Microsoft Offers $250,000 Reward For Botnet Info

Orome1 writes "Microsoft decided to extend their efforts to establish the identity of those responsible for controlling the Rustock botnet by issuing a $250,000 reward for new information that results in the identification, arrest and criminal conviction of such individual(s). 'While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions.' Residents of any country are eligible for the reward pursuant to the laws of that country."

Re:I wonder if the $250,000 reward

[RazzleFrog]

The only secure operating system is one not connected to any network, locked in a closet with no user interface.

Re:He's somewhere on earth.

[Forty+Two+Tenfold]

In some bank.

Re:I wonder if the $250,000 reward

[geminidomino]

Pfft. You call that secure?

You want secure, you need to fill all USB/PS2/VGA/HDMI ports with epoxy, encase the individual HDD platters in concrete, and hide each one in a separate underground ruin guarded by an ancient eldritch horror spread across the entirety of Hyrule -- After memorizing and putting into practice all relevant entries on the evil overlord list.

THAT'S security.

Re:nice try

[Ruke]

On the other hand, a lot of problems can be solved by throwing money at them. If I "knew a guy" who ran a botnet, you can bet that I'd sell his ass to Microsoft for five years' salary.

Re:I wonder if the $250,000 reward

[SCHecklerX]

Yes, but there are conservative configurations and best practices that avoid most of the problems. And Microsoft ignored these things for years. Even today, they think that inbound blocking on client systems not on a trusted domain is enough. You can go anywhere that there are windows clients (airports are great candidates), and you'll see all kinds of friggin' netbios broadcasts from machines that KNOW they are on an untrusted network. WHY?