
Shadowserver, the web’s bot containment unit, needs help - feross
https://krebsonsecurity.com/2020/03/the-webs-bot-containment-unit-needs-your-help/
======
293984j29384
I read both the Kerbson & Wired articles and while I commend the work they've
done, it sounds like an expensive operation and not really worth the
investment by Cisco if they can't brand it or make any money from it. When I
read statistics like "1.2 billion malware samples" or "11.6 petabytes of
threat intelligence data" I have to wonder how much of that is really relevant
today. Do we really need to be storing malware samples from archaic operating
systems? Couldn't they lean down their operation to focus on the most widely
used platforms? How effective are honeypots in 2020? I'm just not sure this
really needs to be saved.

~~~
pergadad
Corporations that built all the weak systems should take some responsibility
and cough up the cash. Cisco devices are among those, as are most major
manufacturers. This really doesn't need to be an America-typical "but if no
one sees it why should we give anything" story. It's common sense and
supporting this & similar ventures (Spamhouse?) should not need some
complicated cost benefit calculation for a company making tens of billions in
profit each year. If you really want one, a single headline along the lines of
"Old Cisco devices vulnerable" should pay the bill sufficiently.

------
dang
Related:
[https://news.ycombinator.com/item?id=22608668](https://news.ycombinator.com/item?id=22608668)

------
generalpass
All those taxpayer-funded entities and government-granted monopolies
benefiting from Shadowserver can't scrape up the funds to keep this thing
going?

~~~
PappaPatat
_cough_ legal reasons _cough_

------
ryanlol
Shadowserver doesn’t just focus on malware, they also host seizure pages for
financial service providers like Liberty Reserve.

Not sure how exactly that fits in with their purported mission.

