Many Hackers Accidentally Send Their Code To Microsoft 220
joshgnosis writes "When hackers crash Windows in the course of developing malware, they'll often accidentally agree to send the virus code straight to Microsoft, according to senior security architect Rocky Heckman. 'It's amazing how much stuff we get.' Heckman also said Microsoft was a common target for people testing their attacks. 'The first thing [script kiddies] do is fire off all these attacks at Microsoft.com. On average we get attacked between 7000 and 9000 times per second.'"
To Be Fair (Score:3, Insightful)
Re:How Does It Encapsulate the Source Code? (Score:2, Insightful)
Re:So then what's with the wait? (Score:5, Insightful)
What makes you think that any of those 7k script kiddie attacks on MS's public-facing web presence actually show with anything the least bit new?
Re:So then what's with the wait? (Score:5, Insightful)
Re:So then what's with the wait? (Score:5, Insightful)
From the summary
On average we get attacked between 7000 and 9000 times per second
If they get attacked that often, it shouldn't take long for them to find and confirm security holes in Windows. Yet they have been noticeably slow in patching some of those holes; why don't they respond quicker?
In what possible way does an attack across the internet at Microsoft.com translate to exposing a flaw in the Windows operating system? That's like saying submitting an angry letter to the editor of your newspaper exposes the fact that one of the side windows on your house doesn't close properly.
Re:How Does It Encapsulate the Source Code? (Score:3, Insightful)
The visual studio thing is actually an interesting question. If, in the process of writing code you crash visual studio, or the whole OS and then send an error report to MS will it contain your source code? To some degree the same applies to any application, if you crash notepad++ and send a crash report to MS it would make sense that it contain well, whatever was being typed in notepad++. if you crash your copy of Mafia 2 does it send the savegame?
It's somewhat outside the scope of the article, but really, all those crash reports you can send to MS have to contain a lot of stuff for them to be useful.
Very confusing article (Score:5, Insightful)
The article is talking about two things: developing virus (and sending crashdump to Microsoft) and attacking Microsoft.com. These are not the same thing.
And a crashdump containing virus does not mean it's the hacker that sent it. It could well be the victim. So while the speaker wants to say something entertaining, I wonder how truthful it actually is.
Re:So now crackers have a new way to attack Micros (Score:2, Insightful)
Wouldn't a corporate policy change that major require a filing with the SEC?
Re:To Be Fair (Score:3, Insightful)
Yes thats a great idea. And I want to improve my marksmanship so I'm going to go shoot up some banks and a few police stations. I'm sure they will understand I'm only trying to improve my skills.
Re:So then what's with the wait? (Score:3, Insightful)
You're incorrect, though the summary is confusing so I see how you could get lost.
The summary is talking about 2 things
1. "Hackers" who are testing malware that crashes systems often unintentionally send the report of the crash and what caused it to Microsoft.
2. Microsoft.com is often attacked via the web, to the tune of 7000-9000 times per second.
These two things are largely unrelated. Go back and re-read TFS.
Re:So then what's with the wait? (Score:3, Insightful)
Re:How Does It Encapsulate the Source Code? (Score:1, Insightful)
That anal-retentive pedantry isn't really relevant at all. If you're debugging the window manager, or anything else the GUI debugger depends on, whether or not it's part of what you want to call the OS, then you can't use the GUI debugger.
A window manager is part of every Windows OS distribution SKU for ages. So if you're debugging a part of a Windows distribution, THEN you can't use a GUI debugger. Happy?