At 11:45 PM 6/21/2003 -0400, Walter Dnes wrote:
On Fri, Jun 20, 2003 at 07:33:49PM -0400, Barry Shein wrote
[..]
> Anyhow, this all starts with whether it's possible to write a piece
> of software which begins to scan the net for infected systems?
The problem so far is that people take virus/trojan compromises too
lightly. That's because the compromises go out of their way not to be
noticed. The trojan sends out a bunch of spams from your machine while
you're sleeping. The typical end-user reaction is "so what?". Maybe
governments need to do a "Hatch-job" (senator from Utah?).
Notice that almost all viruses/trojans are "intelligent parasites"
that don't eat up enough resources to kill their hosts. What we need is
for governments to authorize law-enforcement agencies to release viruses
("Killer-V's") that low-level unformat harddrives, and flash BIOSes with
garbage for good measure so that you can't just slap in the install CD
and have the same crap reconnected to the net 3 hours later.
Wow wow - hold on there. How will we distinguish between "government
viruses" and malicious ones? Who decides which law enforcement agency is
authorized to do so? What will stop lets say China from sending out viruses
to low format hard drives of protestors? You are opening a whole can of
worms here - we cannot serously use viruses to fight viruses, this
possibility has been discussed in a research paper on Warhol net-wise
viruses a while back - what you will end up with is a bunch of viruses
fighting each other and getting better and better, while our computers and
the Internet breaks in to shambles.
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg