Linked by Thom Holwerda on Wed 10th Aug 2005 18:51 UTC, submitted by Not_Today
Privacy, Security, Encryption Microsoft unveiled details of its Strider HoneyMonkey research, a project that sniffs out sites hosting malicious code, and hands the information to other parts of the company for patching or legal action. The technical report (pdf) outlines the concept of cruising the Web with multiple automated Windows XP clients - some unpatched, some partially patched, some patched completely - to hunt for Web sites that exploit browser vulnerabilities.
Thread beginning with comment 16821
To read all comments associated with this story, please click here.
Good idea
by chris_dk on Thu 11th Aug 2005 07:19 UTC
Member since:

This is a very good idea, whether you Linux zealots like it or not.

Linux distros should do the same.

Reply Score: 1

RE: Good idea
by raver31 on Thu 11th Aug 2005 08:42 in reply to "Good idea"
raver31 Member since:

are you retarded or what ?

Reply Parent Score: -1

RE: Good idea
by markjensen on Thu 11th Aug 2005 13:50 in reply to "Good idea"
markjensen Member since:

Despite your attempt to generate an emotional response by the confrontational tone of your first sentence, your post does ask a valid question.

However, what makes you think that coders aren't looking for bugs/exploits? The same method that Microsoft is using isn't practical for a Linux system, as these types of web/browser exploits aren't really there. The biggest problem would be the typical buffer overrun types of coding errors that allow code execution, or rootkits. These things are best worked on by looking at the code (no one outside of Microsoft's programmers can work with Microsoft's code) and finding errors the old-fashioned way. And, being 100% open, the source can be looked at the various hobbyists around the globe.

This is one example where "doing the same" as Microsoft would be pointless and less efficient than regular debugging. And, this method seems to be working, as it is being shown that the defects are being reduced, even as the code base grows.

Reply Parent Score: 1