(malware) Microsoft announces $250,000 Conficker worm bounty

I guess it's a lot cheaper than fixing the security of your own products... :-)

- why should a desktop have RPC and other ports open by default?
- why design a system where even a 'local administrator' cannot fix something (see http://isc.sans.org/diary.html?storyid=5842 )?
- and most importantly, why oh why does autorun.inf execute even for USB sticks?


Quote: "By combining our expertise with the broader community, we can expand the boundaries of defense to better protect people worldwide," said George Stathakopoulos, general manager of Microsoft's Trustworthy Computing Group.

Translation: we have no clue how to deal with this without admitting we screwed up bigtime, and by co-opting all of you, we can pretend it's not really our fault.

No comments: