Good Worms Are a Bad Idea

News

Web Server Security

Phishing

Database Security

Application Server Security

Library

Vulnerability Archive

Secure Development

Web Services

Pen Test

AJAX

Application Firewalls

Main -> Internet Security News

TOPIC'S

Advertising

Old News

About

Resume

Contact

FAQ

Irc

Links

Books

Demos

Papers

Downloads

Advisories

Contributions

Security Services

Submit News

Syndicated News

Hosting generously provided by

www.mv.com

Good Worms Are a Bad Idea

Posted 5/5/08 by Robert from the 'mealworms rejoice' department

"Some bad ideas seem to live on forever. One of the big ones in computers is to use hacker tactics to perform white-hat operations on an Internet scale. The classic example of this is the "good worm" idea: a worm that spreads among computers to improve their security.

There have been attempts at this in the past, most famously Welchia, a worm that exploited the infamous Windows RPC/DCOM network vulnerability in order to patch it. There were also reports years ago of Hewlett-Packard launching a good worm, but this turned out to be a more conventional scanning system that in some ways presaged NAC.

The lesson from Welchia is that these things are a bad idea. As Spencer Katt puts it well, good worms resemble their evil twins in many unpleasant ways. They invade privacy, hog resources, and potentially create vulnerabilities in the systems they infect.

More to the point, releasing them is illegal and immoral. It's also pretentious: How dare you decide what code other people should be running on their systems? How dare you say that you know better how to manage my security than I do?"

Article Link: http://www.eweek.com/c/a/Security/Good-Worms-Are-A-Bad-Idea/
Link to this Story: Good Worms Are a Bad Idea
Link: Have a Site Suggestion, Material Request, or News? Submit it!
News RSS Feed: Web Security news RSS Feed

Discuss this article Find Related Stories