Microsoft wins court approval to take over sites run by Chinese crime gang Microsoft has revealed its Digital Crimes Unit (DCU) won court approval to take control of websites a Chinese gang was using to attack targets across the world – often by exploiting vulnerabilities in Microsoft products. A post attributed to Microsoft's corporate veep for customer security & trust, Tom Burt, states the US …
Google isn't any better. We got DOSed by a Google IP address a couple of years back.
Their abuse address gives an automated reply, "we receive so many messages at this address that they are automatically deleted and never read." Phoning them just gives an automatic message to go and read the relevant part of their website - I never did find the part of their website that dealt with them being responsible for a DOS attack...
Systems are designed and built to have features on the Internet, once they become popular and profitable then the manufacturers consider upgrading them by adding security features. Once these new features are added and distributed, they are tested to demonstrate that they work - "testing" is always performed to show that things work, never that they fail.
Technically I agree with you, but one must admit that the Internet is a very peculiar environment as far as software is concerned.
Before the Internet, the only way to attack a machine was to physically sit in front of it. In those days, a programmer was only concerned with making sure the product functioned as intended. Security was baked in because of the limitations of physical access.
Networks showed up, and suddenly computers had to be secured from unwarranted access, but that happened at the OS level, not at the program level.
Today, practically all computers are connected to the greatest network that has ever been implemented. The drawback is that now, programmers must not only ensure their product works, but also that it is protected from attacks that can happen any time, in any way. The minds that can concieve the attacks are intelligent, and more numerous than the minds that concieve the defenses. There is a basic inequality there.
Yes, buggy software is a nuisance that really should not exist, but that concerns functionality. Security is an ongoing concern because the miscreants have time to try things no programmer could protect against before the fact.
The minds that can conceive the attacks are intelligent, and more numerous than the minds that conceive the defenses. There is a basic inequality there.
Those who seek to destroy and plunder have entropy on their side. It's easier to steal than it is to make the things that get stolen. It easier to burn a building than to build one.
Black Hats are clever, not intelligent.
The Internet provided a new attack vector but buggy software precedes it as the many Windows versions show.
A non buggy OS is a pipedream. The closest we've gotten was probably in the big iron days last century.
Microsoft, Google, Apple, Linux, it doesn't matter, all are too complex to fully test and bugs (and attack vectors) get through.
What surprises me is the need for a court order.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
