
User Controls
New User
Edit/View My Profile



News Search



News Centers
News Search



ANet Chats
The Lobby
Special Events Room
Developer's Lounge
XBox Chat



Windows 98/98 SE
Windows 2000
Windows Me
Windows "Whistler" XP
Windows CE
Internet Explorer 6
Internet Explorer 5



Registry Tips
Windows 95/98
Windows 2000
Internet Explorer 4
Internet Explorer 5
Windows NT Tips
Program Tips
Easter Eggs



Latest Reviews
Microsoft Windows XP Professional
Norton SystemWorks 2002

Intel Personal Audio Player
Microsoft Wireless IntelliMouse



Site News/Info
About This Site
ANet Forums
Contact Us
Default Home Page
Link To Us
Member Pages
Site Search



©1997/2004, Active Network. All
Rights Reserved.
Layout & Design by
Designer Dream. Content
written by the Active Network team. Please click
here for full terms of
use and restrictions or read our
Privacy Statement.
10:46 EST/15:46 GMT | News Source:
ActiveWin.com |
Posted By: Robert Stein |
Both Microsoft Internet Explorer and Microsoft Windows dominate their respective markets, and it is not surprising that the decision to update to the current release of Internet Explorer 7.0 and/or Windows Vista is fraught with uncertainty. Primary in the minds of IT security professionals is the question of vulnerabilities that may be present in these two groundbreaking products.
To help assuage this uncertainty, iDefense Labs is pleased to announce the Q1, 2007 quarterly challenge. iDefense will pay $8,000 for each submitted vulnerability that allows an attacker to remotely exploit and execute arbitrary code on either of these two products. Only the first submission for a given vulnerability will qualify for the award, and iDefense will award no more than six payments of $8,000. If more than six submissions qualify, the earliest six submissions (based on submission date and time) will receive the award. The iDefense Team at VeriSign will be responsible for making the final determination of whether or not a submission qualifies for the award.
#1 By
23275 (
1/12/2007 11:02:30 AM
Despicable - this not so cleverly masked effort to cheaply fund what will no doubt be an effective ad campaign driving interest/traffic for them opposite such an awful goal.
Paying a bounty like this... - we all know it goes on and I am sure a spirited debate will rage over its merits, or lack thereof; however, no matter how one looks at this, I can only personally conclude that the entire effort and most likely motivations driving it, are despicable.
I swear, some days one feels like they need to take a bath in gasoline to remove the grime that one collects as muck like this passes by. Perhaps a better challenge would be an essay on, "Why we suck so bad and where did our nobility go?" or "Why are so many, so willing to allow themselves to be devolved by so few?"
This post was edited by lketchum on Friday, January 12, 2007 at 11:34.
#2 By
53756 (
1/12/2007 11:08:29 AM
This post was edited by brien86 on Wednesday, January 17, 2007 at 20:28.
#3 By
53756 (
1/12/2007 11:19:43 AM
This post was edited by brien86 on Wednesday, January 17, 2007 at 20:29.
#4 By
23443 (
1/12/2007 11:26:44 AM
Ummm, Microsoft is NOT doing this, it's Verisign.
But either way, it's good to get vulnerabilities exposed so they can be fixed. We can argue all day about who fixes stuff faster, but the quicker the problems are found, the quicker they can be fixed. The problem lies when someone knows about a problem, but doesn't tell the vendor, but rather tries to exploit it.
#5 By
38147 (
1/12/2007 12:00:10 PM
A moral person you may be (though I really don't care). But a decent one you certainly are not. Someday you'll be treated the way you treat others.
This post was edited by ant_eater on Friday, January 12, 2007 at 12:00.
#6 By
8556 (
1/12/2007 12:25:55 PM
brien86: Trollish word-bait needs to be avoided on this site. Perhaps you haven't been utilizing ActiveWin long enough to realize that this site is geared towards what someone other than you would call an "expert".
Kindly post the stinky pants comments on FARK, when and where appropriate. While lketchum is often wordy in his posts, his input is lucid, informed, and often quite valuable.
#7 By
23275 (
1/12/2007 2:05:24 PM
"Are they not rather harming themselves to their own shame....?" was the message within my post.
Brien, I mean, Brian, I think your failing may not be so much in character as it is in English comprehension. Clearly, your posts reflect that you've misunderstood the subject and haven't been able to grasp the meaning, much less the possible implications within the text that it introduces.
As 8r13n one may see that you're not necessarily anti-Microsoft [that of course is not the point here], but that you may be frequently confused about much of what you attempt to read. I offer this, because our industry does need energetic and bright young people who are technically capable, and that you consider adding to your education in the areas of English comprehension and control of your emotions. For a young man, who has been from one coast to the other in a relatively short life, and having come from a good and hard working family that sacrificed to provide you early and sustained access to information and technology, I am sure you will understand that my intentions now are benign - hopeful, even.
You must understand however, that while your work has often been good, nefariousness of any kind is almost always unwelcome. For this reason, and for many decades, men like myself refer hurtful people to a phrase that we posted above our team room door, "Know ye he that enters here, The Decision is Mine." - I prayed each and every day, that hurtful men never learned the full meaning of that phrase. Wording it in a way that you might be able to understand, it might as well have read, "You do not want to play this game."
Please reference, http://www.understandmore.com/ this is offered with every measure of hope I may communicate.
#8 By
13030 (
1/12/2007 2:58:24 PM
Fascinating... not the original story, but the turn the posting thread has taken.
Stay tuned to see how this works out!
#9 By
20 (
1/12/2007 3:02:26 PM
Seeing as how the spammers and phisher rings are willing to pay $15-100K for 0-day exploits (so they can set up botnets), I can't see how this will be successful in the slightest.
Also seeing as how Verisign a.) requires you to give them all sorts of personally identifying information to verify your identity and b.) limits you to like 6 or 8 vulnerabilities max, this is a waste of time.
Unless one of the crackers (note: Hacker is a good word, hackers aren't the bad guys, it's the crackers that are the bad guys) suddenly gets a conscience and decides he's willing to trade $30K for $8K knowing that he did a good deed, no one who isn't just an average IT user who happens to stumble into a vulnerability is going to waste their time with Verisign.
If Verisign offered $20-50K and asked only for an email address and a pay pal or e-gold account, then they might have some takers.
#10 By
32132 (
1/13/2007 2:49:16 PM
Microsoft's response should be simple:
"As of January 1, 2008 the Verisign root certificate in the IE Certificate store will no longer work. Microsoft does not support companies who encourage criminals to hack into Windows computers."
#11 By
23275 (
1/13/2007 3:15:34 PM
#8, Not really - he's just a young man that obviously has some basic trouble comprehending what he reads, and apparent trouble responding appropriately to what he can understand.
It's sad, because his work on he web reflects some real talent and potential - though like many great young minds, he may be too taken in with the darker side of work in our industry.
In my opinion, there is nothing cool, or "leet" about compromising systems and there is a lot of room for such people to perform such work in legitimate ways.
#10, That would hurt a lot of people, but I get your point - a valid one. I truly think Verisign and iDefense's goal is more in the area of marketing than anything else. It's just a crummy way to go about it.
#12 By
53756 (
1/17/2007 8:28:34 PM
"As of January 1, 2008 the Verisign root certificate in the IE Certificate store will no longer work. Microsoft does not support companies who encourage criminals to hack into Windows computers." Wow, obviously i misread this the first time and totally take back every word.
#13 By
901897 (
11/29/2012 12:16:14 PM
Yet it's not a good idea to get carried away and make the blog about your family or outside interests. The whole professional vs. personal ratio also has to be calculated with your topic and target audience in mind. You should not, however, blog about anything that you wouldn't write in a business email.
<a href=http://cheapjordans2013.totalh.net/>cheap air jordans</a>
With a little bit more research and time from you, we are sure you'll come up with a profit-building blogging strategy!
<a href=http://louisvuittonhandbags8.10001mb.com/>cheap louis vuitton handbags</a>
#14 By
868449 (
12/1/2012 12:52:23 AM
Making some extra cash is something that loads of people have to do right now just to get by, and you're going to see that there are multiple ways that this can be carried out. In relation to earning this extra cash, the Internet is just one of the places folks are turning, because this is something that they're able to do from home to be able to earn the extra cash they need. The only issue is that a lot of people have no idea how to start making cash from the Internet simply because they don't have the information and knowledge that they need to be able to get started. If you want to start making money online you will be pleased to realize that we will be going over a few of the techniques you could use to be able to accomplish this.
<a href=http://www.freerunning3.com/nike-lunar-elite/>Nike Lunar Elite for men</a>
You're going to discover that the Internet is loaded with different methods that folks can use to earn an income, but the two methods we pointed out above are the most popular at this point in time. Should you be looking for some of these various other methods that we're speaking about, you will have the ability to find considerably more information on the net by using one of the major search engines.
<a href=http://www.discount-airjordans.com/>discount shoes jordan</a>