got a big problem. We would involve the IE team and show them the threat." Ofcourse..it's always IE... A Mozilla system and all they have is their hands and the internet....

Idea is old hat

This was a standard technique for AV companies in the 1980s

what will hey do with it?

[nietsch]

It's all very nice an dandy that they want to collect exploits, but what will they do with it? It is not that MS is known for it's swift reaction to published exploits. Maybe they wish to start working bofore (if ever) the exploit is published?

Besides they are overlooking the biggest security flaw of every computer: the user. Somebody that has been promised pr0n for instance wil not hesitate to click yes when 'unpacking' his load of porn he just downloaded from bittorrent.

The trick might work when the next version of windos comes with a dedicated monkey built in. The monkey is subjected to every piece of software to install on the real system first. when the monkey dies or some tests detect malware the software is not installed, and the monkey resurrected to a previous state. (Or maybe it attempt to remove the malware first)

Hey, why am I dreaming up things for windows? I should be designning that for a Linux distro.

Re:New job posting at Microsoft

[OneSmartFellow]

Do you have what it takes to hit the (honey)monkey?

Do you have what it takes to spank the (honey)monkey?

Co-Workers?

[Primal_theory]

So these new guys are our co-workers in the fight aganst viruses and such, they better be good, because if I hear that this works, im gonna go buy a mac and leave the shithole that is windows behind (this will soon be a linux box)

Uhhh..

[Mr.+Underbridge]

Did you not see Terminator 3?

Honestly? No. Looked like a piece of tripe. Liked the first two though.

I hope they're trying to be effective

[springbox]

It would probably be a good idea if they tried to get IP addresses for the machines that don't come from their standard Redmond block. Hook them up to a consumer grade broadband cable connection and they'll probably be under attack with not much waiting.

...seedier side of the web...

[orb_fan]

Mmmm...

PORNBOT!

Microsoft admits IE is main security problem

[It+doesn't+come+easy]

[...] "If we ever identify a fully patched machine that got exploited, we got a big problem. We would involve the IE team and show them the threat."

There you have it, folks. A tacit admission from Microsoft that Internet Explorer is the most likely vector for a security breach.

Dancing Honeymonkeys

I'm sorry, but mentioning Microsoft and monkeys in the same sentence is bringing back nightmarish visions of Steve Ballmer dancing, screaming and generally making an ass of himself...

One if by land, two if by sea (or was that net?) The HoneyMonkeyBoys from Redmond are coming! The HoneyMonkeyBoys from Redmond are coming!!!

Ha!

[catdevnull]

Honeymonkey, eh? Now I know what to call our network of self-administrating faculty and staff.

2 Words: Job security.

Re:I'M AN OPEN PROXY, BAN ME!

[glassjaw+rocks]

It's "Honeymonkey".

Script Kiddies' place in evolution

[doublem]

Only if your last stage was "Newbie with an inferiority complex and an attitude" and your next stage is "Rampaging a**hole who still doesn't understand computers but insists he's a hacker because he can double click on a Perl script"

Re:Script Kiddies' place in evolution

[Skye16]

my last stage was "reading sci fi and fantasy and playing too much D&D", followed by about 6 years of "video games and porn".

I think I've stagnated :(

Hanuman

[Thinman]

So this leaves to Bill as Hanuman and his army of monkies.

You have a choice to make young Skywalker

[doublem]

Well, you have a choice to make.

You can go down the path of the Script Kiddie, Fandom, Techno-Fandom, Programmer, Uber-User or Hacker.

Script Kiddie pretty much excludes being any good at the other paths, but the other paths do not necessarily exclude each other.

Script Kiddie: A worthless waste of skin who considers themselves to be "better" in one way or another because they can download and run the utilities the found listed in their copy of "Hacking Exposed" and type in an obscure dialect of L33t 5p33k.

Fandom: A Sci-Fi or fantasy fan. A Geek path that does not require computer skills, but doesn't preclude them either. Star * Geeks, Buffy fans and even some furries fall into this category, but don't let the unsavory stereotype associated with the above groups turn you off. The vast majority of Sci-Fi fans are perfectly normal people.

Techno-Fandom: The Sci-Fi fans who run the Sci-Fi conventions. There's a LOT of overlap with the theater industry in this group. It also has a lot of people who dislike Sci-Fi but participate to hang out with their friends and meet hot chicks at the Dresden Dolls concerts.

Programmer: Linus Torvalds,Woz, Bill Gates in the early years, Mad Dog and the like are among the icons in this category.

Hacker: Black Hat, White Hat or Grey Hat, this is the group Script Kiddies are pretending to be part of. Cult of the Dead Cow is good example. Most of this group's literature is read by the Script Kiddies, who then pretend to understand it, sometimes even fooling themselves.

Uber-User: Many Techs fall into this category. They know far more about computers than a Script Kiddie ever will, can administer most servers and environments reliably and tend to be on the ball. In their knowledge, they're beyond the "Just Enough to be Dangerous" level, but not quite Programmers or Hackers. They're a separate category because many people send their lives here, never quite becoming Programmers. The difference is often Grey and fuzzy, with people changing their classification easily if you shift platforms on them. For example, many Windows Hackers are reduced to Uber-Users when switching to *nix and vise versa.

I think we need to send some

[zrk]

TrunkMonkeys to Microsoft to make some sense of all this.

what a good idea

[acrimony]

is anyone else at least a little suprised that they are just starting something like this? i mean jeezus with all the $$ and IQ they have no one has ever thought of this before? weak...

Re:what a good idea

Did you think of it? No? Then kindly STFU. Thanks

Re:what a good idea

[acrimony]

Yes actually I have had the idea of proactively figuring out what problems a given system might have in the real world by using it myself in the real world instead of just letting real-world users of the system to complain when they encounter these problems. It's a pretty basic concept there chief. Are you faulting me for not being paid my Microsoft to implement the idea? oh yeah.. my bad.. totally.

We're on the right track now!

[VxJasonxV]

WHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHAT?
Instead of seeking out more bugs to fix, why don't they ____FIX THE CURRENTLY EXISTING ONES!____
I will admit, Microsoft Spyware Detector Beta is a step in the right direction.

But come now.
You clean off your plate before you re-cover it in spinach.