[WEB SECURITY] honeymonkeys, client honeypots
Jeremiah Grossman
jeremiah at whitehatsec.com
Thu May 19 13:21:52 EDT 2005
On Thursday, May 19, 2005, at 09:27 AM, Jay D. Dyson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, 19 May 2005, Jeremiah Grossman wrote:
>
>> Microsoft looks to "monkeys" to find Web threats
>> http://www.securityfocus.com/news/11178?ref=rss
>>
>> This seems like an interesting idea. Who know's what these boxes
>> might find in the wild.
>
> What I will watch most closely is whether Microsoft uses its findings
> to more proactively issue security updates, or whether they'll simply
> use this surveillance data to shut down unruly web sites. If the
> former, I'm all for it. If the latter, then it's a lost cause.
>
> Nobody's ever overcome a plague of locusts with a bunch of guys
> running around with flyswatters.
>
> - -Jay
Also, is it safe to assume that the MS honeymonkey's will only be
traversing the web using Internet Explorer? Firefox has had its fair
share of vulnerabilities recently and it would be nice if someone was
doing the same for this browser.
---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/
More information about the websecurity
mailing list