Many Hackers Accidentally Send Their Code To Microsoft

joshgnosis writes "When hackers crash Windows in the course of developing malware, they'll often accidentally agree to send the virus code straight to Microsoft, according to senior security architect Rocky Heckman. 'It's amazing how much stuff we get.' Heckman also said Microsoft was a common target for people testing their attacks. 'The first thing [script kiddies] do is fire off all these attacks at Microsoft.com. On average we get attacked between 7000 and 9000 times per second.'"

Re:So then what's with the wait?

[ScentCone]

why don't they respond quicker?

What makes you think that any of those 7k script kiddie attacks on MS's public-facing web presence actually show with anything the least bit new?

Re:So then what's with the wait?

[nmoog]

I'm guessing it's because the real "hackers" don't accidentally click the send button.

Re:So then what's with the wait?

[DIplomatic]

From the summary

On average we get attacked between 7000 and 9000 times per second

If they get attacked that often, it shouldn't take long for them to find and confirm security holes in Windows. Yet they have been noticeably slow in patching some of those holes; why don't they respond quicker?

In what possible way does an attack across the internet at Microsoft.com translate to exposing a flaw in the Windows operating system? That's like saying submitting an angry letter to the editor of your newspaper exposes the fact that one of the side windows on your house doesn't close properly.

Very confusing article

[microbee]

The article is talking about two things: developing virus (and sending crashdump to Microsoft) and attacking Microsoft.com. These are not the same thing.

And a crashdump containing virus does not mean it's the hacker that sent it. It could well be the victim. So while the speaker wants to say something entertaining, I wonder how truthful it actually is.