Microsofts "Honeymonkey" Project 320
g0bshiTe writes "Ever hear the saying, 'given enough time a room full of monkeys could type out Shakespeare'? Well Microsoft seems to be taking this saying to heart, and taking a cue from the Honeynet project, they have created what they have dubbed 'honeymonkeys.' Security Focus has an article which describes this honeymonkey network, which is little more than a network of virtual Windows XP boxes in various patch states. These boxes are setup to crawl the seedier side of the web in search of vulnerabilities not bieng reported, and are being actively exploited in an attempt to further secure their product. Sounds like a decent idea from the Redmond crew to me."
This group also did "ghostbuster" (Score:5, Informative)
This is part of the general Strider Project [microsoft.com] in Microsoft Research. They do very good work.
Honeymonkey Blacklist (Score:4, Informative)
Re: It has to be said (Score:2, Informative)
[2] According to the description, the network is set up to crawl websites looking for vulnerabilities. If one of the websites infects the crawler, then they will have found a vulnerability. So it could help. In fact, they could also watch for non-browser related exploits, which are commonly used by worms. So in both cases, it very well could help Microsoft detect unreported vulnerabilities.
[3] All they need to do is use IE. If their system gets infected, that's enough to raise an alarm. They don't need matching video cards to see if IE has a buffer overflow in its image rendering module. And they are trying to secure their OS -- that's the point of this research! Discover holes, and fix them. A more apt analogy would be letting people try to break into your car, and then installing countermeasures against whatever techniques succeded.
Sure, it's not the perfect solution (as if one exists), but it's a good idea.
Comment removed (Score:3, Informative)
You have a choice to make young Skywalker (Score:3, Informative)
You can go down the path of the Script Kiddie, Fandom, Techno-Fandom, Programmer, Uber-User or Hacker.
Script Kiddie pretty much excludes being any good at the other paths, but the other paths do not necessarily exclude each other.
Script Kiddie: A worthless waste of skin who considers themselves to be "better" in one way or another because they can download and run the utilities the found listed in their copy of "Hacking Exposed" and type in an obscure dialect of L33t 5p33k.
Fandom: A Sci-Fi or fantasy fan. A Geek path that does not require computer skills, but doesn't preclude them either. Star * Geeks, Buffy fans and even some furries fall into this category, but don't let the unsavory stereotype associated with the above groups turn you off. The vast majority of Sci-Fi fans are perfectly normal people.
Techno-Fandom: The Sci-Fi fans who run the Sci-Fi conventions. There's a LOT of overlap with the theater industry in this group. It also has a lot of people who dislike Sci-Fi but participate to hang out with their friends and meet hot chicks at the Dresden Dolls concerts.
Programmer: Linus Torvalds,Woz, Bill Gates in the early years, Mad Dog and the like are among the icons in this category.
Hacker: Black Hat, White Hat or Grey Hat, this is the group Script Kiddies are pretending to be part of. Cult of the Dead Cow is good example. Most of this group's literature is read by the Script Kiddies, who then pretend to understand it, sometimes even fooling themselves.
Uber-User: Many Techs fall into this category. They know far more about computers than a Script Kiddie ever will, can administer most servers and environments reliably and tend to be on the ball. In their knowledge, they're beyond the "Just Enough to be Dangerous" level, but not quite Programmers or Hackers. They're a separate category because many people send their lives here, never quite becoming Programmers. The difference is often Grey and fuzzy, with people changing their classification easily if you shift platforms on them. For example, many Windows Hackers are reduced to Uber-Users when switching to *nix and vise versa.