Security researchers disagree on the effect Microsoft's Anti-virus Reward Program will have on the underground world of virus writing.
The initiative, as first reported by CNET News.com, promises a reward of up to $250,000 for information leading to the conviction of the person or group responsible for launching the MSBlast worm and another $250,000 for similar information about the Sobig.F virus. The program has been funded with $5 million from Microsoft's coffers and will offer similar amounts for future threats.
Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section.
Some security experts believe the bounty could disrupt the relationships between virus writers, effectively shutting down the loose online circles where authors meet and exchange code.
"It really depends on the demographic," said Carey Nachenberg, chief architect for security firm Symantec. "It will make the typical virus writers--13- to 25-year-olds--think twice about releasing viruses."
Virus writers who intend to release bugs will have to be a lot more careful about who they associate with on the Internet, said Peter Allor, director of vulnerability research for network protection provider Internet Security Systems.
"You have a fair chance of someone turning their buddy in," he said. Virus writers "are going to be very careful about who their alliances are with and who they work with."
Others believe the reward won't have a practical effect, aside from marginally increasing the distrust in an already paranoid community.
"Nothing will change," said Roberto Preatoni, founder of security site Zone-H.org. "I guess it's more like a publicity advertising stunt. (Microsoft Chairman) Bill (Gates) cares about security, and he will pay on behalf of the world."
The litmus test for the new initiative will be whether the $250,000 bounties produce additional suspects in the MSBlast and Sobig virus investigations, which have seemingly stalled.
MSBlast, also known as Blaster and Lovsan, , according to data from security company Symantec. The worm compromised computers by using a serious vulnerability in Windows systems for which
Microsoft had released a patch a month earlier. A variant of the worm, MSBlast.D, was intended to protect machines against the original program, but it ended up being so aggressive that the avalanche of data it produced shut down networks. The Sobig.F virus spread via e-mail on Aug. 19, compromising users' computers with software designed to turn the systems into tools for junk e-mailers.