Information Warfare: Microsoft Knows Your Dirty Secrets


September 3, 2010: Now that most hackers have figured out what was happening, Microsoft revealed that, for years many hackers have unthinkingly allowed their Windows operating system to send information back to Microsoft. This came in the form of data files on failed attempts to build new hacker code. It works like this (for all Windows users). When criminal programmers are building the programs they secretly insert into other peoples PCs, they have to test their work, and their programs often don't work initially. Such failures cause their PC to lock up (crash), and while that is happening, the Windows operating system captures what was going on at the time of the crash. When the user reboots, the operating system asks if it is OK to send this information to Microsoft, where it is analyzed (initially by software), looking for potential problems in Windows (which can be fixed). The screening software looks for all sorts of patterns, and eventually picked up the crashed hacker software in these memory dump files. It was quickly realized that this allowed Microsoft to monitor what was going on in the hacker underground.

Although many hackers were sharp, or attentive, enough to not send in the memory dumps to Microsoft, many still did. More experienced hackers kept telling everyone about this problem, but the dump files kept arriving at Microsoft, allowing the tracking to continue. These hacker files were so numerous that they provided a reliable picture of what software the criminal programmers were creating, and was a big help in making computer security software more effective. This is why the Microsoft security software that comes with Windows is so good at keeping hacker stuff out, or cleaning up after malware that does get in.

Microsoft has also gotten dump files from Cyber War hackers, and all sorts of people who should know better than to let the operating system send that stuff home. Microsoft won't talk about this angle.






Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close