Yes, but from any level of incident response, the DIY approach is not a good approach. Personally, I see this as Microsoft taking the law into their own hands. I can fully understand the Microsoft is rather pissed at the moment.
I don't think they are taking the law into their own hands. They are just offering up rewards. This is a fairly common practice. Police tend not to due to their constrained budgets.
The appropriate authorities such as the FBI in America, or closer to home, the NZ Police Electronic Crimes Lab are there to hunt down, catch, arrest, and convict cyber-criminals.
Re-read the press release. They are working with the FBI, Interpol etc.
Tell me, what is the difference between me beating up a thief with a baseball bat and Microsoft doing what they intend to do.
They intend to give people money for information leading to the conviction of the virus writers. It is very different. Regards -- Oliver Jones » Director » oliver(a)deeperdesign.com » +64 (21) 41 2238 Deeper Design Limited » +64 (7) 377 3328 » www.deeperdesign.com