Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Offers A Bounty On Virus Writers

timothy posted more than 10 years ago | from the must-bring-left-ears dept.

Security 719

Iphtashu Fitz writes "According to news.com Microsoft will announce a bounty of $250,000 on Wednesday for information on who wrote two recent Windows viruses. The bounty is offered for information that leads to the arrest of the people who released the MSBlast worm and the SoBig virus. Microsoft will officially announce the reward in a joint press conference with the FBI and U.S. Secret Service Wednesday morning. This is the first time a company has offered money for information about the identity of the cybercriminals. Could this be the start of a new trend in going after the writers of viruses & worms?"

cancel ×

719 comments

I heard they needed skilled people (5, Funny)

svvampy (576225) | more than 10 years ago | (#7394917)

But this is ridiculous!

Re:I heard they needed skilled people (5, Insightful)

studpuppy (624228) | more than 10 years ago | (#7395041)

So.. like, is the 250K a signing bonus? Or do they get it in stock options? Of course, the real question is... is it cheaper for MS to pay 250K to jail each person that writes a virus exploiting on of their security holes than it is to pay the developers to avoid creating them in the first place?

But he or she probably works for MS (1)

essreenim (647659) | more than 10 years ago | (#7395063)

Whats the easiest way yo learn about an OS/APP and so compromise it??? By working for the company in question of course - access to the source code!! I think it would be very funny if this turned out to be true. In any case, the person may have used to work for M$ or knew someone that leaked the source. Another issue This kind of behaviour (if it takes off) could change thew landscape dramatically. Let me put it this way.There are allot of people that could crack if they wanted too, but have a moral concern. With these bounties, they can use their guile to ensnare crackers. Honeypots could be used. I t may well be that the kinds of people that track down the creators of MS blast etc. are people that hack microsoft themselves!!, obviously they won't tell them that. We may start to see hackers infiltrating other hacker communities to betray them... It's all quite scary!

Re:I heard they needed skilled people (2, Funny)

smchris (464899) | more than 10 years ago | (#7395085)


I think that is why I find it strangely appealing. Envision the typical biker dude bounty hunter storming some high school kid's room. Does C*O*P*S do the occasional bounty hunter episode: "Bad Nerd, Bad Nerd, whacha gonna do?"

But only if Gates presents the check personally.

Bill Gates (1)

Glock27 (446276) | more than 10 years ago | (#7394918)

Well I find him...Untouchable!

Didn't... (1)

Locky (608008) | more than 10 years ago | (#7394920)

Didn't The Borg try to turn the Enterprise crew against one another?

Re:Didn't... (2, Insightful)

Dot.Com.CEO (624226) | more than 10 years ago | (#7394955)

Beg your pardon there, mate, but I don't think virus writers are "the crew" in slashdot. While you may feel some misguided sympathy toward the scum who wilfully destroy computers because said computers run an OS you don't like, it doesn't mean they are what makes slashdot well, slashdot. Then again, most people in here who think of people who write open source software as "one of us" have never writen one line of code, so I guess your comment is fair.

Re:Didn't... (1)

Locky (608008) | more than 10 years ago | (#7395004)

Who would have thought you'd take it so literally. Obviously this isn't going to hurt the real criminals, If people find out they can make it rich by turning in people writing 'viruses', rest assured no real virus writers will be caught.

Not always so catchable... (4, Insightful)

the uNF cola (657200) | more than 10 years ago | (#7394925)

It's not that hard to deploy a virus and not get caught. There are so many open access points and people who forget to log off of an email account after leaving.. how would you track it?

Re:Not always so catchable... (0)

zyridium (676524) | more than 10 years ago | (#7394929)

With that sort of inside knowledge I should report you!

Re:Not always so catchable... (3, Interesting)

Anonymous Coward | more than 10 years ago | (#7394946)

Temptation of $250k might make friends turn on friends - no tracking necessary.

I wonder if the writers could turn themselves in and still get the reward :)

Quite (1)

turgid (580780) | more than 10 years ago | (#7394978)

And why should they care whether the real perpetrator is caught and punished as long as someone is and held up as an example to others. Knowing the way lawyers, politicians, tabloid newspapers and other tyrants work, mud sticks.

Re:Quite (2, Insightful)

the uNF cola (657200) | more than 10 years ago | (#7395032)

Even if they do that, they don't scare the people who just a little sneakier than most. And scare tactics doesn't always work. Look at Kazaa. 400+ examples made, and it's still strong.

Oddly enough, disobedience is not an easy thing to squash. :)

Re:Not always so catchable... (3, Insightful)

wizrd_nml (661928) | more than 10 years ago | (#7395054)

1) Not getting caught is easy assuming whoever wrote the virus expected such a wide response and therefore took precautions to guard his identity. If he didn't and started bragging to all his friends, who then told their friends...

2) I wonder if Microsoft are expecting this move to deter people from writing viruses. Maybe someone thought: that virus cost us a lot more than 1/4 million, let's spend that money and set an example even if the guy doesn't get caught.

3) This is going to spark a new underground industry: write a virus secretly, then turn around and tell microsoft you have info about it (of course in an imaginative enough way not to get caught but still get the bounty).

Re:Not always so catchable... (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7395074)

It's official - Novell has confirmed it: KDE is dying.

Yet another crippling bombshell hit the beleaguered KDE community when, recently, Novell bought the only Linux distribution to support KDE fully. Coming on the heels of the discovery that the hated SCO own a large part of TrollTech (controllers of the KDE project), this news reinforces what we've known all along: The KDE project is a squalid house of cards. The triple licensed Qt toolkit is a legal quagmire, and a minefield for commercial software developers, and now KDE's final commercial SuSE supporter is dropping it. The end is certain.

You don't need to be a Kreskin to predict KDE's future. The hand-writing is on the wall: KDE faces a bleak future. Things are looking very bad for KDE -- already Novell is training up its developers to work on GTK/GNOME and GNOME applications... not KDE. The only future for KDE is a few noisy and unpleasant zealots huddled around the dying embers of their codebase. They desperately try to convince themselves that it's not the end, that their dreams for world domination are still possible -- while occasionally howling in misery and frustration at more successful projects. A situation all too familar to those aquainted with the last days of the BSD projects.

FACT: KDE is dying.

Hrmm (0)

Anonymous Coward | more than 10 years ago | (#7394927)

If only I could find a way to plant evidence on Darl's home computer...

I want them alive! (1)

WormholeFiend (674934) | more than 10 years ago | (#7394931)

No disintegration! /darth

Okay... (0)

Anonymous Coward | more than 10 years ago | (#7394932)

I did it, now give me the cash plz!

Counter offer (1)

AbbeyRoad (198852) | more than 10 years ago | (#7394933)

I offer $250'000 for the name of the person that
came up with the idea of the bounty.

--

"Why not instead invest in training your developers
to write secure code?" - anonymous

Today $250k for turning in Windows virus writers (4, Funny)

goldcd (587052) | more than 10 years ago | (#7394934)

Tomorrow: $500k reward for writers of Linux or Apple viruses

Re:Today $250k for turning in Windows virus writer (1)

apoch2001 (701484) | more than 10 years ago | (#7395006)

I assume you mean the promotion of a Linux/Apple virus writing community. :)

It's an underexploited market (1, Funny)

goldcd (587052) | more than 10 years ago | (#7395039)

shamefully neglected by Apple's Switch Campaign.

Re:Today $250k for turning in Windows virus writer (1)

MSZ (26307) | more than 10 years ago | (#7395058)

In that case will one be not only able to claim bounty for *self but also get an employment offer?

Soon the sources for ramen worm will be most sought wares on the net...

Re:Today $250k for turning in Windows virus writer (1)

Zenjive (247697) | more than 10 years ago | (#7395082)

I'll split it with you: I turn you in and you claim your computer was just an infected drone. When the charges are dropped we split the 1/4 mil, k?

I did it! (0)

Anonymous Coward | more than 10 years ago | (#7394935)

It was me!

(Not really.)

Here's the real solution: (0)

Anonymous Coward | more than 10 years ago | (#7394939)

This works against spammers, too:

Assassination Politics [jya.com]

Make it interesting (1)

Jayman2 (150729) | more than 10 years ago | (#7394940)

Well that should up the stakes a bit for virus programmers to have a couple of thousand money-grabbing digital hunters on their heels as well. Better start coding that Bloodhound v 0.0.0.1

Re:Make it interesting (2, Funny)

AKnightCowboy (608632) | more than 10 years ago | (#7394968)

Oh god, this is so cliche so I apologize in advance:

1. Write virus that causes billions of dollars in damage.
2. ??
3. Profit!!!

Microsoft just revealed step 2 as "Turn in your accomplice, get immunity and $250k".

Next on the list: (1)

Hi_2k (567317) | more than 10 years ago | (#7394941)

Next up for microsoft's bountys: A VERY evil man who has cost them so much more than just downtime:


LINUS!

I love Microsoft's Logic! (2, Insightful)

Mastadex (576985) | more than 10 years ago | (#7394945)

If you cant fix the bug, just get rid of the bug writers, so that you dont have fix anything! HA!

Well, there logic is (half) right... (5, Insightful)

WIAKywbfatw (307557) | more than 10 years ago | (#7395013)

Well, ask any doctor and he'll tell you it's better to cure a disease than to treat its symptoms. No virus writers means no viruses, which means no headline news virus alerts and scares.

Of course, the question is how much of the "disease" is the virus writers and how much is Microsoft itself with its sloppy approach to secure computing?

Re:Well, there logic is (half) right... (1)

Threni (635302) | more than 10 years ago | (#7395064)

> Well, ask any doctor and he'll tell you it's better to cure a disease than to
> treat its symptoms

Yeah, but a lot of money is made treating symptoms - hence the huge numbers of people addicted to painkillers, for example, or drugs to help you sleep, rather than identifying the underlying problem.

In the end it makes sense to attempt to solve both problems. Catching criminals should be attempted alongside making OSes more secure.

I'm not sure how easy it'll be to catch these people though. Unless people go bragging about it to their friends, I mean. If you wrote a virus/worm, stuck the end result on a floppy or CD and released it via an internet cafe, formatted the hard disk you used to write it with - assuming you wrote it on a clean disk with no identifying information (because Microsoft probably sticks identifying numbers/codes all over the .exe their tools produce), then there simply is no evidence that you wrote it.

Re:Well, there logic is (half) right... (1)

Twylite (234238) | more than 10 years ago | (#7395083)

On the other hand, curing the disease is what we currently do with virus cleaning software. You can treat the symptom, treat the cause, or prevent the infection. Microsoft is trying the third option.

Prevention is better than cure, certainly -- but there are limited. Darwinian evolution tells us that those organisms that can't survive their environment must adapt or die. Microsoft is attempting to address this problem by controlling the environment. The growing concern about supergerms and the dangers of household antibacterial products demonstrate the problems with this approach.

While controlling the environment is appropriate to some extent, Windows also needs to adapt and 'grow' a better 'immune system'. One way to do this is to have a description (for each piece of software) of the typical behaviour of that software, and prevent and raise an alert when atypical behaviour is detected.

Re:I love Microsoft's Logic! (2, Insightful)

weileong (241069) | more than 10 years ago | (#7395019)

what are the realistic chances of a payout? Beyond finding the person, it's also another question finding enough evidence to put that person away. The realistic odds of MS ever having to pay out the $$, how high is that?

Actually wont' all this do is that, in the future, the virus writing will be done by the "professional" types who are going to be more careful about covering their tracks (launch only from internet cafes, zombiefied machines? with a long enough chain-of-zombies even assessing the traffic logs is going to come up with inconclusive info?) as opposed to newbie-types? will that ramp up the lethality of the virii?

Re:I love Microsoft's Logic! (2, Insightful)

witcomb (636938) | more than 10 years ago | (#7395048)

I think you mean the bug exploiters

Interesting idea (5, Interesting)

Zocalo (252965) | more than 10 years ago | (#7394947)

But if Microsoft are going to take this approach, then what about extending it to spammers? Microsoft must spend a hell of a lot more the that $250,000 on hardware, bandwidth and stafff to deal with all the spam going to hotmail accounts, so it could actually save them money.

Or does Microsoft actually make money from spam? I seem to call they were not exactly a staunch supporter of anti-spam legislation recently.

Re:Interesting idea (0)

zyridium (676524) | more than 10 years ago | (#7394972)

I think the sheer number of spammers makes it an impossible suggestion. At that rate it would eat through MS's cash reserves almost instantly..

The number of worms that have had a big impact is substantially fewer.

wrote or released? (1)

umeboshi (196301) | more than 10 years ago | (#7394948)

please keep your verbs in order.

worms = good (2, Insightful)

alan_d_post (120619) | more than 10 years ago | (#7394949)

The not-very-malicious worms that we've seen exploiting e.g. the NT RPC vuln are good things, IMO. They encourage admins to patch their systems, giving black hats less opportunity to do real damage.

Re:worms = good (4, Insightful)

Pike65 (454932) | more than 10 years ago | (#7395050)

Well you clearly didn't get a temp job on a helpdesk a week before the shit hit the fan.

I did >: (

Besides, in business where the sysadmin wasn't a total retard (read: not where I was) there was no way for the worm to get in. The people who needed to patch their systems were the home users who got shafted for not using firewalls. The same people who use Windows because it's not meant to need much setting up . . .

Here's an idea.. (4, Informative)

greenerx (598149) | more than 10 years ago | (#7394950)

they should invest the 250000 into their security team and fix the vulnerabilities instead of chasing after 13 year olds

Re:Here's an idea.. (2, Insightful)

svvampy (576225) | more than 10 years ago | (#7394986)

Theres only so much money they can throw at a problem.

Brilliant move (5, Interesting)

forged (206127) | more than 10 years ago | (#7395088)

No intention to troll, but I honestly think that this decision is brilliant. Software to which you are only granted a license to use, still belongs to Microsoft at the end of the day. To some degree a virus wrecking havoc amongst computer using their software can be seen like if somebody was vandalizing your property. If that was the case and you wanted to catch them, why not put a bounty on their head ? Seems logical to me, if you can afford someone to do it for you.

Certainly the government has been doing so for a while, considering the various bounties for information leading to the arrest of international criminals and terrorists. Maybe corporation joining the bandwagon to do the same is the next good thing..

And remember, MS has ~ $50BN in case, so it isn't a big deal to them to put the money where their mouth is. In fact, $250K is rather cheap considering how much bad PR they got recently due to the attacks (that must have cost them $BN's in lost revenue from customers switching), so imho they cound't hope for a better use of the same amount if they tried to make up for the negative publicity some other way.

Interesting.. (1, Insightful)

zyridium (676524) | more than 10 years ago | (#7394951)

I mean you would expect the l33t hackers that wrote the worms to tell a few close contacts...

I suppose we just have to ask the question, in the l33t hacker circles, is money or loyalty worth more?

The American way (-1)

Anonymous Coward | more than 10 years ago | (#7394952)

Don't prevent, attack.

Re:The American way (0)

Anonymous Coward | more than 10 years ago | (#7395001)

In American football there is a defense called the "Prevent Defense". It only prevents one thing: the prevent side's winning.

Ads... (-1)

Anonymous Coward | more than 10 years ago | (#7394953)

I know this is offtopic, but there's nowhere else to talk about it...
I don't mind ads on the frontpage, but the new ones are ugly as sin...at least make their position appealing like the banners on the top of the page, these new ones just make you not want to click them in hopes that they are pulled
--WB

..and the state and corporations move another inch (4, Funny)

caitsith01 (606117) | more than 10 years ago | (#7394956)

...closer together.

Later in the same press conference, newly appointed Communications Secretary William Gates III announced that sale of all software in the United States will cease Monday, to be replaced by a Federally subsidised regime of nationally distributed software based on a uniform technology. In response to questions Mr. Gates indicated that the vendor supplying the software had not yet been selected, before laughing maniacally.

The sad thing (0)

Anonymous Coward | more than 10 years ago | (#7395035)

What I find truly sad here is not that you have these ideals, it's that you have traded rational thought for them.

Every post of yours that is in your history is either a knee-jerk anti-capitalist diatribe or an exercise in name-calling.

You have these ideals, but you have no idea why.

That's the sad thing.

Re:The sad thing (1)

caitsith01 (606117) | more than 10 years ago | (#7395081)

The sad thing is a person who criticises and never offers any solid reasoning of their own.

The sad thing is a person too chickenshit to post with an actual identity of some kind.

The sad thing is a person so wrapped up in being a reactionary hero that they can't tell when someone is joking (come on, it's Slashdot so anti-MS/government jokes are de riguer, are they not?).

And yes, I'm a filthy enviro-commie with no real understanding of the real hard issues that hardcore realist realpolitik ninjas like yourself can grasp with one percent of your mighty brain.

ehehe... (1, Funny)

stephenry (648792) | more than 10 years ago | (#7394957)

There seem to be a couple of programs in Windows, I don't know their name, that shut-out competitors applications and routinely tunnel useage information back to it's headquarters. Not only that, but they seem to integrate with the system itself and mysterious de-configure my existing software. Strange.

They definately seem to be illegal, possibly even viruses; maybe I can get some payola from Microsoft for letting them know about them. Oh wait...

ahh (3, Informative)

slobarnuts (666254) | more than 10 years ago | (#7394959)

the miracle of money. If they look like the are trying to make things better, people will like them more. and $250k will work wonders with their publicity. This is marketing 101. Very good tactical manuever. But the question is whether it will actually find those virus writers. I imagine every single person on IRC will turning in their avowed rival. It is like when there is massive rewards for criminals, police get flooded with "tips". But then again it might work. they caught Malvo.

Re:ahh (1)

mantera (685223) | more than 10 years ago | (#7395029)

I imagine every single person on IRC will turning in their avowed rival. LOL.... thanks for the inspiration... i knew one day i was gonna learn something useful out of slashdot.

Is it such a good strategy ? (1)

file-exists-p (681756) | more than 10 years ago | (#7395065)

From a pure PR point of view, I do not know how it look in the US, but I am convinced that for european minds it sounds a bit too tough cow-boy style and corporate justice.

European people have a bad feeling when it comes to money and justice, and they usually have a very bad opinion of the people who sell their friends / neighbours / whatever.

This could be acceptable for child abuse or serious matter ... but for computer virii ?

I know who (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7394962)

made the tools they used to perpetrate the crimes.
Microsoft

Heh (1)

Erwos (553607) | more than 10 years ago | (#7394963)

"This is the first time a company has offered money for information about the identity of the cybercriminals."

Is this really true? It seems kind of unlikely.

-Erwos

Microsoft says: (0)

dicka_j (544356) | more than 10 years ago | (#7394964)

"I am the Law!"

what about bugs? (1)

thehive (698558) | more than 10 years ago | (#7394967)

i'm pretty they will never offer a reward for finding bugs in their software.

Re:what about bugs? (1)

quigonn (80360) | more than 10 years ago | (#7394994)

No, when you want to send a bug report to Microsoft, you actually have to pay so that it's not immediately dumped but actually looked at!

Stuff (1)

BlueLabel (639156) | more than 10 years ago | (#7394969)

This just in! Windows users offer a bounty for Microsoft programmers that write buggy, insecure code that allows computers running Windows to be compromised by various virii! More on news at 11:00!

Yeah! Shoot the messenger! (-1, Troll)

quigonn (80360) | more than 10 years ago | (#7394971)

This is so stupid. Writing worms and viruses is the only way to demonstrate security holes in Microsoft software. Normally, you would have to pay to do bug reports to Microsoft. So, the worms are not the worm writers' faults, but actually Microsoft, totally failing with its security and bug handling policy.

The other approach (0)

Anonymous Coward | more than 10 years ago | (#7394974)

Take the money out of the developers who were responsible for the bug in the first place and there might be some incentive for MS code monkeys to write better code in the first place.

$25,000, hah. billy boy probably drives a more expensive car.

Responsibilities (1)

sonicattack (554038) | more than 10 years ago | (#7394975)

How about a bounty for successfully prosecuting the company behind the software that seems designed to aid viruses in spreading?

How many Outlook / IIS design flaws / bugs are we counting now?

Really?

Desperation (1)

Motherfucking Shit (636021) | more than 10 years ago | (#7394977)

All this demonstrates is that Microsoft (and, perhaps, the FBI) are dumbfounded and need to offer a monetary reward to determine who's the culprit. As far as Microsoft is concerned, that's not really a big deal; even as much as we all may hat them, tracking down worm authors isn't their business. But a joint press conference with the FBI?

Something tells me that:

a) The FBI has jack shit for leads (big surprise) and cajoled Microsoft into making this lovey-dovey announcement "for the consumers' benefit"

b) Both the FBI and Microsoft are embarassed to all holy hell about the fact that no leads have been forthcoming

c) The money is probably coming from taxpayers, not from Microsoft

d) Regardless of where the reward comes from, any success would benefit both Microsoft and the FBI

Just my opinion, of course.

Re:Desperation (0)

Anonymous Coward | more than 10 years ago | (#7394999)

Read the article. All the money is coming from Microsoft.

Re:Desperation (0)

Anonymous Coward | more than 10 years ago | (#7395018)

and MS will get a small taxreduction in reward?

Show me the money (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7394980)

CmdrTaco did it. Now, please send me the money

Cyber Bounty Hunters (1, Insightful)

Anonymous Coward | more than 10 years ago | (#7394981)

So there will be cyber-bounty hunters..even less scrupulous than cyber-invsetigators and all too eager to claim their prizes. It's pretty easy to frame someone in cyberspace. And if you point the finger at some teenager who happens to have been posting on a 'hacker' website, after planting some code on his machine, people would be all to happy to believe you...Before there was no incentive to do this... but 250,000 dollars...

I'M SPARTACUS! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7394982)

(nt)

Well, I AM A GRINGO! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7395084)

So there.

New markets! (2, Interesting)

Mononoke (88668) | more than 10 years ago | (#7394984)

Could this be the start of a new trend in going after the writers of viruses & worms?
Could this be the start of a new trend of making big bucks writing viruses and worms that make the mean old lady next door with the AOL account look guilty?

Microsoft and Government..... (1)

MagusZelse (721495) | more than 10 years ago | (#7394988)

ANYTHING that mixes Microsoft and government is bound to screw up something - After all, can anyone name two entities that have managed to milk people for all their worth and still claim to be in their best intrest?

I'd rather propose. (1)

zzztkf (574953) | more than 10 years ago | (#7394989)

I'd rather propose Microsoft to pay money for users who
download and apply securitypatch. Giving them, let me say,
$5 everytyime would be enough reason for users to
keep PC updated to defend from worm. Furthermore, it
would give Microsoft a reason to improve security quality.

Better software quality means less frequently security fix be
issued. Microsoft would be less damaged, at least financially.

Otherwise, as of now, Microsoft has no reason to improve
their software quality. Just to blame lazy users not applying
security fix.

This is ... (1)

SiliBelgian (720380) | more than 10 years ago | (#7395003)

just another media circus set up by Microsoft to show the people they care about virus infections.
They know they will never have to pay this money, because it' practically impossible to catch virus writers. These are people who take pleasure in knowing they brought down a few millions of Windows PC's around the world. They don't want to share that with anyone, so who'd know?

Hmmm, and I figured MS did it... (1)

3seas (184403) | more than 10 years ago | (#7395005)

... so to help promote SP2/NX which is media wise being used to soften up the consumers to heavier DRM Technology.

MS to intro hardware-linked security for AMD64, Itanium, future CPUs [theregister.co.uk] which failed to mention BSD already using it???

Or does this mean they are looking for a fall guy?

Give me the money (1)

cluge (114877) | more than 10 years ago | (#7395007)

Dear MS,

I am a virus writer and would be happy to sell you my virii. These can be purchased by depositing 250,000 USD in my numbered Austrian bank account. By doing this you will save future embarassement, and you can look through your wonderfully robust windows code and provide patches to it before a similliar virus is seen "in the wild".

I know this may just blow my pay day, but perhaps you could just write secure code in the first place? Just a thought.

cluge

$250,000... Pah! (1)

MosesJones (55544) | more than 10 years ago | (#7395008)


I thought these guys are meant to be terrorists. $250k to give information leading to the arrest of a terrorist ? Not enough, I want $10m which I thought was the standard US terrorist suspect reward.

Its not even a figure Dr Evil would get out of bed for.

50 post (-1)

Anonymous Coward | more than 10 years ago | (#7395009)

50 post so far, no moderation. Good job. everyone with mod points is asleep!

$250,000 won't fix Windows security (1)

bwian (514220) | more than 10 years ago | (#7395010)

The virus writers have demonstrated on a headline-grabbing basis that Windows is inherently insecure. How will arresting the virus writers fix Windows' reputation for (in)security? There are other people out there who are just as capable of writing the next "killer" virus

Re:$250,000 won't fix Windows security (2, Interesting)

Moraelin (679338) | more than 10 years ago | (#7395075)

It won't fix Windows security, that's for sure, and noone claims that it will. On the other hand, I think it's about damn time all those retarded script kids started paying the price. If someone broke into my house, I'd want to see them thrown behind bars. It doesn't matter if my locks were not 100% secure, it doesn't matter if my house door wasn't built to withstand a nuke, and it doesn't matter even if my house wasn't even locked at all. You just have no business breaking into it. Plain and simple. I'd like to see the same idea applied to computers. And if Microsoft wants to offer some money to get the ball rolling, hey, I'm all for it.

cheaper than fixing the infactdead BugWear(tm) (0)

Anonymous Coward | more than 10 years ago | (#7395017)

plus, fuddles'.con will get some mynuts won: patriotic, ?pr? ?firm? payper liesense stock markup FraUD execrable hypenosys, without spending a dime.

s/virus writers/spammers (1)

zonix (592337) | more than 10 years ago | (#7395025)

I'd like to spammers on FBI's ten most wanted list instead of this.

z

Captain Solo (-1)

Anonymous Coward | more than 10 years ago | (#7395030)

Captain Solo had better watch his back. Next thing you know, he'll be in carbon freeze.

Re:Captain Solo (0)

Anonymous Coward | more than 10 years ago | (#7395046)

...and on his way to see Jaba^H^H^H^HBill in a rusty old spacecraft shaped like male genitalia.

Who do we need to catch most? (1)

DaRobin (57103) | more than 10 years ago | (#7395033)

How about a $250k bounty on whoever at MS wrote the code that has so many silly security holes?

Oh come on.... (-1, Redundant)

miketang16 (585602) | more than 10 years ago | (#7395036)

Don't hurt those virus writers, they provide hours of amusement for me. Like when you connect a virgin Windows machine to the internet, and within 10 minutes its shutting down due to a virus. That's gotta be one of the funniest things ever...

holiday bonus usloth style (1)

10am-bedtime (11106) | more than 10 years ago | (#7395038)

hehe, of course we know who wrote the virus: usloth! so which userf is going to get that early bonus this year for turning himself in?

sigh, what wombats.

morons offer bounty on/boycott of corepirate nazis (0)

Anonymous Coward | more than 10 years ago | (#7395042)

just don't give them any more monIE, & eveNTually they'll go away into bad history/hysteria.

be like making faulty baby bottles, & prosecuting/placing a 'bouNTy" on the babies who have/eXPose problems with them.

Nothing particularly diabolical here (2, Interesting)

jerkos (680278) | more than 10 years ago | (#7395044)

I don't really see anything diabolical here. Someone write a virus(s) that cost MS a lot of money and time. They want them to be caught, and so put up a substantially lesser ammount of money as a reward. It boils down one way or another that distributing a virus is a crime, whether it's against windows or not, and whether or not it causes them to fix a vulnerability. If you're really that worried about it i'm sure they wouldn't mind you simply telling them about it instead of costing thousands of completely innocent people hundred of thousands , if not millions, of dollars of non-MS money just to "get a point accross". It's not like I can call up the FBI, turn in some guy I don't like with no evidence whatsover, collect $250,000 and viola, he goes to jail and I get rich. There are rewards posted all the time by government as well as private organizations for info leading to the arrest of criminals. The only new thing about this is that it happens to be cybercrime instead of murder / kidnapping / burglary / etc etc etc... I'm sure i'll get flamed to hell for seeming to support an MS position, so flame on!

If they would offer such a reward... (0)

Anonymous Coward | more than 10 years ago | (#7395056)

for every virus- and wormwriter that caused problems on their virus-runtime-system called Windows, they'll have to file Chapter 11 in no time ;-)

Isn't this like.. (1, Insightful)

wfberg (24378) | more than 10 years ago | (#7395059)

Isn't this like the manufacturers of cars that don't have seatbelts putting a bounty on the heads of drunk drivers who crash into their unsafe cars, say, killing families of four in the process?

Yeah, it's all the DUI guy's fault, no product-liability here! In fact, we're really swell guys, closing the barn door after the horse got out and all..

It's a great PR move for people who don't have a sense of irony, which fortunately includes the majority of Americans, and Alanis Morissette.

PR stunt (4, Interesting)

David Kennedy (128669) | more than 10 years ago | (#7395060)

This is a lovely bit of marketing. It deflects all blame for the viruses onto the writers, and implies that Microsoft have no responsibility here.

Don't get me wrong, I'd cheerfully beat the living daylights out of a virus writer on the basis that I can barely use my email now. Let's have an analogy:

You are a major company with expensive commercial premises. [You are a company who uses IT kit.]

You employ a security firm to look after your building. [You install an OS.]

Your building burns down because there were no doors and some bored teenagers wandered in and torched the place. [You get burned by a virus, and trust me, that costs business money in downtime and/or admins.]

Was the teenager guilty? Yes. Was the security firm negligent? Yes. Does going after the teenager mean the security firm is not negligent? Nope.

I'm rather bemused as to why a major business hasn't sued Microsoft over some of the security scandals this past couple of years. Much as I'd like to see it, I don't think any will really vote with their wallets; migrating desktops for plain ordinary business work (mail, Word, Excel) from Windows is never even discussed, no matter what the servers are.

My solution? XML document formats! Even if it's not XML, something common. Until we have that there'll always be a monoculture on the commercial desktop.

(For what it's worth, I bought Office on my Mac OS box. It's nice. I don't like Windows, but I don't object to Office at all, realising that LaTeX isn't for everyone.)

Money better spent elsewhere like... (1)

SpiritedAway (693048) | more than 10 years ago | (#7395062)

...hiring an army of testers and programmers in some 3rd world country.

$250K Buys a Lot of Mountain Dew (5, Funny)

RobotRunAmok (595286) | more than 10 years ago | (#7395067)

Because we know these virus-writing punks can't resist bragging about their exploits in whatever low-rent Usenet hang-outs they frequent, it should be interesting to see if there is as little honor among them as there is rumored to be among thieves.

Script-Kiddie: "Dude! You turned me in to... to... Microsoft!?! That's cold!"

Former Friend of Script-Kiddie: "Sorry, man, tuition at MIT is a real bitch, yo."

S.K.: "MIT? What choo talking 'bout, MIT? You go to Westchester Community College!"

F.F.o.S.K.: "That was before I got this here letter of recommendation from my new sponsor, William H. Gates III. Hey, whaddya think of these new Birkenstocks? Too gay? I kinda think they set off my eyes pretty well, yo..."

S.K.: "Dooooooood....!" (As two big guys in MS-branded butterfly suits drag him into back of van)

F.F.o.S.K.: "Hey, look me up when you get out, man. By then I should be setting myself up in my own company and will be able to use a guy with your leet skills."

One of my compatriots... (1)

TeknoHog (164938) | more than 10 years ago | (#7395071)

started to write a "viral" software back in 1991 when he was studying CS in Helsinki. It has infected both of my computers. MS Windows won't even boot on them. I know his name and contact info, so do I get the bounty?

Obligatory Comment (-1 redundant) (0)

Anonymous Coward | more than 10 years ago | (#7395073)

"Next thing we know is that they go after the people that publish vulnerabilities, because those people help that people that write viruses/worms"

Well,
1. They already are after the publishers of vulnerabilities.
2. It is a criminal offense to write and release a worm/virus, otherwise the police wouldn't be after them
3. Offering a bounty is in their interest, serves their new policy (security), ...

Infringement (-1)

Anonymous Coward | more than 10 years ago | (#7395090)

Help! Help!

We're being repressed!

Bill Gates (-1)

Anonymous Coward | more than 10 years ago | (#7395091)

Didn't Gates start his career as a hacker crashing mainframes? But I guess that was a lot different.

People need to be better informed (3, Insightful)

linuxci (3530) | more than 10 years ago | (#7395093)

The problem is not many people look further than Microsoft products because they know no better, and the mainstream press doesn't do much to help this. Microsoft throwning money into the pot to catch criminals is unlikely to solve the problem, in the UK there's a lot of schemes that offer rewards for finding criminals, but although they often catch people, it doesn't seem to deter people. I mean we can't tell people in the UK that they can install new Windows and doors in their house and not bother to lock them, and installing an MS OS (and to be fair many Linux distributions) without doing a 'lock down' is just as stupid, but most people don't know how to go about securing their PC.

We know that other products aren't perfect but variety in software does do something to reduce the dramatic effect of these worms.

So the more people we can educate about alternatives to Microsoft products such as Mozilla Firebird, Thunderbird and Seamonkey (the app suite) will help to restore some balance and will hopefully reduce the number of email viruses. Commercial alternatives such as Opera should also be mentioned because although I think the interface is awful, other people like it and choice is good. Many home users just use thier computers for web browsing and simple documents, so Mozilla + OpenOffice would do all they need.

Then on the desktop you have various options as well as Windows, although unfortunately for most people they may be depending on it for certain applications. MacOS X is ok, but would require buying new hardware if you currently have an ix86 PC.

Just wondering (1)

tgt (599351) | more than 10 years ago | (#7395101)

I was wondering, does anybody have any first hand knowledge on whether or not offers like that work at all ? Not necessarily meaning computer field and viruses, but simply law enforcement as such ? Example: there's been a HUGE prize on Bin Laden's head, but has he been caught ? Otherwise it only makes news.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...