 |
|
| technology > computing |
![[CNN Money]](http://i.cnn.net/cnn/images/main/fn.logo.newsnet.gif){kind=logo}
![[SI.com]](http://i.cnn.net/cnn/images/main/si.logo.gif){kind=logo}
( | |
 |
|
| |
| |
EDITIONS: | |
MULTIMEDIA: | |
E-MAIL: |
Subscribe to one of our news e-mail lists. Enter your address: |
DISCUSSION: |
CNN WEB SITES: |
 |
TIME INC. SITES: |
CNN NETWORKS: |
|
SITE INFO: |
WEB SERVICES: |
Can viruses be used for good instead of evil?
|
(IDG) -- H.L. Mencken once said, "For every human problem, there is a neat, simple solution; and it is always wrong."
That axiom applies to the cool-sounding idea that computer-security gurus propose: Why don't we use viruses for good instead of evil? As long they're infecting everyone's computer, why don't we distribute them to patch vulnerabilities, update systems and improve security?
A virus is made of two parts: a propagation mechanism and a payload. The propagation mechanism spreads the virus from computer to computer. The payload is what it does once it gets to a computer. The idea is to create viruses with beneficial payloads and let them propagate.
This is tempting for several reasons. One, turning a weapon against itself is a poetic concept. Two, it's a technical challenge that lets ethical programmers share in the fun of designing viruses. And three, it sounds like a promising technique to solve one of the nastiest security problems: patching, or repairing computer vulnerabilities.
Right now, the best patching techniques involve a lot of negotiation and manual labor -- which nobody enjoys very much, especially computer technicians.
| MORE COMPUTING INTELLIGENCE |
IDG.net home page
|
| The Standard.com |
| TechInformer: The Thinking Internaut's Guide to the Tech Industry |
| Keeping your PC healthy |
| How to reduce risks from e-mail and the Web |
| Reviews & in-depth info at IDG.net |
| E-BusinessWorld |
| Industry Standard email newsletters |
| Questions about computers? Let IDG.net's editors help you |
| Industry Standard daily Media Grok |
|
Search IDG.net in 12 languages |
| News Radio |
Fusion audio primers
|
|
Computerworld Minute
|
Beneficial viruses seem like a nice remedy: You turn a byzantine social problem into a fun technical solution. You don't have to convince people to install patches and system updates. You just use the technology to force them to do what you want.
Therein lies the problem. Patching other people's machines without annoying them is good; patching other people's machines without their consent is not.
Beneficial viruses are a simple solution that's always wrong. A virus is not "bad" or "good" based on its payload. Viral propagation mechanisms are inherently bad, and giving them beneficial payloads doesn't help. A virus isn't a tool for any rational network administrator, regardless of intent.
A good software distribution mechanism has the following characteristics:
- People can choose different options.
- Installation is adapted to the host.
- It's easy to stop an installation in progress, or uninstall the software.
- It's easy to know what has been installed where.
A successful virus, on the other hand, is installed without a user's consent. It has a small amount of code and it self-propagates, automatically spreading until halted.
These characteristics are incompatible with those of software distribution. Giving the user more choice, making installation flexible and universal, allowing for uninstallation -- all of these make it harder for the virus to propagate. Designing a better software distribution mechanism makes it a worse virus. Making the virus quieter and less obvious to the user, smaller and easier to propagate, and impossible to contain add up to lousy software distribution.
All of this means that viruses are easy to get wrong and hard to recover from. Once a virus starts spreading it's hard say what it will do. Some viruses have been written to propagate harmlessly, but wreaked havoc -- ranging from crashed machines to clogged networks -- due to bugs in their code. Some viruses were written to do damage and turned out to be harmless, which is even more revealing.
Intentional experimentation by well-meaning system administrators proves that in your average office environment, the code that successfully patches one machine won't work on another. Indeed, sometimes the results are worse than any threat from an external virus. To combine a tricky problem with a distribution mechanism that's impossible to debug and difficult to control is risky. Every system administrator who's ever automatically distributed software on his or her network has had the "I just automatically, with the press of a button, destroyed the software on hundreds of machines at once!" experience. And that's with systems you can debug and control; self-propagating systems like viruses won't let you shut them down when you find the problem.
Patching systems is fundamentally a human and social problem. Beneficial viruses are a neat, simple technical solution -- and Mencken was correct.
RELATED STORIES:
Analysis: E-mail can be hazardous to your computer's health
September 6, 2000
New charges urged in 'Love Bug' case
September 5, 2000
Palm antivirus protection in the works
June 12, 2000
McAfee aims to shield networks from PDA viruses
August 30, 2000
U.S. government agencies shape cyberwarning strategy
August 15, 2000
RELATED IDG.net STORIES:
Symantec previews Palm anti-virus product
(IDG.net)
BackOrifice meets I Love You
(InfoWorld)
Virus developer has regrets
(Computerworld)
F-Secure plans virus protection for phones
(IDG.net)
To serve, maybe protect
(The Industry Standard)
How to reduce risks from e-mail and the Web
(InfoWorld)
Brightmail releases antivirus software
(IDG.net)
Defending against Outlook viruses
(Network World Fusion)