Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Vista Zero-Day Exploit For Sale

kdawson posted more than 7 years ago | from the crack-bazaar dept.

Security 233

Snakepit Bit writes "Underground hackers are hawking a zero-day exploit for Windows Vista at $50,000 a pop, according to computer security researchers at Trend Micro. The Windows Vista exploit, which has not been independently verified, was just one of many zero-days available for sale at an auction-style marketplace infiltrated by the anti-virus vendor. Prices for exploits for unpatched code execution flaws are in the $20,000 to $30,000 range. Bots and Trojan downloaders that typically hijack Windows machines for use in botnets were being sold for about $5,000." From the article: "According to [Trend Micro CTO Raimund] Genes, the typical price of a destructive exploit has increased dramatically, driving an underground market that could exceed the value of the legitimate security software business. 'I think the malware industry is making more money than the anti-malware industry,' Genes said."

cancel ×

233 comments

Republican (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#17271314)

Ah, don't you just love corparate america.

I Bid (0)

Anonymous Coward | more than 7 years ago | (#17271316)

2Bits

Re:I Bid (0)

Anonymous Coward | more than 7 years ago | (#17271876)

you watching tbs too?

Re:I Bid (1)

jpardey (569633) | more than 7 years ago | (#17272094)

I had only bid a deciban [wikipedia.org] . You win.

There's a patch available (1, Funny)

Anonymous Coward | more than 7 years ago | (#17271322)

Windows XP.

Re:There's a patch available (0, Flamebait)

BSAtHome (455370) | more than 7 years ago | (#17271386)

There is also an off-button. You can disconnect from the internet. You can install OSX, *BSD, GNU/Linux,... Plenty of alternatives.

Re:There's a patch available (1)

DittoBox (978894) | more than 7 years ago | (#17271612)

You, uh got the joke wrong. It's like this [ubuntu.org] .

Re:There's a patch available (1, Insightful)

edwardpickman (965122) | more than 7 years ago | (#17271912)

I like mine better Win 2000. I've never had a Win 2000 machine zombied but my XP machines are all the time. I finally got tired of fighting with security and just keep them off line. I log on with my win 2000 and my Mac. I have to run spyware software every time I log off on the Win 2000 machine but the Mac is always fine.

Re:There's a patch available (2, Insightful)

alphax45 (675119) | more than 7 years ago | (#17271994)

where are you going on the net with your XP machine? It should not get attacked THAT much, especially if fully patched with a good A/V. I run spybot and ad-aware once a month, they never find anything but tracking cookies. Now on my dads machine I run it when ever I am home and it will find lots more, but he just clicks yes to almost everything.

Re:There's a patch available (0)

Anonymous Coward | more than 7 years ago | (#17272482)

Yeah, exactly.
XP is basically 2000 with a skin, and sub-pixel rendering.
I run an nLite'd XP from behind a shitty £20 router, and running Firefox, I have never been "'sploited" or had any spy/ad/mal/crapware on my machine, and I have a group of early-teen children who use the machine too.

There really is no reason to migrate to Vista though, if this is the case. The UI in Vista is actually worse than XP's.

Ah... (5, Funny)

JoshJ (1009085) | more than 7 years ago | (#17271324)

'I think the malware industry is making more money than the anti-malware industry,' Genes said.
Thank you, Captain Obvious.
*salute*

Re:Ah... (1, Funny)

Anonymous Coward | more than 7 years ago | (#17271342)

Next, he'll inform us that the dark side is stronger...

Re:Ah... (3, Insightful)

Swimport (1034164) | more than 7 years ago | (#17271366)

I dont think its that obvious. There are a lot of people out there that pay for security software. Not to mention the large corporations that spend millions on it. Not even mentioning the tech support jobs created to combat spam and hackers.

Re:Ah... (2, Insightful)

pilkul (667659) | more than 7 years ago | (#17271690)

Indeed, I'd say the claim is obviously false.

Re:Ah... (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17272100)

Agreed. And not only is not not obvious, I don't know how it could be. The malware industry doesn't exactly report their numbers, keep offices, or publish a trade rag.

Re:Ah... (1)

ultranova (717540) | more than 7 years ago | (#17272296)

'I think the malware industry is making more money than the anti-malware industry,' Genes said.
Thank you, Captain Obvious.

What isn't quite so obvious is which side should be considered more malicious here: the malware industry, which looks for security holes to profit the Russian mafia and other zombie network controllers but may also end up compromising Vista's DRM - by, say, find an arbitrary code execution hole from Media Player - or the security industry which will inevitably end up defending the integrity of Vista's DRM as well.

Oh well. I'm just thankful that if the whole civilized world is going to be put into chains, they are made by Microsoft.

Auctions (4, Interesting)

bucketoftruth (583696) | more than 7 years ago | (#17271336)

Where are these online auctions for this information? Or does that information come with the same spam I get hawking "3 million email addresses for $1000!" I'd love to know what software they use to host such a site. I expect it's probably more secure than the pentagon's systems.

Re:Auctions (1, Informative)

Anonymous Coward | more than 7 years ago | (#17271526)

search http://astalavista.box.sk/ [astalavista.box.sk]

Re:Auctions (5, Funny)

ZPWeeks (990417) | more than 7 years ago | (#17271640)

No, it IS the Pentagon's system!

closed systems (3, Interesting)

drDugan (219551) | more than 7 years ago | (#17271344)

this seems a natural result of closed-source software companies

I think it is a good thing: it goes to show that having closed systems puts information access at a premium instead of service and real, tangible results for your customers. Open source systems don't have this problem (they have others, 'bot' not this one).

Re:closed systems (5, Insightful)

badriram (699489) | more than 7 years ago | (#17271462)

please, this has nothing to do with closed systems and open systems. This has more to do with people wanting compromised machines to do their bidding, be it spam, ddos attacks, get personal info etc. These people obviously make a lot of money, so obviously they are willing to pony up thousands of dollars for a flaw that might give them access to hack millions of computers. If Linux/bsd/osx were at 90% market share, I am sure these &#@%$! will still be selling/buying vulnerabilities at these prices. (unless ofcourse it is harder to hack them, then prices would higher)

Re:closed systems (1, Insightful)

camcorder (759720) | more than 7 years ago | (#17271622)

Would it be better for spammer to compromise limited time open desktop computer with small bandwidth or some high-end server which is available full time w/ generous bandwidth? If latter is more feasible for spammers or ddos attacker, linux servers has more usage than windows servers. so your assumption is totally wrong.

Re:closed systems (4, Insightful)

indigoid (3724) | more than 7 years ago | (#17271744)

No, you're wrong, actually. They are much better off pwning eleventy billion little computers, because they are way harder (or impossible?) to effectively blacklist, filter and otherwise protect from.

A big server with lots of bandwidth will stand out like a honeymooner's dick (thanks Billy Birmingham) and be rapidly blacklisted. See: RBL, ORBS, etc

Re:closed systems (3, Insightful)

badriram (699489) | more than 7 years ago | (#17271772)

Ill bite.

1. Linux servers do not have a higher marketshare than windows servers, check your facts.
2. Servers be linux or windows, typically have people that are more computer literate, hence are alrady better protected, monitored, and locked away.
3. millions of unmonitored desktops, with careless users, with broadband connections will always be a better target.

Re:closed systems (0)

Anonymous Coward | more than 7 years ago | (#17272070)

1. Linux servers do not have a higher marketshare than windows servers, check your facts.
So well how do you explain, Vista with almost 0% market share?

Re:closed systems (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17272206)

>
> Linux servers do not have a higher marketshare
> than windows servers, check your facts.
>

This is very uncertain.

Depending on studies, they might only count the money made on sells, the number of sells, the money made on support contracts, the number of such contracts... sometimes, they only include GNU/Linux and other UNIX-like distributions/OSes specifically oriented to servers, sometimes they only count GNU/Linux distributions (excluding other UNIX-like, notably xBSD). Sometimes, they only count sells of contracts for hardware+OS, or the amount of money made on these. Sometimes, they only use statistics, which are sometimes highly biases. Sometimes, these statistics are based only on numbers from x companies (which most often benefits to Windows, as GNU/Linux and other UNIX-like OSes installations, even for servers, are far more diversified).

In most cases, they do not try to evaluate the real number of servers. And as GNU/Linux and xBSD (notably) are far more easily distributable, being mostly free (yeah, there are versions dedicated to servers, which are not, but except support -which some companies sure are attached to-, and some customization, they do not add much...), the final number is not representative of the number of GNU/Linux and other UNIX-like servers.

If you count only the money made on sales of GNU/Linux server-oriented distributions, then, yes, Windows servers most probably have more "market share". However, you are not counting other UNIX-like distribution (though different, sometimes to a large extend, they share many similarities, and most often, numerous pieces of software), you are not counting most firewalls/routers, you are not counting most Web servers (well, those who are not known to run IIS, that is like 75% of Web servers), you are not counting most semi-amateur, geeky-amateur, and geeky-admin servers of all kind, on professionnal connections, etc., that is, your number only matters to Microsoft PR/marketing dudes.

Re:closed systems (1)

jpardey (569633) | more than 7 years ago | (#17272250)

I highly doubt that first one. Have you seen that ad on slashdot where microsoft mentions linux explicitly? You never mention your competition unless you are losing. It might be easier to locate and clean up large servers spamming, but they could still be useful for hosting phishing sites or holding porn or distributing spyware. It's also funny that you should say that server operators are more computer literate, because I don't see many FTP home server users giving away account passwords, which was done by a band's website, the band was mentioned here a while back. Files could be added and deleted, and someone could have upladed a spyware program and called it player.exe or something. I emailed the admin, and he said they were replacing it.

Vista Market Share? Re: closed systems (1)

twitter (104583) | more than 7 years ago | (#17272364)

If Linux/bsd/osx were at 90% market share, I am sure these &#@%$! will still be selling/buying vulnerabilities at these prices.

So why is anyone buying Vista exploits? To answer that question you have to admit either that M$ does not fix problems for months and years or that the "popularity" argument is bogus. People traffic Windoze exploits because they work today and keep working tomorrow. Non free is a broken development model.

No (0)

Anonymous Coward | more than 7 years ago | (#17271502)

If the sheer amount of resources focused on infiltrating default Windows systems was focused on Linux, you'd be putting out 100 advisories a week for the next two years till you caught up.
http://www.exterminatewhitehats.com/ [exterminatewhitehats.com]

Re:closed systems (1)

JaredOfEuropa (526365) | more than 7 years ago | (#17271628)

You mean, with open source systems people can have the zero day exploits for free? Yay...

But jokes aside, you can bet that once housewives and average Joes start running Linux, it will be worthwhile to develop such exploits, and you will start seeing them.

Re:closed systems (0)

Anonymous Coward | more than 7 years ago | (#17271896)

you can bet that once housewives and average Joes start running Linux
Hahahaha!

Price increasing (1)

Threni (635302) | more than 7 years ago | (#17271346)

So it's getting harder? Or is that just wishful thinking?

Re:Price increasing (1)

thoughtcriminal87 (685816) | more than 7 years ago | (#17271400)

More probable that demand is going up.

Re:Price increasing (2, Funny)

Anonymous Coward | more than 7 years ago | (#17271600)

So it's getting harder? Or is that just wishful thinking?

Not just harder, but longer and thicker, according to the zombie e-mail I receive.

Re:Price increasing - Publicity stunt (1)

louarnkoz (805588) | more than 7 years ago | (#17271962)

This looks very much like a publicity stunt, not "sane malware economics". Suppose that you actually know of a bug in Vista and of the corresponding exploit. Do you think that "just now" is the right time to go to market?

Think again. Vista has not yet been put on the market. Right now, it is available to bulk purchases by enterprises, but there is no indication that these enterprises are engaging in massive upgrades. It is also available for download by MSDN subscribers. All in all, there are probably a million or 2 copies out there, most of which are used in secure settings.

PC will start shipping with Vista January 30, 2007. The industry ships maybe 200 millions PC per year. Assume 50% of them will shipwith Vista, that's 8 millions Vista shipment per month. These will be your classic "malware target" PC, complete with clueless users and broadband connections. So, by the end of February, the target market for the supposed "0-day exploit" will be at least 4 times larger than it is now.

So, why sell a Vista exploit now? The probable result will be to tip Microsoft, and get them to release some patch before January 30. The net result in term of infected PC would be near zero. If you are a malware peddler, why would you form $50,000 for a dud?

I think this 'exploit" smells very much of a publicity stunt.

-- Louarnkoz

Re:Price increasing - Publicity stunt (1)

SEMW (967629) | more than 7 years ago | (#17272192)

A publicity stunt by whom exactly? It would have to be someone who gains from FUD about Vista & Microsoft, which rather limits the field. It's hardly Apple's style, and I can't exactly imagine it's a group of philanthropic open source advocates who are trying to get everyone to switch to Linux.

Re:Price increasing - Publicity stunt (1)

Macthorpe (960048) | more than 7 years ago | (#17272272)

The answer was in the article.

According to [Trend Micro CTO Raimund] Genes

Anti-virus software makers, concerned at the visage that MS has put up of a more secure Vista, trying to ensure sales of anti-virus products on new boxes.

Simple as that.

l33t hax0r (5, Funny)

pchan- (118053) | more than 7 years ago | (#17271354)

the typical price of a destructive exploit has increased dramatically, driving an underground market that could exceed the value of the legitimate security software business. 'I think the malware industry is making more money than the anti-malware industry,' Genes said."

Sounds like I need to switch jobs. Finally, a job where discovering Windows bugs will pay off instead of just generating more work for me.

Re:l33t hax0r (4, Interesting)

AltGrendel (175092) | more than 7 years ago | (#17271432)

Finding the bug is one thing. Being able to write a program that will successfully exploit it on a consistent basis is another.

Please define "zero-day" (2)

Schraegstrichpunkt (931443) | more than 7 years ago | (#17271368)

Could the Slashdot editors please define the term "zero-day exploit"? I was under the---apparently mistaken---impression that it meant an exploit that was released on or before the day that a given piece of software was released.

Re:Please define "zero-day" (3, Informative)

Omnifarious (11933) | more than 7 years ago | (#17271396)

No, it's an exploit released before there's a patch that fixes the hole the exploit exploits.

zero-day warez are cracked (i.e. DRM removed) versions of programs available on the same day or before the commercial versions are released.

Re:Please define "zero-day" (1)

wframe9109 (899486) | more than 7 years ago | (#17271430)

I guess I'm out of the loop. I always thought 0-day access implied access to materials the day they were released.

Re:Please define "zero-day" (1)

Schraegstrichpunkt (931443) | more than 7 years ago | (#17271948)

So then how is it different from an exploit for an "unpatched" vulnerability?

Methinks it's a recently-made-up scare word.

Re:Please define "zero-day" (1)

thouth (815259) | more than 7 years ago | (#17272044)

0day isn't a some recent made up word, it's a very useful one to distinguish between whether the bug that the exploit is leveraging is publicly known or not. It is used alot by anyone in the security industry on both sides of the trench.

Re:Please define "zero-day" (5, Informative)

Anonymous Coward | more than 7 years ago | (#17272114)

The media idiots and security vendors bastardized this term. 0-day originally meant an vulnerability unknown to the vendor hence there is no patch or work-around for it.

Then security vendors tried to use it to mean any vulnerability without a patch, known or unknown because then they could rightly claim that their software mitigated a 0-day vulnerability, which really meant thier software could mitigate a known vulnerability. That's where the media idiots jumped in because 0-day sound cool and scary.

There is no point in trying to correct them. That ship has sailed. Just like "hacker" now means criminal when the original definition was a badge of honor.

Now that the vulnerability is known, it is just an unpatched vulnerability.

Re:Please define "zero-day" (1)

Vo0k (760020) | more than 7 years ago | (#17272128)

Zero-day warez - yep, you're right.
Zero-day exploits - exploit to unpatched vulnerablity.

DDR RAM isn't a dance training device either.

Re:Please define "zero-day" (0)

Anonymous Coward | more than 7 years ago | (#17271408)

It means that an exploit has been found in the wild before the security companies know about it. The term "zero day" is also used to refer to warez that are available before the actual product is available on store shelves.

Re:Please define "zero-day" (1)

wframe9109 (899486) | more than 7 years ago | (#17271412)

"Underground hackers are hawking a zero-day exploit for Windows Vista at $50,000 a pop" = "Undeground hackers are hawking an exploit for Windows Vista at $50,000 a pop on the day the exploit is released." The value of the exploit diminishes with age, no?

Re:Please define "zero-day" (3, Informative)

bigtomrodney (993427) | more than 7 years ago | (#17271414)

No a Zero-Day exploit is one which is capable of exploiting on or before the vulnerability is discovered/made public. So the author was possibly the only one with knowledge of the vulnerability. Wiki Article [wikipedia.org] Of course the usual amount of misunderstanding of the terminology has diluted the meaning somewhat.

Re:Please define "zero-day" (0)

Anonymous Coward | more than 7 years ago | (#17271438)

I believe it means "is so dangerus that it needs to be fixed within zero days"

Re:Please define "zero-day" (2, Insightful)

gustolove (1029402) | more than 7 years ago | (#17271522)

the day after patch-tuesday for windows

What do Linux virii cost? (4, Funny)

k1e0x (1040314) | more than 7 years ago | (#17271394)

Or are they open source..? ;)

Virii is not a word (0)

Anonymous Coward | more than 7 years ago | (#17271950)

http://en.wikipedia.org/wiki/Plural_of_virus [wikipedia.org]

Can we add this to the /. FAQs?

Re:Virii is not a word (1)

k1e0x (1040314) | more than 7 years ago | (#17272432)

Even if you did I would still use it. I like the word and I'm not afraid of grammar police.

Open source does not equal free beer (1)

nietsch (112711) | more than 7 years ago | (#17272118)

It is perfectly within the terms of the GPL to sell open source software. It is just easier to give it away for free and charge for services/work you do for paying customers.

ATTN: Crackers (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#17271404)

Pease do the right thing. Hold off on the Zero-Day exploits. Get together and build up knowledge of breaking Vista. Don't abuse the flaws. Just wait. Wait until Vista gets a large market share. Then you can 0wn it. Make Microsoft and Microsoft customers suffer greatly.

Isn't that far more rewarding than making a quick buck?

The Crackers Respond (0)

Anonymous Coward | more than 7 years ago | (#17271614)

Speaking as a cracker, I'm more interested in the quick buck. I'm not out to make Microsoft or its users suffer, except for suffering that gets me the quick buck.

As an exploit developer, holding off on zero-day exploits means there's a pretty good chance that someone else will find the same flaw and sell the same exploit ahead of me. That's no way to make money.

Re:The Crackers Respond (0)

Anonymous Coward | more than 7 years ago | (#17272368)

as a liar, you lick dingleberry juice

Economy (3, Funny)

rowama (907743) | more than 7 years ago | (#17271482)

This is just another example of how M$ is good for the economy. All you anti-capitalist, libertarian nerds can sit down and shup up, now.

Kidding, of course.

Re:Economy (5, Insightful)

EnsilZah (575600) | more than 7 years ago | (#17271590)

I was under the impression that libertarians were the embodiment of capitalism.

Re:Economy (1)

rowama (907743) | more than 7 years ago | (#17271720)

> I was under the impression that libertarians were the embodiment of capitalism.

Another reason for anti-capitalist, libertarian nerds to sit down and shut up. They are obviously confused.

Kidding again, of course.

Re:Economy (2, Insightful)

glas_gow (961896) | more than 7 years ago | (#17271774)

I was under the impression that libertarians were the embodiment of capitalism.

That's neo-liberalism you're confusing with old fashioned liberalism. With neo-liberalism the emphasis is on freedom of the market, based on an article of faith that the market is some magical entity that'll solve all admisitrative problems. With old fashioned liberalism the freedom of one person is balanced against the freedom of another, the consequence of which is a system of legislation to protect those freedoms.

Re:Economy (0)

Anonymous Coward | more than 7 years ago | (#17271842)

He said libertarian. Not Liberalism.

Re:Economy (0)

Anonymous Coward | more than 7 years ago | (#17271958)

I call BS. I'm definitely libertarian, and that includes neolib to some degree, but no libertarian I know has ever claimed that the market will solve all problems.

It just *tends* to solve problems better than centralized rule-by-command, because it has incentives to improve. For the short term, a dictatorship (including Socialism, democracy (mass dictatorship), or whatever) *might* be better, even though in most cases dictatorships tend to bring much more harm, of course.

Re:Economy (1)

muonman (162064) | more than 7 years ago | (#17271780)

A 'true' libertarian (of which there are none) believes that
limitation on stockholder liability, which constitutes the key
component of capitalism, is an unnecessary and improper intrusion
by the government into the societal infrastructure.

Re:Economy (1)

westlake (615356) | more than 7 years ago | (#17271934)

I was under the impression that libertarians were the embodiment of capitalism.

a capitalist system demands respect for tangible and intangible property.

almost everything is ultimately reduced to pieces of papers. mere tokens. an entry in a ledger. a bill of lading.

abstraction demands literacy. competence in math.

a capitalist system demands a mechanism for the enforcement of contracts.

a capitalist system needs reliable weights and measures.

standard time. stable currencies. defenses against highwaymen, thieves and counterfeiters.

the list goes on and on and on.

a capitalist system needs a government.

Re:Economy (1)

John Hasler (414242) | more than 7 years ago | (#17272456)

You confound "libertarian" and "anarchist".

Re:Economy (0)

Anonymous Coward | more than 7 years ago | (#17272158)

Right, but what we have today in the US is hardly capitalism (it's more like half-socialist / half-corporatist), so remember not to judge capitalism by what you see in the "free" market today. (The foundation and first prerequisite of a capitalist transaction is voluntary association. The more government intervention, i.e. coercion, injected into what would otherwise be a system of voluntary trade, the less you are talking about capitalism.

Credit card numbers? (1, Offtopic)

SubGhandi (231617) | more than 7 years ago | (#17271496)

The auction marketplace is also selling driver's licenses for $150, birth certificates for $150, Social Security cards for $100, and credit card numbers with security code and expiration date for between $7 and $25.
I wonder if any idiots actually used their own credit cards to purchase a stolen credit card number?
What a great way to harvest additional numbers!

Re:Credit card numbers? (0)

Anonymous Coward | more than 7 years ago | (#17271672)

The market standard is egold actually.

Re:Credit card numbers? (1)

DittoBox (978894) | more than 7 years ago | (#17271766)

For those who don't know...

http://en.wikipedia.org/wiki/Egold [wikipedia.org]

From the wiki page: "e-gold is a digital gold currency operated by Gold & Silver Reserve Inc. under e-gold Ltd., and is a system which allows the instant transfer of gold ownership between users. e-gold Ltd. is incorporated in Nevis, Lesser Antilles."

Why doesn't Microsoft buy those out? (0)

Anonymous Coward | more than 7 years ago | (#17271498)

I really don't get it. To me it seems it would be economically wise to buy these out and then fix the bugs.

Re:Why doesn't Microsoft buy those out? (3, Insightful)

mochan_s (536939) | more than 7 years ago | (#17271804)

I really don't get it. To me it seems it would be economically wise to buy these out and then fix the bugs.

Why do?

After a user buys a copy of Vista, Microsoft receives no more money from the user.

It would probably be economically wise to spend time in developing another product.

Re:Why doesn't Microsoft buy those out? (1)

_KiTA_ (241027) | more than 7 years ago | (#17271868)

After a user buys a copy of Vista, Microsoft receives no more money from the user.

It would probably be economically wise to spend time in developing another product.


Not to mention, if you never fix the bugs, the customers just might be willing to pay for your next OS. ... at least for a while.

Re:Why doesn't Microsoft buy those out? (1)

toejam316 (1000986) | more than 7 years ago | (#17271968)

Yes, but in the mean time you'll only be sucking in the first "Wave" of buyers, and a few stragglers every now and then. OEM's will stop as less people buy OEM stuff, and normal users wont buy it because everyone who uses it says its bad and they lost xxxx and xxxx happened to them after. I doubt it'd be feasable. Definately not as feasable as just fixing the bugs, or better yet, make a new windows with the old NT Kernal sandboxed so it has backwards compatibility yet more stability and less bugs. Sounds good to me.

Well, Duh! (2, Informative)

jc42 (318812) | more than 7 years ago | (#17271532)

'I think the malware industry is making more money than the anti-malware industry,' Genes said.

Malware is a profit-making industry. Anti-malware is aimed at eliminating profits, not making them. It doesn't take an economic genius to understand the implications.

How many times have /. readers been reminded that companies exist to generate profit for their owners?

Re:Well, Duh! (1, Interesting)

Anonymous Coward | more than 7 years ago | (#17271796)

Anti-malware is aimed at eliminating profits, not making them.

Umm, no. It's about taking the profits from one group (crackers, fraudsters, etc.) and transferring them to another group (McAfee, Symantec, etc.).

And if you've ever used any Windows anti-virus or anti-malware software, what you'll know to be true is that such programs are often as harmful as those they claim to eradicate. It's almost expected for a computer running Norton's software to run at 25% to 50% of its normal speed. McAfee's software is a royal pain in the ass to remove safely from a system, more so than many worms and trojans. And once your McAfee subscription expires, it'll harass you day in and day out to renew. I've seen people get that sort of subscription renewal harassment dialog more often than they get spam!

The only way to deal with such problems is to not use Windows. Then you're basically immune, for the time being, from the viruses, worms, and other malware. And as such, you don't need to resort to shitty anti-virus software that ends up being majorly problematic. Thankfully we have mature operating systems like Mac OS X, Ubuntu Linux, FreeBSD and Solaris at our disposal.

Re:Well, Duh! (1)

Brandybuck (704397) | more than 7 years ago | (#17272218)

How many times have /. readers been reminded that companies exist to generate profit for their owners?

Thank you Sherlock for telling us that companies exist to make profit. Next thing you know you'll be telling us that people work for companies to get a salary.

Here's a big cluestick to knock that tinfoil off your head: there is a world of difference between the goal of generating profit legally and ethically, and the goal of generating profit by any means whatsover.

Duh.

Microsoft (1, Interesting)

Worldestroyer (840359) | more than 7 years ago | (#17271758)

If Microsoft really cared about the security of their customers systems, they'd buy those 0-day exploits and release patchs immediately. But like I said, Microsoft would have to care, and I don't see hell freezing over anytime soon.

Re:Microsoft (1)

I'm Don Giovanni (598558) | more than 7 years ago | (#17272248)

We don't know that the exploits are legit.
Microsoft buying them would be giving in to blackmail.
And, these hackers clearly have zero scruples, so what's to prevent them from selling the exploits to others after Microsoft bought them?
Get real.

Oh come on now... (5, Insightful)

jorghis (1000092) | more than 7 years ago | (#17271788)

You know the people selling this stuff arent exactly the most ethical folks in the world. Do you think that just maybe they are asking for 30k without any really good exploits to give you for that money?

It isnt smart to assume that there are zero day exploits for Vista available just because some reporter says he heard there is someone who wants to anonymously sell you an exploit he promises is really good. Even if these exploits are real (big if) noone said anything about how big of a security hole we are talking about here.

How about if I tell you that I heard someone offered to sell an Linux exploit of an unknown nature for 50 grand? Should we all run around talking about how Linux is insecure now?

This seems like a journalist trying to come up with something good to write about and slashdot forwarding it on as anti-ms fud.

How do these auction sites do business? (1)

nyckidd (213326) | more than 7 years ago | (#17271790)

The article doesn't have much detail about this "auction-style" marketplace, but I have to wonder, how are people transferring $50,000 between two parties in exchange for such goods? "Underground" would really have to be quite underground for this to be going on without much notice, no?

I also wonder if Trend Micro felt obligated to report this "discovery" to any authorities before they contacted eWeek about it...

 

Re:How do these auction sites do business? (0)

Anonymous Coward | more than 7 years ago | (#17272280)

I have to wonder, how are people transferring $50,000 between two parties in exchange for such goods?
Just ask your friendly neighborhood drug dealer.

Yeah, right (5, Interesting)

LaughingCoder (914424) | more than 7 years ago | (#17271862)

... according to computer security researchers at Trend Micro ...
... like Trend Micro doesn't have anything to gain by people thinking there are Vista exploits. Seriously, Norton, McAfee and Trend Micro are all worried that their golden goose may be cooked if Vista is significantly more secure than XP. And I loved the use of the cloak-and-dagger word "infiltrated" to strike further fear into people. This seems to me little more than a sad attempt to remain relevant by an anti-virus vendor.

Re:Yeah, right (1)

bobcat7677 (561727) | more than 7 years ago | (#17272174)

Nah, they aren't really scared of being uselss. It's just a marketing battle. Microsoft started it by creating an OS that makes the user "feel" more secure and then making all sorts of forward looking statements about how it's "the most secure OS ever". (my analysis of Vista so far has yielded little in the way of concrete security improvments, but lots of little gadget things that appear to be intended only to make the average user "feel secure".) Given the impressive bloat, mid-stream changes, and overall changes, you know there has to be a whole new playground of exploits waiting to be found. Assuming the AV companies can figure out how to protect a target this big, they will keep the people buying far into the night as long as they can offset micrsoft's brainwashing attempts. And even then, the first time Joe Average starts noticing his computer "isn't running right", he will probably get the idea that this thing isn't as secure as they let on and start shopping for AV software again. Allthough, after spending that much on the OS, maybe they will have had enough and just chuck it out the window and get a Mac.

Patch (1, Redundant)

larry2k (592744) | more than 7 years ago | (#17271910)

There is a couple of patches for this: Mac OS X and Linux

Re:Patch (0)

Anonymous Coward | more than 7 years ago | (#17272014)

There ARE a couple of patches for this: Mac OS X and Linux

All grammar aside, why is this modded down? Since when did Slashdot suddenly become Pro-Microsoft and Anti-Linux? The trends on this site are very funny to watch over the years. In the same way that suddenly there are crazy Intel fan-boys who just bash AMD now. I wonder what the next trend will be....

Re:Patch (1)

ElBeano (570883) | more than 7 years ago | (#17272138)

It has to do with the population of mods online right now. There is a clear pattern in the modding of the responses to this news item. Partisanship... it seems. I think Mac OsX and Linux will shine brighter over the next few years, as compared to Vista.

Exploit auction site? (0, Funny)

Anonymous Coward | more than 7 years ago | (#17271952)

"His code pwned Windows even better than he said it would! A++++++!!!!!!!11!!"

Hi, welcome to... (3, Funny)

thrill12 (711899) | more than 7 years ago | (#17271988)

0-day-bay, your place for new gadgetries in the world of ScRiPtKidDieS GoNE CoMmErCIal !
Today, we have on offer a few jolly nice samples of the finest goods, what do you think of:
* Evil worm 2 - Dr.Evil himself would promote this one, if he were a real person, but alas: this Evil worm 2 does not come with frickin' lasers on its head. Made in China, this worm can eat away the fumbly firewalls of most present day Windows machines !
All that, at a price of just $30.000 !

* Glasnost x-ploit - Oh my, in the Western world we make the x-ploit, but in Russia - where this lovely piece of software was born - they x-ploit you ! Just like in the old days of Gorbatchov, this Glasnost worm certainly opens ... backdoors ! ha ha !
For just the measle amount of $15.000, you could have your very own Glasnost'ed Windows botnet in no time !

Last but not least, we wouldn't want to forget our bestseller, our hitman, our top product in the fine world of Windows Redecorating Software : Yoghurt Trojan !
Not the milk-product, but you could say it's milky white cream covers most Windows PC's pretty well ! It has no aftertaste like some worms, and definitely likes to morph into different appearances ! It can definitely lighten the spirits of whoever is at the controls and includes a lovely "MAD"-button in case some law enforcement officer decides to peak into your operation : no more evidence, because no more Trojaned PC's survive the Mutually Assured Deletion of this king of kings !
All that, for just $50.000, it's a bargain !

lol (1)

CDPatten (907182) | more than 7 years ago | (#17272006)

my favorite part was

"an auction-style marketplace infiltrated by the anti-virus vendor"
.

LOL. I'm certainly no hack and found where they were being sold.

Its funny how companies try and make themselves more relevant than they really are....

The solution is obvious. (0)

Anonymous Coward | more than 7 years ago | (#17272082)

Never allocate memory on the stack. Ever.

This is actually very surprising (1)

RootWind (993172) | more than 7 years ago | (#17272102)

Looks like someone is in need of really fast cash. If they wanted to maximize their profits they would not reveal their exploits until Vista is on a much larger amount of computers. Otherwise it will only have the chance to affect very few machines before being patched. That is unless they are selling the exploits with err... "full rights" to the highest bidder in that they would not tell anyone else, and the "winner" can sit on the exploit as long as they want before using it for nefarious purposes.

Malware (0)

StormReaver (59959) | more than 7 years ago | (#17272152)

"I think the malware industry is making more money than the anti-malware industry...."

1) If you consider Microsoft Windows to be malware (I do), then this is self-evident.

2) Even if you don't consider Windows to be malware, just wait until Vista. Microsoft is pushing anti-malware companies into bankruptcy by embedding its own anti-malware sofware (which is only marginally worse than the non-Microsoft counterparts). There may soon be no non-Microsoft anti-malware companies remaining, at which time the only money to be made in that sector is by the criminals. Since the difference between Microsoft's terrible anti-malware attempts and the currently terrible non-Microsoft anti-malware abortions will be negligible, nobody will buy the non-Microsoft stuff anymore. The criminals will have the industry cornered.

Where's the Popularity Argument Now? (3, Insightful)

twitter (104583) | more than 7 years ago | (#17272198)

Oh, ho ho. All the apologists are quick to argue that, "The only reason the bad guys target Windoze is because it's popular." What bullshit that is.

Vista has what market share now? Less than Mac or Linux I'm sure and everyone knows that it's going to stay that way for years. Yet there's already a market for exploits. What this should tell you is that the value of an exploit it's ability to work, regardless of market share. The bad guys know that M$ security sucks and that the holes they buy today will be good for months if not years to come. No one bothers with GNU/Linux exploits because the GNU/Linux market is fragmented and quick healing. Linux exploits don't take down every distribution but just about every distribution is quick to fix problems. GNU/Linux exploits, relative to Windoze, don't work or last long.

Re:Where's the Popularity Argument Now? (-1, Troll)

Anonymous Coward | more than 7 years ago | (#17272366)

twitter, please read this carefully. Following this advice will make Slashdot a better place for everyone, including yourself.

  • As a representative of the Linux community, participate in mailing list and newsgroup discussions in a professional manner. Refrain from name-calling and use of vulgar language. Consider yourself a member of a virtual corporation with Mr. Torvalds as your Chief Executive Officer. Your words will either enhance or degrade the image the reader has of the Linux community.
  • Avoid hyperbole and unsubstantiated claims at all costs. It's unprofessional and will result in unproductive discussions.
  • A thoughtful, well-reasoned response to a posting will not only provide insight for your readers, but will also increase their respect for your knowledge and abilities.
  • Always remember that if you insult or are disrespectful to someone, their negative experience may be shared with many others. If you do offend someone, please try to make amends.
  • Focus on what Linux has to offer. There is no need to bash the competition. Linux is a good, solid product that stands on its own.
  • Respect the use of other operating systems. While Linux is a wonderful platform, it does not meet everyone's needs.
  • Refer to another product by its proper name. There's nothing to be gained by attempting to ridicule a company or its products by using "creative spelling". If we expect respect for Linux, we must respect other products.
  • Give credit where credit is due. Linux is just the kernel. Without the efforts of people involved with the GNU project , MIT, Berkeley and others too numerous to mention, the Linux kernel would not be very useful to most people.
  • Don't insist that Linux is the only answer for a particular application. Just as the Linux community cherishes the freedom that Linux provides them, Linux only solutions would deprive others of their freedom.
  • There will be cases where Linux is not the answer. Be the first to recognize this and offer another solution.

From http://www.ibiblio.org/pub/linux/docs/HOWTO/Advoca cy [ibiblio.org]

Re:Where's the Popularity Argument Now? (0)

Anonymous Coward | more than 7 years ago | (#17272414)

You are a complete idiot, aren't you?

Vista has no marketshare because it's NOT OUT YET. But! It will be popular because it's a Microsoft OS, and they made all the other Windows machines, and that's what everybody else uses, so companies won't see a reason to bother changing that trend. Nobody wants to change the way they work, but they do want to "keep up with the Jones's" so they'll all upgrade to the latest version to be safer and more secure no matter how much of that is image and how much is real.

Maybe you should shut off the half of your brain that runs your Linux fanboyism and actually take a look at facts, graphs, statistics, trends. Then again, from what I've seen of your posts, you'll post some more anti-MS bullshit and pretend it proves a point. It doesn't.

Get a grip.

Is it illegal to sell a zero-day exploit? (1)

5plicer (886415) | more than 7 years ago | (#17272330)

Hypothetically, let's say you've discovered a vulnerability in a major vendor's software. You reported the vulnerability to them almost a year ago, and they assure you that they're still working on a fix. Would it be illegal in Canada or the US to sell code which shows how to exploit the vulnerability (say on eBay)? How about just going public with it (giving it away... say on Slashdot)?

We Need Vista To Ship & Stay #1... (1)

BoRegardless (721219) | more than 7 years ago | (#17272496)

So I can safely do all my work easier in Mac OSX 10.5 ;-?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...