ietf-asrg
[Top] [All Lists]

Re: [Asrg] Point of information...

2003-06-22 19:17:38
At 11:45 PM 6/21/2003 -0400, Walter Dnes wrote:

On Fri, Jun 20, 2003 at 07:33:49PM -0400, Barry Shein wrote
[..]

> Anyhow, this all starts with whether it's possible to write a piece
> of software which begins to scan the net for infected systems?

  The problem so far is that people take virus/trojan compromises too
lightly.  That's because the compromises go out of their way not to be
noticed.  The trojan sends out a bunch of spams from your machine while
you're sleeping.  The typical end-user reaction is "so what?".  Maybe
governments need to do a "Hatch-job" (senator from Utah?).

  Notice that almost all viruses/trojans are "intelligent parasites"
that don't eat up enough resources to kill their hosts.  What we need is
for governments to authorize law-enforcement agencies to release viruses
("Killer-V's") that low-level unformat harddrives, and flash BIOSes with
garbage for good measure so that you can't just slap in the install CD
and have the same crap reconnected to the net 3 hours later.

Wow wow - hold on there. How will we distinguish between "government viruses" and malicious ones? Who decides which law enforcement agency is authorized to do so? What will stop lets say China from sending out viruses to low format hard drives of protestors? You are opening a whole can of worms here - we cannot serously use viruses to fight viruses, this possibility has been discussed in a research paper on Warhol net-wise viruses a while back - what you will end up with is a bunch of viruses fighting each other and getting better and better, while our computers and the Internet breaks in to shambles.

Yakov

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>