searching a job?M$ hires hackers!!!

[Networker]

The M$ Server 2k3 use a group of hackers for IVQ purposes.
Just hope those guys are real whitehats ... & not kiddies

One person I have working for me actually used to be a hacker -- he's British -- and we persuaded him there was a career to be had. We took a whole bunch of these people and made them hackers. We had them hack the system. We took the people who were responsible for each component and we did design reviews and code reviews. We created a whole book of common coding problems that lead to security errors, and we took every piece of code in the system and compared them against those rules. We created tools that run across the code and understand almost all the attacks. Microsoft Research built a tool that can find almost all the buffer overflow problems, and compilers added a bunch of checking.

full article here ...

[the_JinX]

I wouldn't be cought dead working for M$..

All my coleagues are asking me questions about configuring their windows and call me reading their blue-screens..
Like I can do anything about it..

And also.. I dislike working for big impersonal companies.. and Microsoft is just about as big and impersonal as you can get...

[UpperCell]

I have a favor to ask... would someone please make those little apps for finding buffer overflows available over the internet? (yeah right), I be they'd be most usefull of course their still made by microsoft...

[mark_boyle2002]

I remember microsoft issued a challenge to the l33t when they introduced 2000 server.

I remember they said it was very secure and offered a reward if anyone could break into or crash it.

Oh how I laughed when the server fell over by its self after only 24 hours.

Almost as funny as when Billgatus of the M$Borg was demonstrating windows 98SE support for USB and plugged in a scanned and the machine blue screened.

[UpperCell]

yeah, that all sounds too familiar HAHA!

[mrcoffee12]

wouldnt surprise me this time if he was demonstrating the power of server2k3 and somebody broke in while he was demonstrating all the 'advanced security features'...

[Networker]

To be franc, if I was the vice-president of Windows Core Technology, as Rob Short is, I would never say:
"We created tools that run across the code and understand almost all the attacks".
Saying that M$ credibility failed over.

1 thing more: If a blackhat is helping them, there is a chance he inserted its own backdoor into the closesource win ...

wait & see

[d0m1n10n]

But even if one did would you even be able to tell it was there with all of the bugs and flaws that are already in it? I dont believe that M$ will ever have a "unhackable OS" like they would like to think they will someday / already have in the past made.

[mohaughn]

Nobody will ever make an unhackable OS. As long as humans make mistakes, which will not change anytime soon, the OS'es that we create will have mistakes.


Also- somebody that is doing penetration testing of an MS OS would have zero access to the actual sourcecode of windows. I am pretty familiar with how the code check-in process works at MS, and I would have to say that they have one of the best processes that I have ever heard of. This doesn't mean that their code is any better than anybody elses, they just have very tight controls on their code.

[gore]

people making mistakes isnt the only reason an OS is hackable, theres a simple rule about it: if it can be programmed it can be hacked.