[WEB SECURITY] honeymonkeys, client honeypots

Jeremiah Grossman jeremiah at whitehatsec.com
Thu May 19 13:21:52 EDT 2005


On Thursday, May 19, 2005, at 09:27  AM, Jay D. Dyson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, 19 May 2005, Jeremiah Grossman wrote:
>
>> Microsoft looks to "monkeys" to find Web threats 
>> http://www.securityfocus.com/news/11178?ref=rss
>>
>> This seems like an interesting idea. Who know's what these boxes 
>> might find in the wild.
>
> 	What I will watch most closely is whether Microsoft uses its findings 
> to more proactively issue security updates, or whether they'll simply 
> use this surveillance data to shut down unruly web sites.  If the 
> former, I'm all for it.  If the latter, then it's a lost cause.
>
> 	Nobody's ever overcome a plague of locusts with a bunch of guys 
> running around with flyswatters.
>
> - -Jay

Also, is it safe to assume that the MS honeymonkey's will only be 
traversing the web using Internet Explorer? Firefox has had its fair 
share of vulnerabilities recently and it would be nice if someone was 
doing the same for this browser.




---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list