"Some bad ideas seem to live on forever. One of the big ones in
computers is to use hacker tactics to perform white-hat operations on
an Internet scale. The classic example of this is the "good worm" idea:
a worm that spreads among computers to improve their security.
There have been attempts at this in the past, most famously
Welchia, a worm that exploited the infamous Windows RPC/DCOM network
vulnerability in order to patch it. There were also reports years ago
of Hewlett-Packard launching a good worm, but this turned out to be a
more conventional scanning system that in some ways presaged NAC.
The lesson from Welchia is that these things are a bad idea.
As Spencer Katt puts it well, good worms resemble their evil twins in
many unpleasant ways. They invade privacy, hog resources, and
potentially create vulnerabilities in the systems they infect.
More to the point, releasing them is illegal and immoral. It's
also pretentious: How dare you decide what code other people should be
running on their systems? How dare you say that you know better how to
manage my security than I do?"
Article Link: http://www.eweek.com/c/a/Security/Good-Worms-Are-A-Bad-Idea/
