Microsofts "Honeymonkey" Project

g0bshiTe writes "Ever hear the saying, 'given enough time a room full of monkeys could type out Shakespeare'? Well Microsoft seems to be taking this saying to heart, and taking a cue from the Honeynet project, they have created what they have dubbed 'honeymonkeys.' Security Focus has an article which describes this honeymonkey network, which is little more than a network of virtual Windows XP boxes in various patch states. These boxes are setup to crawl the seedier side of the web in search of vulnerabilities not bieng reported, and are being actively exploited in an attempt to further secure their product. Sounds like a decent idea from the Redmond crew to me."

It has to be said

[majest!k]

theres a slew of reasons this is a stupid idea that should be painfully obvious to most slashdot readers...

[1] whatever number of machines microsoft uses to "crawl" the "seedier side of the web" , they will NEVER be able to crawl all of it, all the time.

thus: THERE WILL ALWAYS BE A WINDOW OF OPPORTUNITY BETWEEN SCANS FOR A NEW, PUBLIC EXPLOIT TO WREAK HAVOC - BEFORE MS EVEN SEES IT

[2] more often than not, the non-reported vulnerabilities ("0day") are NOT used to mass-attack random IP's. they are used in targeted attacks against specific machines.

thus: THIS WILL NOT HELP MS DETECT UNREPORTED VULNS

[3] running VM's does not emulate all hardware of a machine, and therefore cannot accurately represent an end-user's scenario.

thus: THIS IS NOT AN ACCURATE MEASURE OF HOW SECURE A WINDOWS BOX IS ON THE INTERNET

the very idea of microsoft going out looking to get hit, instead of just securing their fucking OS to begin with, is plain stupid. this is like leaving your car unlocked with the windows rolled down in the ghetto and then watching from your apartment to see who jacks it.

/. really needs to stop gobbling up lame MS PR. this is getting old.