Slashdot Mirror
Microsoft Offers $250,000 Reward For Botnet Info
Orome1 writes "Microsoft decided to extend their efforts to establish the identity of those responsible for controlling the Rustock botnet by issuing a $250,000 reward for new information that results in the identification, arrest and criminal conviction of such individual(s). 'While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions.' Residents of any country are eligible for the reward pursuant to the laws of that country."
The only secure operating system is one not connected to any network, locked in a closet with no user interface.
In some bank.
Upward mobility is a slippery slope - the higher you climb the more you show your ass.
nothing is ever 100% secure, at least they are making an effort to shut down the spam pushers.
no worries.. there's always people like you to make sure the fud stays front and center..
Pfft. You call that secure?
You want secure, you need to fill all USB/PS2/VGA/HDMI ports with epoxy, encase the individual HDD platters in concrete, and hide each one in a separate underground ruin guarded by an ancient eldritch horror spread across the entirety of Hyrule -- After memorizing and putting into practice all relevant entries on the evil overlord list.
THAT'S security.
Let me guess, you get the $250,000 in pennies? Or maybe you get it, only to die an hour later?
SJW: Someone who has run out of real oppression, and has to fake it.
That botnet is run by a rogue newspaper called News of The World, and the ring leader is one James Murdoch. Where do I collect my reward?
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Not every problem can be solved by throwing money at it, as Murdoch has learned.
Does Micro$oft have any other resources that could be applied to the problem?
... now back to the bit mines.
If I had a spare $250k laying around I'd pay to see that.
With that sort of priority, it shouldn't be any surprise that you do not have a 'spare $250K laying around', in the first place.
a $250,000 reward for new information that results in the identification, arrest and criminal conviction of such individual(s)
I don't suppose "MS, your security sucks" would qualify as new information, although that's "who's" ultimately responsible for the success of this botnet. Oh well.
Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
Focus blame on bot herders, no need to fix software problems.
Join the Slashcott! Feb 10 thru Feb 17!
And what would you prefer? The iOS way of locking everything down? Linux sure as hell lets users reduce their own security. I can easily run everything as root, under any distro I've ever used. OSX does the same. Any operating system that lets its users actually, you know, use it, will absolutely have to allow this. The easier this is to do, the better for most customers. And this will never change. Now, if its in an administrated environment the admin can set up Linux so that the user can't compromise the system, but you can do that in Windows too. You simply cannot create a security model in the practical world that doesn't allow the primary user to lower his own security. Unless, of course, you don't let the user modify the OS or install what he wants. Which is why Apple locks down the iPhone so heavily. Or rather, tries to.
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
You get levels though. 99% secure or 99.99999% secure is a huge difference.
Why OpalCalc is the best Windows calc
You know what would successfully kill off all these botnets ? If MS held a "piracy amnesty day" where everyone could bring in their PC to a team of volunteer geeks and have them install a legit and fully patched version of Windows in place of the virus ridden downloaded hacked version they have. 1 day, good PR and all they need to do is eat the virtual cost of the pirated versions.
If all else fails, immortality can always be assured by spectacular error.
Wouldn't those keys possibly repeat?
Or, that he/she is aware of...
Yes, but there are conservative configurations and best practices that avoid most of the problems. And Microsoft ignored these things for years. Even today, they think that inbound blocking on client systems not on a trusted domain is enough. You can go anywhere that there are windows clients (airports are great candidates), and you'll see all kinds of friggin' netbios broadcasts from machines that KNOW they are on an untrusted network. WHY?
Did you miss the earlier article on how Apple got iOS rooted in a single day? Or maybe the KDELook malware that went around a couple of years back? How about hot to write a Linux virus in 5 easy steps?
Protip: ALL OSes can and WILL be pwned simply because they are extremely complex interacting systems and nobody, not even Torvalds and the heads of Apple and MSFT engineering can tell you EXACTLY what every possible interaction with each subsystem will output simply because our computers do more than ever before with multicores, GPUs made up of dozens to hundreds of stream processors, and tons of third party code running on top of it all.
As someone who fixes infected PCs 6 days a week and just got done cleaning out another security tool variant let me give you this observation from experience on where most of the malware gets into the PC...PEBKAC.The big attack vectors i'm seeing day after day, in no particular order, is: 1.- The "you want teh hot lesbos? you need to run our Iz_not_Viruz_iz_codec.exe to play teh vidz!" 2.- The "ZOMG you got teh viruz! To fix run our Iz_not_Viruz_iz_cleanerz.exe to get rid of it ZOMG!" 3.-The "Use the new Limewire (Iz_not_Viruz_iz_Limewirez) to download teh latest Titney_Spearz.mp3.exe tunez today!" and 4.-"Hey my BFF sent me a funny cat video! It says I should run Iz_not_Viruz_iz_LOLCatz to see teh kittiez!"
As you will notice with ALL of the above you simply don't have to bother with an exploit for ANY of those, as the user IS the exploit and is the weakest link. The last major "WTF?" that MSFT had, the "Hey lets run everybody as admin!" officially died with Vista and since 7 doesn't bug the crap out of folks with "Cancel/allow?" boxes every three seconds UAC has been left on and along with low rights mode in IE and Chromium based is doing a good job, as we saw by the numbers released the other week where there are only 4 per 1000 7 machines infected VS 14 for XP.
But as long as you have people willing to ignore or even turn off their AV (as I had the other week with a customer and the "Iz_Not_Bug_Iz_Limewire") because a malware writer waved a cookie in front of them then frankly I don't see what else can be done besides what MSFT is already doing with the free MSRT and MSE. And as we have seen with first MacDefender and now MacGuard (which doesn't even need the password anymore) on OSX and the nasty Android trojan apps it doesn't matter whether you are on an alternative OS or not, all that matters is whether or not the bad guys want in bad enough to do the work and whether you have any users who'll run "Iz_Not_Bug_Iz" style apps. sadly I've found that WAAAY too many are more than happy to do just that. Will this bounty crap work? Who knows, I think the money would be better served paying researchers to tear the botnet's guts apart and trace their way back, but they say there is no honor among thieves.
And I apologize about the length, I just find it incredibly ridiculous that anyone still believe ANY company, be it Apple, Google, or MSFT, can wave a magic wand and make PEBKAC disappear. There have been attempts at education (MSFT puts out plenty warning about email attachments and other major attack vectors) there have been attempts to lock the user away from anything bad (Apple) and using Linux to stop malware (Google with Android) and ALL HAVE FAILED. All you can do is cut down the risks as best you can and be ready to clean up the mess when Forest Gump ignores you to "see teh tittiez!"
ACs don't waste your time replying, your posts are never seen by me.