Fight Virus With Virus?

Insanik writes "I am not an expert with internet worms like Code Red. However, I am curious if it would be possible to create a friendly worm/virus/whatever that would fight the original by using the same security holes. For instance, I read that Code Red II opens a back door. Why not have another virus that exploited the back door, closed it, then started sending itself to other servers for a certain period of time? " The submittor raises an interesting question - is this possible? I would guess so, in theory. And while we're working on Code Red, can we send a large man to the home of my latest Sircam senders and politely "ask" them to stop clicking on virii?

Re:Don't be a part of the problem

[blakestah]

Your solutions should not affect the state of the infected machines. Even if you could "fix" their machine. Even telling them that their machine is infected is over the line, if you're using their machine to do it.


Now there is ethics and there is ethics. Here is a scenario that occurred once in Baltimore. A house thief hot-wired a car. He jammed the steering wheel all the way to the side and floored the gas. The car spun and made lots of noise. Meanwhile, the thief broke into people's houses (that is besides the point). Am I ethical if I jump into the moving car and turn it off ?

The point I am raising is that the car poses a risk to society. I am altering someone else's property in stopping it. However, I don't think it can be called unethical. The danger was created by someone who was not the owner - removal of that danger by another third party can be ethical depending on the magnitude of the danger and the alteration of the property.

As another example, suppose my neighbor's house is burning and his 10 year old is screaming at the window, and he is not around. Am I ethical in breaking in to save his child ? In this case the answer is really clear.

In the case of machines compromised with CodeRedII, consider the capability for MASSIVE DDOS directed at anybody launchable by anybody. Those machines are tools to be used by anyone for any reason they like. They can be used as launching points for hacks on military sites. They can be used to snoop for passwords etc. If you go onto those machines and simply remove them from the network by shutting them down (in an orderly fashion), I think you could argue rather strongly that you are taking such action in the interest of public safety.

Ethics is rarely so cut and dried that one could claim that you should NEVER alter someone else's property.

Re:Its entirely possible

[jgerman]

It's not necessarily true that an American citizen can respond with deadly force to criminal trespass. That varies state by state. Here, in MD, for example, if someone breaks into your home and threatens you, you must make every effort to vacate the home. You can not just shoot him for trespassing, breaking and entering, or anything else.

Guees that means if my machine gets hacked here I have to give it over to whomever hacked it.