More off-the-cuff ramblings while reading Microsoft’s Security Intelligence Report:
- will I actually get through this report? life intervenes…
- page 68: interesting data on parent and child malware… but I don’t know what to do with it.
- page 71: “An infected computer can belong to several different botnets, which overlap to varying degrees.” It appears that infected systems sleep around. This makes a lot of sense, but I haven’t seen it mentioned anywhere else before. I wonder how these overlaps effect estimates of botnet infection across the Internet.
- page 73: they show true positives and false negatives for spam messages, but neglect true negatives and false positives. Not quite enough to determine effectiveness. I don’t see anything on total number of messages that were checked.
- page 74: if we just blocked all email originating in the U.S., we could block about 1/2 a billion spam messages! (kidding)
[started this on 11/3 and ran out of, umm, motivation... if anyone sees anything past page 74 that is interesting, please let me know.]