What Spooks Microsoft's Chief Security Advisor

← Back to Stories (view on slashdot.org)

What Spooks Microsoft's Chief Security Advisor

Posted by samzenpus on Wednesday March 26, 2008 @11:57PM from the when-the-darkness-looks-back dept.

alphadogg writes "Microsoft's U.S. general manager/chief security advisor for its National Security Team, Bret Arsenault, thinks like a true security professional. In every bit of good news, he wonders what bad news could be coming. Application security, virtualization security and the fact that over half of computer attacks seen by Microsoft come from the .edu domain are just some of the things keeping him up at night."

6 of 136 comments (clear)

Min score:

Reason:

Sort:

students sharpening their pens by ionix5891 · 2008-03-27 00:01 · Score: 5, Informative

half of computer attacks seen by Microsoft come from the .edu domain

nothing to worry just students testing their scripts against big bad microsoft :) we all did it at one stage ;)
1. Re:students sharpening their pens by Bert64 · 2008-03-27 01:04 · Score: 4, Informative
  
  Home connections still have fairly poor upstream compared to their downstream...
  People who root boxes want upstream, so they can scan for more boxes to hack, ddos things or distribute malware. They typically have very little need for downstream bandwidth to the compromised boxes.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Cleaner Version by Anonymous Coward · 2008-03-27 00:08 · Score: 5, Informative

Without all of the ads. Won't someone please think of my eyes?
Gandhi's Joke: Credit Where Credit's Due by AslanTheMentat · 2008-03-27 00:53 · Score: 5, Informative

Come now, give credit: Mahatma Gandhi...

Reporter: "Mr. Gandhi, What do you think of western civilization?"

Gandhi: "I think it would be a good idea!"
Re:Big surprise? by Anonymous Coward · 2008-03-27 01:15 · Score: 1, Informative

I used to always use billy@microsoft.com as a return address when I was testing

billg@microsoft.com would have been better.
Re:This Guy Doesn't Get Security by Time+Ed · 2008-03-27 03:44 · Score: 2, Informative

I think he "gets it" just fine. Most of his assessments are right on the money compared to what I see day-to-day.

Who wouldn't want to stop attacks against their site? Half the attacks I see are sourced from Asia. The other half from US-based broadband connections. We buy BIG pipes, and my execs pay a lot of money for our provider to work with regional ISP's to filter attacks at the source.

Like it or not, he's right: attacks are becoming application-based. Mostly browser-based. The other end of that is social engineering. Drive-by downloads and XSS are nightmares. Then there's infected .pdf's and .doc's emailed in, or carried in from home. Don't forget the rooted shareware. And while I see the usual probes and perimeter mapping, I also see some very sophisticated attacks against our website and middleware.

Wake up bro: the name of the game is money. The days of cracking for fun and bragging rights are long gone. The only mischief left is script kiddies nmap'ing my perimeter, or students trying out old ideas with bot kits and worms. The REAL threats are the IP of some very powerful people - probably in Eastern Europe and Asia, and I'd wager their code doesn't circulate. Just wait until you get to do a forensics report on a server that you have no idea how it was compromised. In the meantime, good luck with your security plan.