11 Comments

• Digg
• Bury

To be honest, I don't think Microsoft has a great track record on paying out that $250,000 promised reward when people do come out and identify the person to them responsible for the crimes.

That was what happened when friends of the NetSky virus reported him to Microsoft in exchange for the reward. Microsoft's incredible retort was they 'knew' him and so it wasn't paying.

You can see why no police have hired them to run their Crime Stoppers hotlines.

It took Microsoft 16 years to technically root out the nasty-as-heck 'autorun' feature from Windows XP and later by default as opposed to gymnastics and miracles.

Google also reported an 18 year old kernel exploit that let any user on the computer escalate his privileges up to the maximum one: Administrator. It took Microsoft over six months and it still had not announced the danger to the world or corrected it. So Google followed Microsoft's own "responsible disclosure" protocols and warned the world.

Microsoft is quick to put in hare-brained security hazards and slow to remove them.

If someone wants to stop someone from committing a computer crime, they will probably be more effective by telling them not to do it or calling the cops -- whichever is more appropriate.

Dealing with Microsoft is likely to tangle them up in an NDA and far less likely to get them a "reward" payment. If they were problem solvers and big spenders, they would not have these problems in the first place -- would they?

• Reply