Microsofts "Honeymonkey" Project 320
g0bshiTe writes "Ever hear the saying, 'given enough time a room full of monkeys could type out Shakespeare'? Well Microsoft seems to be taking this saying to heart, and taking a cue from the Honeynet project, they have created what they have dubbed 'honeymonkeys.' Security Focus has an article which describes this honeymonkey network, which is little more than a network of virtual Windows XP boxes in various patch states. These boxes are setup to crawl the seedier side of the web in search of vulnerabilities not bieng reported, and are being actively exploited in an attempt to further secure their product. Sounds like a decent idea from the Redmond crew to me."
Warning: This Operation Has Side Effects (Score:5, Interesting)
Good idea (Score:5, Interesting)
Re:Did the sun rise from the West? (Score:3, Interesting)
And as such, it is certainly worth the praise.
No its not, from a company that has a 50 billion dollar warchest and can afford to hire the best and brightest, you should expect only good ideas.
Exploits on real vs. virtual XP boxen (Score:3, Interesting)
The point is that to the extent that the virtual XP box fails to emulate ALL the features of real hardware, there will be some room for doubt. Despite this misgiving, I commend Microsoft for tackling this problem.
They are Building Security Rep (Score:1, Interesting)
1. Set up weak boxes
2. Send them to questionable sites.
3. Watch them get infected.
4. Figure out how they got infected.
5. Report how they got infected.
Then
A. Do nothing, there's "no budget" to fix the problems. (very likely)
B. Modify the code -just- enough to get rid of the worst offenders. (least likely)
C. Charge the end-user a subscription to "protect" them from threats found in their research with another enterprise software package. (my choice as most likely)
In the end Microsoft says, "We've committed billions to increased security in pronhorn. It's more usable and real secure and "just works." Apply more anti-competitive practices liberally and maintain monopoly.
What bugs me the most is it will sound like it's true and kill Linux adoption. But the security patches will just keep coming.
Seedier Side of Web... (Score:1, Interesting)
It would be interesting to run the same test, but equipping half of the machines with an alternative browser.
"if ($body_maintext[$n] =~
$seedy_side_of_web=1;
}
"
Maybe a lot of thought (Score:2, Interesting)
Re:Innovation from Redmond? (Score:3, Interesting)