Since nobody has pointed it out yet it has been said by various people, at least one of them in print, (including Spafford, I think) that these challenges are unlikely to attract the real experts, who can charge large consulting fees. It simply makes no sense for these people to give their services for no charge by attacking such machines. Suppose a criminal uses the testing period to find a really devsating bug. Do you think they tell the people running the machine about it or do they instead use it for extortion, theft or other evil purposes later? Further some of the most devasting exploits really require a test machine you have root, or equivilent access, to find the information needed and develop the code. Until windows 2000 is released such machines seem unlikely to be avialable. (The lack of development machines does not apply to Linux PPC of course). I would add that if any such machine is broken into then it is an ideal place for attacking the rest of the internet. Having said that it might make the machines more resistant against the script kiddies, which is a good thing. -- Duncan (-: "software industry, the: unique industry where selling substandard goods is legal and you can charge extra for fixing the problems."
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:55:16 PDT