[Dshield] Msft Research
hakon at alstadheim.priv.no
Tue Aug 23 10:36:31 GMT 2005
Bo Nordgren wrote:
>>Just have the janitor at every MS national office world-wide subscribe
>>to a normal consumer-broadband-service. Use remote-control or scripts to
>>direct the virtual machines on the HoneyMonkeys. MS could be blanketing
>>the world with incognito machines.
>Well, I think that would actualy be in breach with the acceptable use policy
>of most ISP's not to mention local laws governing internet activity of that
How could that be? They'd just be surfing to some web-adresses like
anybody could do. The only difference would be that the web-browser
would be remote-controlled from Redmond. The routine would be:
1) Start clean image in virtual machine.
2) Surf to web-address as given by script.
3) Shutdown virtual image and do a diff, mailing any suspect changes
4) Repeat from 1.
If this should turn out to be a problem with an normal user account, I'm
sure redmond could negotiate a deal. Then of course there would be more
people in the know, but I'm sure most of the machines would be allowed
to remain "in disguise" vis-a-vis the targeted web-servers. Even if some
of the HoneyMonkesy got revealed, that would not invalidate the results
from the rest.
Håkon Alstadheim +47 74 82 60 27
More information about the list