Re: [ISN] Microsoft to offer bounty on hackers

From: InfoSec News (isn@private)
Date: Thu Nov 06 2003 - 01:21:28 PST

Next message: InfoSec News: "[ISN] Employers want security certifications"

Previous message: InfoSec News: "[ISN] 'Critical' patch sent out for Office flaw"
Maybe in reply to: InfoSec News: "[ISN] Microsoft to offer bounty on hackers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Times Enemy <times@private>

Greetings.

With a bankroll like Microsoft's, one could be inclined to think they
would have the best PR teams up front.  It is perhaps unfortunate
however, that they do have such good PR people.  $5,000,000 (US) is
less than pocket-lint for a multi-billion dollar corporation such as
Microsoft.  Interestingly however, it may be enough to buy a little
more of the public's naive faith.

I am curious, if a network administrator puts in a few extra hours,
and finds the $250,000 log entries, or such, would that admin's
company have a legal claim to the bounty?  Do you remember reading
anything about bounty appropriations in the piles of paper presented
to you to sign at hire?  Or, perhaps some thirteen year old sappling
will tug at Bill's wallet, making a beautiful text book story to be
read by the Public Relations people of tomorrow.

Either way, God save us if Bill were to ever team up with the likes of
Arizona's Sheriff Joe Arpaio.


ciao
.times enemy


> Forwarded from: William Knowles <wk@private>
>
> http://news.com.com/2100-7355_3-5102110.html
>
> By Robert Lemos
> Staff Writer, CNET News.com
> November 4, 2003
>
> Microsoft will announce on Wednesday that it will offer two $250,000
> bounties for information that leads to the arrest of the people who
> released the MSBlast worm and the SoBig virus, CNET News.com has
> learned.
>
> The two programs attacked computers that run Microsoft's Windows
> operating system, causing havoc among companies and home users in
> August and September. The reward, confirmed by sources in both the
> security industry and in law enforcement, will be announced in a
> joint
>  press conference with the FBI, the U.S. Secret Service and Interpol
> that's scheduled for 10 a.m. EST Wednesday.
>
> The rewards are the first time a company has offered money for
> information about the identity of the cybercriminals.
>
> "It's a new approach," said Chris Wysopal, a security researcher
> from digital security company @stake, who hadn't known about the
> bounties and was skeptical that they would work. "I don't think
> anyone has done
>  this before."
>
> Microsoft declined to comment until Wednesday.

[...]



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Employers want security certifications"
Previous message: InfoSec News: "[ISN] 'Critical' patch sent out for Office flaw"
Maybe in reply to: InfoSec News: "[ISN] Microsoft to offer bounty on hackers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Nov 06 2003 - 04:17:10 PST