Slashdot Mirror


Microsoft Readying Massive Real Time Threat Intelligence Feed

chicksdaddy wrote in with a link to a story about a Microsoft project that will share security information in real time with customers and law enforcement. The article reads "Microsoft has proven that it can take down huge, global botnets like Kelihos, Rustock and Waldec. Now the company is ready to start making the data it acquires in those busts available to governments, law enforcement and customers as a real time threat intelligence feed. Representatives from the Redmond, Washington software maker told an audience at the International Conference on Cyber Security (ICCS) here that it was testing a new service to distribute threat data from captured botnets and other sources to partners, including foreign governments, Computer Emergency Response Teams (CERTs) and private corporations."

2 of 89 comments (clear)

  1. This was suggested on Slashdot by DCTech · · Score: -1, Troll

    Wasn't the usual talk on Slashdot always how government should go after those botnet owners? Yes it was, even suggesting that they should just bomb their location, no questions asked. Seems like a good thing then. I hope Microsoft expands it to all other internet crimes, like stalking, copyright infringement and counterfeit goods!

  2. MS certainly aren't "villains" for this, lol... ak by Anonymous Coward · · Score: -1, Troll

    "Microsoft is no 'hero' in this story. A large percentage of the bots on the bot net are unknowingly infected users." - by Sp4rkyJ0n3z (2550184) on Wednesday January 11, @05:08PM (#38668302)

    QUESTION - is the "pro-*NIX" OEM's doing anything better? If so, please, inform us... thanks!

    Also?

    Hey - That could be useful to ISP/BSP's in informing a user they're "TYPHOID MARY"!!!

    (Simply because YES, you're right on that account - a LOT of users either don't KNOW, & toss that system because they think the hardware's old & shot (I & a pal who is a security guard where wealthy doctors & interns live have found @ LEAST a dozen very good systems there because of that... gratis - they were literally by the dumpster, we took them, cleaned them up, & either sold the parts, or kept the rigs (he did))).

    Anyhow, it could be useful to ISP/BSP, ala the following type scenario:

    "Sir/Maam, this is a courtesy call from to inform you that we have detected infectious malware coming from your system, & we wish to help you clean it, FREE OF CHARGE (lol, hopefully) before "bricking" your modem, we wished to inform you & yours, 1st" etc./et al

    * Perhaps NOT exactly worded that way, or done by phone or email etc. but... point's there!

    ---

    "And the number one used, and most widely regarded as an unsecure operating system?" - by Sp4rkyJ0n3z (2550184) on Wednesday January 11, @05:08PM (#38668302)

    ANDROID's showing the SAME for Linux for Pete's sake... for DECADES now, Linux has "hidden" behind the lie/FUD that "Linux=Secure"... well, guess what? Malware makers/hacker-crackers?? They JUST like pickpockets - pickpockets do NOT target "crowds of 1". They go where CROWDS OF USERS THAT ARE NOT SAAVY ARE, to get "easy meat" victims... in fact/again?

    ANDROID's a Linux variant, & despite all the /. FUD spread here for YEARS? It's being TORN UP on the security front in the mobile phone world, because the hacker/cracker/malware makers KNOW most folks using them are NOT "geeks/techs" & will be easy to abuse/enslave/steal from.

    This is common-sense, to criminals @ least, lol, so "channel your 'inner-criminal'" because to COMBAT them? You have to think like them first, & have equal OR BETTER tech know-how (especially nowadays, they aren't "script kiddies" as much anymore, ala STUXNET or DUQU are "prime examples thereof").

    ---

    "I'm sure MS has no problem taking down large bot nets" - by Sp4rkyJ0n3z (2550184) on Wednesday January 11, @05:08PM (#38668302)

    Absolutely NOT - they also have legal muscle & money to get around "international boundries" PLUS excellent people working for they... no questions asked (witness Dr. Mark Russinovich OR Anders Hejlsberg & Chuck Andrzewski).

    ---

    " probably using thier own known security holes to gain access and secure against unknowing, infected users." - by Sp4rkyJ0n3z (2550184) on Wednesday January 11, @05:08PM (#38668302)

    Come ON - that'd be the DUMBEST thing to do! There are a LOT of very, Very, VERY SHARP techies out there now, @ least one would have spotted this by now!

    In fact, & perhaps I ought NOT to say this, because this is only 1 I heard of years ago on NT 4.x? NT-based OS were "pinging" remote servers located in CALFORNIA, that had MS in their registrations... so, perhaps MS was "tracking" who had NT or not, but I remember THAT going on (was worst I ever heard from they on that account, but then again - folks only LICENSE the OS to use, by paying for it, but that doesn't possibly preclude MS tracking via pings because that doesn't breach any privacy, & only shows IP addresses (@ least cursorily)).

    ---

    "What's stopping them from monopolizing on this? Time." - by Sp4rkyJ0n3z (2550184) on Wednesday January 11,