Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Invites Black Hats into Vista

Posted by ryuzaki0 on from the you-may-want-to-think-this-through dept.

gtzpower writes "Microsoft is inviting hackers to 'Take Your Best Shot' at Vista. 'You need to touch it, feel it,' Andrew Cushman, Microsoft's director of security outreach, said during a talk at the Black Hat computer-security conference. 'We're here to show our work.'" From the article: "A security team with oversight of every Microsoft product — from its Xbox video game console to its Word program for creating documents — has broad authority to block shipments until they pass security tests. The company also hosts two internal conferences a year so some of the world's top security experts can share the latest research on computer attacks." Essentially a tie-in with an article we discussed yesterday.

13 of 189 comments (clear)

  1. why invite the black hats in? by ed.han · · Score: 5, Funny

    aren't they already freaking there?!

    ed

    1. Re:why invite the black hats in? by Chosen+Reject · · Score: 5, Informative

      You are absolutely correct. Just because he's not going to leave until July 2008, and just because he is giving up his day-to-day activities while remaining chairman of the board and "advisor for key development projects" doesn't mean he should still be considered at all a leader of any kind over at MS right now in August of 2006.

      --
      Stop Global Warming!
      Just say no to irreversible processes!
    2. Re:why invite the black hats in? by soulshinejam · · Score: 5, Funny

      I just got pwned.

    3. Re:why invite the black hats in? by Si · · Score: 5, Funny

      What else does this guy have to do to wash the blood from his hands?

      Give the money back.

      --


      Why is it that many people who claim to support standards have such atrocious spelling and grammar?
  2. How it plays out by MrSquirrel · · Score: 5, Funny

    ------------Now-----------
    MS: "Have it Vista, hackers -- see if you can find any exploits"
    BHs: *they go to it* "Nope, we don't have any security holes to report to you, it looks like Vista is impenetrable."

    ------------Vista is released-----------
    MS: "What the heck? How can there be over twelve-thousand viruses for Vista on the day it's released?!"
    BHs: "All your Vistas are belong to us! Thanks for your help Microsoft!"

    --
    A computer once beat me at chess, but it was no match for me at kick boxing.
  3. No real black hats interested by The+Famous+Brett+Wat · · Score: 5, Insightful

    The real black hats want it to be widely deployed before they start exploiting it.

    --
    proof, n. A demonstration that a conclusion is implied by certain premises and axioms.
  4. Quote by Anonymous Coward · · Score: 5, Insightful
    "There are some who feel like that the conditions are such that they can attack us there. My answer is bring them on," Ballmer said. "We've got the force necessary to deal with the security situation."

    Say, wait. If you've just given prerelease test copies of Vista to 3,000 "black hats"... and you're hoping they'll find bugs in them and report them back to you before Vista ships... I mean... how do you know that's what they're actually going to do?

    What if some of these "black hats" look over Vista, find security bugs, keep them secret, go back to Microsoft and say "Whelp! Looks like Vista doesn't have any security holes at all!"; then wait for Vista to be released, and once it's out have a 0-day exploit that they can use in their offshore spam/spyware businesses and that no one else will even know exists until two years from now when a gray hat independently finds and publishes it and Microsoft finally fixes it?

    I mean, of course that's a worst case scenario. But still, sometimes I think the old thinking on how the world of hackers works no longer really applies now that the primary motivating force is not pride, but money (in the form of sweet, sweet herbal viagra).
  5. Re:Trap? by thelost · · Score: 5, Funny

    It is a trap. They have a suicide booth in there, with Vista logo's printed all over it. The last thing you ever hear before dying a horrible bloody death is the Windows Vista Chime.

    --
    Promote Charity on Myspace, Show Your Colours!
  6. 'You need to touch it, feel it,' by spun · · Score: 5, Funny

    "Now Vista, can you show us on this doll where the hacker touched you?

    "Let the record show that the victim pointed to the KERNEL!"

    --
    - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
  7. Re:Trap? by soft_guy · · Score: 5, Funny

    Isn't that what all versions of Windows have always been?

    --
    Avoid Missing Ball for High Score
  8. Re:Not that I wish to flame, but... by russ1337 · · Score: 5, Informative

    Any of you who listen to Security Now will have heard M$ have re-written the networking stack (as discovered by Symantec et.al).

    Needless to say, even after this testing and patching, there is a high probablity the networking interface will still have a few 'zero day' flaws...

  9. Re:Microsoft invites what now? by dr_dank · · Score: 5, Insightful

    Something like this would bring the wannabees and dingbats out of the woodwork. A real paranoid black hatter wouldn't want to have his identity known or put himself under Microsoft's sights for a non-serious amount of money. You'd better believe that people that take this challenge will be closely watched from now on.

    --
    Where does the school board find them and why do they keep sending them to ME?
  10. Re:Trap? by kinnell · · Score: 5, Funny
    The last thing you ever hear before dying a horrible bloody death is the Windows Vista Chime.

    ...and the last thing you see is a clippy saying "You look like you are about to die a horrible and bloody death. Would you like some help with that?"

    --
    If I seem short sighted, it is because I stand on the shoulders of midgets