Slashdot Mirror
Why Virus Writers are Useful
man_of_mr_e writes "Security site Zone-h.org has an interview with Professor Samuel D. Forrester, one of the worlds leading immunologists. In this interview he asserts that immunity is built by infection, and without it you would have a much weaker ecosystem. "
...this guy is implying that people learn from virus attacks?
lol!
What do you know about World Politic? Find out in this quiz
Plus, it REALLY helps the bottom line of Symantec and McAfee.
Don't anthropomorphize computers, they don't like it.
Yes, we need to have viruses. Or else, we'll have viruses.
How about Survival of the fittest... in which case MS hasn't been doing so good (and is trying to drag the other OS's down in the process).
...criminals are useful because of the increase in security?
;)
I understand the point, but while response to a negative may bring about a better positive, not having the negative in the first place would, of course, be much better. But then, it's not a perfect world.
libertarianswag.com
Whatever doesn't crash you makes you stronger.
Who took my tinfoil hat?
Why trolls are useful.
Why SPAM is useful.
Why telemarketers are useful.
Why PITA's in general are useful.
AR
Duh?
You can never equivocate too much.
And when someone DOES decide to release a 'Melissa', we're all screwed, because we're all vulnerable.
"I can't give you a brain, so I'll give you a diploma" - The Great Oz (blatently stolen sig)
I view them as job security (so does he I am sure).
After every big virus that comes out, I get at least 10 calls saying I think I have this virus. Of course they will pay me, but never will pay for antivirus software though! They think it is a rip-off
If there is no infection, then you don't need to be immune!!!
Database robustness is built by the /. effect, and without it you would have a much weaker ecosystem.
No, wait...
But I've been contracting like crazy for the last few weeks because of all of the viruses. I see a positive to it.
Keep them coming.
http://use.perl.org
Holy crap, that must mean the Windows "eco-system" is stronger than say the BSD or Linux eco-system. I must switch back!
... when he loses all his data because of some bastard tosser who thought it was cool to write a virus. Kids, it's not big, it's not clever. You're not impressing anyone. String 'em up, I say.
Comparing computer viruses to the biological sort is a BAD one. Firstly, you have to make a distinction between worms and viruses and such. Secondly, we don't infect new computers with lesser versions of MBLASTER, we patch the vulnerablilty.
Auto-reply to ACs: "Truly, you have a dizzying intellect."
If you really think about it, computers are in fact a form of life based on silicone (soon to be 84GHz diamond! Hooray) which has as its DNA simple codes written by humans. We are their Creator, to steal a line from the Christians.
Just as we can create these marvelous things, we can also devise and create terrible little niggles that are apt to take entire computer organisms out of commission. So eventually you end up with an ecosystem in which only the strongest and most successful computers survive. Hence, Unix-type systems and Windows systems.
It's like Intelligent Design and Evolution all rolled up into a neat little analogy.
Maybe we should follow things to it's logical conclusion and fully mimic biological workings...
Let's release weakened forms of viruses into the wild so that "antibodies" can be built up against them!
Ummm... not sure how to define a weakened virus... or antibodies in terms of software (antivirus scanners don't really fit the definition because they don't adapt for the most part).
Ok, on second thought, never mind.
If a pion (n-) collides with a proton in the woods & noone is there to hear it, does lamdba decay into the source pa
... nachi even tried to fix my computer from the blaster virus !
Something's upset the natural balance of desktop systems.
Well thank goodness for car thieves or
my automobile wouldn't be nearly as
secure.
When you combine this with the help of
good-hearted burglars (who ensure my domestic
bliss) it kinda brings a tear to the eye.
When you hear hoofbeats, think horses, not zebras
Its somewhat like the human body. If your immune system never does any work, when a threat comes, you will become overwhelmed by it, and could even die. You could even say that immunization shots are like security patchs. They both help the system learn how to defend against the attacker.
Great Linux Site
If there was nothing harmful coming into contact with your computer, then it wouldnt need to be very secure.
But with constant threat of virus attacks, software developers (hopefully) write patches and fixes for exploits before they happen so that the end user can make their system safe.
Then again, if there WAS nothing harful coming to your computer, (as in, no hacker, no one unauthorized trying to get in, no virii, nothing) would it even NEED to be secure?
This is my sig. Its pathetic.
...has given my copy of windows the immune system of a scavenger.
So if I genetically engineer a real virus that wipes out half the population of New York, I guess my lawyer will have a defense now... "Honest, your honor, he was just trying to beef up everyone's immune system..." Give me a break. Better yet, give me a G5. At least I can laugh at the contstant stream of infected exe's, scr's and the like that constantly flood my inbox. Doesn't anyone have a constructive hobby anymore?
My mother used to work as a water health scientist in Poland (It was just a cover job for working in the anti-biological warfare division but thats another story).
She used to have to ensure that there was a correct ammount of flouride in the water. The ammount had to be quite exact, not because a little too much flouride is bad for you but because if you kill off all bacteria then the people didnt become immune to the different strains. The USSR did huge studies on this, varying the flourine levels and getting statistics.
Its the same case with my friends who go to India and would never drink the tap water. They simply are not immune to the local bacteria while the locals are quite happy with it.
Mouse powered Chips, Open source Processors and Lego
SyS64738
08/25/2003
The title is obviously a provocation. I am considered a balanced personality but sometimes, I like to stretch things to the extreme and to provoke reactions. This article is one of my rare attempts to provoke you... or not?
Today, after the alarm caused by the fast diffusion of the Sobig virus, we are all talking about the reasons why virus writers are coding more and more viruses.
"They should stop, somebody stop them!" I hear all the time but... is this right?
We try to answer to this question with an interview with Professor Samuel D. Forrester, one of the most famous immunologists in the world. Dr. Forrester is on the run this year to get the Nobel Prize for his recent discovery of the mechanisms of aggression of over-reacting immune cells and antibodies. He teaches at the Immunology faculty at the Konigsberg University since 1986.
Zone-H: ZH
Professor Samuel D. Forrester: SDF
ZH: Thanks for having accepted to release an interview to Zone-H
SDF: Thank you, even if it is quite unusual to be interviewed by a computer security website.
ZH: Dr. Forrester, can you tell us what is the branch of the immunology?
SDF: Immunology is the study of the complex and sophisticated immune system. The immune system is a network of cells and organs that work together to defend the body against attacks by "foreign" invaders or germs. The body provides an excellent environment for germs. When they do break into a system, it is the immune system's job to keep them out or to seek and destroy them.
ZH: What is the job of the immunologist?
SDF: Clinical immunologists research new tests and treatments involving allergic and immunologic disorders of the immune system. They work with physicians in general practice and in hospital-based specialties to treat diseases using complex and sophisticated clinical techniques. The science of clinical immunology is a fast developing area of the medical profession. The role of the immunologist is increasingly important, both in laboratory work and in patient care.
ZH: Have you heard about the recent Sobig-F virus deployment?
SDF: Yes, I read something on the newspapers. Even if computer science is not my science, the topic of the computer viruses is obviously of my interest. See, many aspects of the traditional immunology and the computer viruses are in common.
ZH: And this is the reason why Zone-H wanted this interview.... Dr. Forrester, what do you think about computer viruses, what do you know about them?
SDF: Computer viruses are exactly like the normal viruses. They can kill you if your immune system doesn't work, but at the same time, your body should thank them if your immune system is today capable to protect you from deadly illnesses.
ZH: Can you please develop the concept?
SDF: It's simple: every time you get a cold, you sneeze. But you could die, actually. The only reason why you don't die is because your immune system has been programmed to react to the "threat" posed by a germ. It's a paradox, but it's the same germ that could kill you that trained your immune system to react when invaded.
ZH: And what makes the difference? How is it possible that a germ can kill you and the same germ can train your immune system making you stronger?
SDF: It's just a matter of doses. Like with wine, one glass every day makes your heart stronger and lowers your blood pressure, one bottle every day can kill you. This is the concept on which vaccines are based.
ZH: We understand that. Can we stretch the concept saying that a constant flow of germs, if received in the proper dose, makes the body actually stronger?
SDF: Absolutely. If hypothetically we could take two newborn twins and put one of them under a glass-dome and the other one straight into the dangers of the real world, guess who would
"I can not bring myself to believe that if knowledge presents danger, the solution is ignorance" - Isaac Asimov
I'm sure all of the Symantec and Network Associates employees who owe their livelihood to antivirus development appreciate the work of virus writers. And the IT drones who are kept around to install and update antivirus software and kill viruses, and the network admins who have to temporarily block ports to shut down worm traffic...
Granted, all this manpower and resources could have been put to use for trivial stuff like... say... developing better software and networks, but HEY! we can thank virus writers for keeping us all on the payroll!
Hooray for virus writers.
dinner: it's what's for beer
Between natural viruses and bacterias and man-created constructs.
If I create a superbug in a lab which is incurable, has a 99.99999% fatality rate, and spreads through the air, does that count as part of the "healthy ecosystem?"
Anyone can see the difference between the common cold and weaponized antrax.
Virus and worm writers can kiss my ass, with all the rest of the script kiddies and h4x0rs.
I don't need no instructions to know how to rock!!!!
I am just wondering if there are no viruses then what difference does a weaker ecosystem make?
I guess in the end he really isn't stating anything world shattering. It just get back to the adage "What ever doesn't kill you, only makes you stronger".
E.
Never rub another man's rhubarb - The Joker
Legitimization of computer viruses because of scientific reasons is kind of meaningless and might justify the virus writers actions.
But I guess that he is one of those that don't sympathise much with the victims of the viruses.
Proud patriot and republican voter.
So if that's the case, that viruses make operating systems strong, Windows is the best operating system in the world!
Hmmm...
Ruby on Rails Screencast
Ya moron :)
Just because this holds for humans doens't mean it will work with computers. All that it suggests is that having Viruses forces companies to produce patches.
I guess in the long run programmers will learn from virus outbreaks, how to prevent attacks and reduce secuirty risks. But mostly viruses exploit holes in code or mistakes that should have been sorted in the first place (the programmers know that a buffer underrun is bad, just having a virus expoit it doesn't mean they suddenly relalise how bad it is, they most likely missed it rather than didn't know how to prevent such a disaster in the first place).
This seems like a flimsey statement I'm not sure I agree with it.
I spent ages trying to think of sig, but never did
It never gets infected, so how can it build up immunity?!?
it makes you more aware of what cannibalism can do to you
Most people dont bother to patch there systems unless there is a virus . A virus tends to not to do mutch damage (compared to what a cracker could do (like steel your personal files , black mail you , etc.) ) and it keeps everyone on there toes .
All in all viruses tend to be better than having a cracker break into your system ; sure some of them wipe your harddrive clean but compared to what could be done that is a blessing .
The author admits the title is a provocation, so we can cut him a little slack there.
Nevertheless, it could be argued that if you want to thank the virus for making the immune system stronger, you could also thank the immune system for making viruses stronger, because that is how competition and natural selection work. If we didn't have viruses, we would have no need for an immune system. So to thank viruses for making us spend time and energy in strengthening our defenses seems a little silly.
...so I'm just going by the submitter's description but the next time a genetics story is posted here and I flame people for all the "I don't know how DNA works but I assume it's exactly like C code." comments, feel free to remind me of this guy extrapolating from immunology to computer viruses.
What I'm listening to now on Pandora...
See, if we didn't have drug laws, the government wouldn't have spy cameras, stop and search laws, phone taps, email snooping etc and they'd have no idea what people were up to. They'd have to invent another bogeyman to keep an eye on us. Terrorism for example. The advantage of having another excuse like that is to think ahead and plan for the day all drugs are legal, such as the direction Europe is taking.
Okay, so in the perfect world where there are no viruses/trojans/worms...why would you need systems to have resistance to viruses/trojans/worms? You don't.
If you isolate yourself from the world, disinfect everything, etc...yes, you're going to get really sick some day because your immune system will be unprepared. You don't need some rocket-scientist immuniologist to tell you this. However, that doesn't apply to computers- they don't develop an immune response to viruses, adapt, learn, whatever you want to call it. There's no difference between a system you just installed, one that's been sitting behind a firewall for two years w/antivirus software etc, and one that's been sitting outside with antivirus software, etc. If a new virus comes along, they will ALL get infected if left unprotected. One could argue linux and MacOS are succeeding because Windows is slowly killing itself off by pissing off IT departments and users...but that's darwinism.
Seriously, where did they dig up this nutjob who felt he could compare computers to biological immune systems, purely because the term "virus" is used in both contexts?
Please help metamoderate.
An infection destroys the weaklings and the unlucky, leaving the robust and lucky still standing.
If an infection destroys too many of the unlucky, or if the weaklings were the only ones carrying the genetics (or protein rings) required for defense against the next big infection, well... it's the Telephone Sanitisers and The "B" Ark all over again. Be a good lad and throw me my rubber duck, will you? (-:
Got time? Spend some of it coding or testing
Target practice.
I wouldn't say I'm a bad gambler but the last time I went to Vegas I even lost a buck on the soda machine.
Nice troll...even managed to get it posted as a Slashdot article!
That may be true with a biological system, but it DOES NOT APPLY to electronics. The truth of the matter is, virus writers do nothing but cause havoc, and cost money. So I have a box that's unsecured...so what? That's MY business, NOT yours! Where does it say that you now have the right to fuck with it? Do you somehow think that by buggering it up, you're "helping" me? No, how you help is by leaving it the hell alone! What virus writers and crackers and kiddies do is the moral equivalent of wandering through a neighbourhood and trying everyone's door to see if it's unlocked and then stealing from those whose doors aren't locked. Either that or spraying grafitti or trashing the place. They are not heroes...they aren't "Morpheus" fighting against the "evil machines", they are common thieves and vandals and should be viewed as such and treated accordingly.
You're using her as bait, Master!
In the biological world, if you catch a bad virus and don't defend against it, it will kill you. In the computer world their are idiots who just think their computer is acting weird or getting slow so they scrap it, filling landfills, and buy a new one, lining Microsoft's pockets. If they could invent a computer virus that weeded out idiots who don't patch their systems permanently, it might help make computers stronger.
Bud and Kelly: Thanks Microsoft.
Just based on the subject line and my own experience/education (IIADoctor), he's likely to be right... he's definitely right about biological systems.
Repeated challenges to your immune system keep it strong, and may render you at least partially immune to related infections. Immunity to one infection may lend immunity to others... Vaccinia infection protects against smallpox, for example. Exposure to some animal forms of rotavirus (common cause of diarrhea in infants... and adults. The immunity wanes later in life) may lend partial immunity to the human form of the disease.
Aside from generating similar antibodies, your immune system also generates cytokines and other proteins that assist your immune system in fighting off infection. The interferons are a good example (and are used to treat some viral infections, like Hep C). TNF (tumor necrosis factor) is another example.
Now, this probably also applies to computers, though the mechanisms differ. Attention to one vulnerability may shed light on another... patching one hole may protect from several viruses/worms.
No pain no gain, I suppose.
Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
After they're dead and hanging outside my front door as a warning to other virus writers.
"Joan of Arc, up top!" - Ghandi, Clone High
...were the people selling the pickaxes. The only people who will really benefit from virus writers and their creations are anti-virus software providers.
If we were to compare this situation to the human body and real viruses, we can quickly see that, yes, some viruses can be fought down with only the immune system of the person. But for everything else, we have doctors- extremely high-salaty doctors. Do YOU wanna start getting really high anti-virus bills after a super-virus is released and only one or two companies have the "cure"?
The power of Christ compiles you.
A Random Blog
Saying that if no attacks ever occured, then we would be vunerable is kinda silly. Of course it is true. It's like saying it is bad that elephants aren't falling regularly out of the sky, because it makes it so we are totally unprepared for the situation. Making a world without virus attacks automatically includes the consequence that virus attacks are not to be worried about.
I guess the point is that immediate exploitation of every defect means that, in theory, a devastating attack that exploits everything at once is not possible. But I would say that the frequent, *extremely* impactful exploitation of 'minor' flaws is far more damaging than a rare, totally devastating blow in terms of cost.
Or else he could be saying our culture is being trained in the ways of viruses so that the next unsuspecting invading alien race comes to attack, we can whip out a Powerbook and screw them over because their culture never dealt with viruses and worms...suckers.
XML is like violence. If it doesn't solve the problem, use more.
Comment removed based on user account deletion
Sounds like loaded terminology, much like Nietzsche.
Sure, viri make the population develop "strength", as measured by resistance to attack, but there's reasonable doubt whether your killing off "weaker" portions of society is a good thing; some of the "weak" members of society might well have contributed a great "strength" in a different area.
I know lots of computer nerds with "weak" constitutions that wouldn't have stood much of a chance against bubonic plague, but they're arguably quite strong when it comes to quickly fixing the latest computer virus infestation.
"Provided by the management for your protection."
These were probably among the first viruses (though nobody called them as such then), since they were designed to propagate from host to host. They were, by present standards, quite primitive but nonetheless effective.
The rationale was that if we couldn't stop intruders from getting in, then we should at least make sure they couldn't do anything useful.
...had better have a damn fine firewall. (-:
Got time? Spend some of it coding or testing
I've reluctantly come to appreciate the role that noisy blackhats and virus authors play in getting organisations to improve their information security infrastructure. If it weren't for them, I feel there would be a thriving underground economy of industrial espionage and personal information theft because it would be so easy. At least with the constant pressure applied by viruses and blackhats, the most gaping security vulnerabilities tend to get fixed, sooner or later (even if a few organisations end up being made examples to the rest).
Personally, I don't really care about catching virus authors and blackhats. I just care about keeping them out of the machines and networks I've been paid to care about.
--
"vaccination"
The logic is in the viruses' impacts (in terms of both strength and penetration/outbreak).
Trolling using another account since 2005.
I mean, if there were no infectious agents, we'd have no need for an immunity system. Since both Mother Nature and yer average geek are generally quite averse to expending energy needlessly, this would free up resources for other things, some of which might even have positive benefits.
We need to have viruses that just give our computers a cold, in order to build up defenses against the electronic equivalent of Ebola.
Will I retire or break 10K?
-- Insert your favorite "The Matrix" quote here --
Or from another perspective, if there were no viruses, our immune systems would grow weak through disuse. We wouldn't be able to fend off viruses. But since there aren't any viruses to begin with... you get the idea.
irb(main):001:0>
"That which doesn't kill Windows only makes it stronger."
So to protect myself from future STDs I should run out and try HIV/AIDS, Herpes, Syphillis, etc.?
we need infections in order to build immunity.
well, if we didn't have infections why would we need immunity?
[alk]
A few years back I did an interview with a virus writing group called shadowvx
While all the rage is on viruses and backdoors, would you care to explanation as to what exactly it is your members do? One not too familiar with the scene would think most virus coders are evil pricks out to rm -Rf /* the world. Whats your guys description of the
virii field?
Well, many virus coders do not agree to destructive payloads now. The idea of a virus is to spread. What is the use of a virus that infects a computer and formats it's hdd? In effect it is killing itself... not the best idea if it wants to spread no?
With regards to what ShadowvX members do, we code viruses that incorporate new or existing virus techniques. We try to code viruses with things like ICQ spreading or virus networks. Only a few of our codes have made it into the wild, but they had to be released. Ya know, new techniques, lets see how far up the AV "Dangerous" list we can get :] We make it a policy though that no code gets released unless all members agree
it should. And we ain't no evil pricks either... we are like you guys, doing what we do
to prove that computers are too relied upon these days...
Back Orifice, Netbus, Melissa, Tuxissa, ILOVEYOU, were plain and simply maliciously coded virii, we know some virii coders assist companies like Symantec, AVP, etc, whats your outlook on the creators of these program like Melissa, etc.?
Well, with Melissa it certainly showed MS a few things. Most of the code that gets released are to show or exploit vulnerabilities in software or hardware.. it just seems to only happen with MS software.
My view on these types of coders is no different from how I view other virus coders. They want to create something and show that humans rely too much on computers now a days.
rest of interview
Anyway, my thoughts for one are, wouldn't someone who works for an antivirus company have a biased opinion being that the more people create a virus, the more money his company would make? Give me a break. Viruses are nothing more than annoyances which serve no purpose whatsoever, no matter how you want to look at it. Developers of software should take more precautions when releasing code to ensure these viruses dont become epidemics like SobigF was, knocking off the electric grid. For anyone to claim that a virus is good coming from a corporation, he deserves to be canned. The statement he made about being infected to be cured is irresponsible. Should someone die because some medical equipment malfunctioned due to some power outtage that was cause by a virus for the sake of find an antidote? I think not.
MoFscker
Virus, hackers, script kiddies et al serve the same functions in cyberspace as viruses and predators do in nature.
They weed out those not strong enough to survive, ensuring that the next generation is stronger and more resilient.
If it wasn't for the lessons learned and problems fixed during numerous previous virus and hacker attacks, the damage caused by viruses suck as Sobig and Blaster would have been catastrophic.
Escoutaire
When a dream dreams the dreamer, the dreams the real.
As many people are pointing out, immunity is a force-feedback system. As viruses spread, their hosts evolve to become better at fighting them. Which in turn leads to "better" viruses. Which in turn...
To err is human, but to forgive is beyond the scope of the Operating System...
Spammers.
Let the haxxors go after the ba****ds who keep sending us "O_n_l_i_n_e_D_e_g_r_e_e", "Lonely?", "Arnold", "Urgent Business Proposal" and all that other BS.
Bring THIER servers down, and they will earn instant respect... at least from this computer geek.
The problem with socialism is that they always run out of other people's money. - Margaret Thatcher
I feel like I should know, but what does the term "slashdotted" mean?
If there were no worms of vira, why would we have to secure it agains it.:)
And if a server boots in the forest, does it beep?
Fittest!? I though it was survival of the FATTEST. Damn. I'm screwed.
Surely computer virii are immensely useful from the point of view of studying life itself? They replicate, they interact, who knows - one day soon we may have one which exhibits cognizance? (Then comes the moral debate over 'virus rights', etc, the anti-abortion-like bombing of Symantec offices and then the first ever computer virus sit-com (the O.S.bournes), and then that whole debacle over their seemingly unfair tax exemption... I've seen it all... )
We need to start an OSDN virus writing project!
Any relation to Dr. Clayton Forrester? I mean, cuz that guy was MAD. Deep hurting! DEEEEEP HURTING!
* Please do not read my signature.
Yes, and now, Dr. Forrester can use the Viruses to make all the computers in the world play horrible movies, so that he can take over the world!
Push the button, Frank! We've finally won!
What this essentially states is that predators (which include virii) help to make prey stronger.
This could be argued by saying that in the absence of predators, there would be no need for prey to have a defense. Simple. But equally as stupid.
In computer terms, this translates to us needing security because of those that would exploit the lack of it. To say that security is better because of better criminals is stating the moronic obvious.
People will rise or fall to your level of expectations. Something I learned early in my management career. The same is true for people's needs...and by extentsion here the needs of their computer's security systems. Darwinism will always rule in a predatorial world, and only the security that can keep up with the criminals will survive.
Remember, kids...Eyes in the front means predator. Eyes on the side means prey.
What I am trying to say here is that developers will never be able to see all possibilities and will be blind to entire classes of problems until they are pointed out. Conversely, virus writers will not be able to find all the possible holes in a program at a single time and will often only exploit a handful of holes per attack.
In conclusion, security evolves by analyzing past attacks and reacting to plug the hole so it cannot be used again. Like bacteria and anti-bodies, this process can be very efficient over the long run, even if we have to suffer through epidemics every once in a while.
We increase security because of criminals.
If you have been the victim of a crime, you will increase your security to prevent it from happening again.
The existence of criminal improves security, however this doesn't mean you're in a better overall situation.
without it you would have a much weaker ecosystem
Forget the ecosystem. Without virii, I'd have a much weaker wallet. People refuse to keep their systems up to date. When they pay the price, they do it figuratively and literally... To the tune of $95/hour.
I had a sucky sig.
If you think of all the hacks (the immune system) put into slashcode to stop the trolls (bacteria), you can see how the same process works to improve the immunity of slashdot to trolls.
And /. is good for you because it makes you make your hosting stronger :)
Or it eliminates the weak...
.sigs are for post^Hers.
As has been pointed out in previous posts, it seems silly to say that viruses are good because they strengthen the ecosystem, when the threats are viruses. However, it seems to me that what something like Blaster really protects against are malicious individuals.
If your company gets hit with Blaster, your IT department has to spend a bunch of time cleaning up and patching the PCs that are infected, but in the end, the cost for a worm like Blaster that doesn't destroy data is only man-hours; you're not losing sensitive business data. If no one had written the Blaster worm, and the vulnerability remained unpatched, a malicious individual (maybe an ex-employee, maybe a criminal from another country, whatever) could use that same vulnerability to gain access to a few of your systems and engage in more nefarious acts, like theft or destruction of secrets and personal information about your employees.
Yes, it's difficult to stay on top of patching, when Microsoft churns out vulnerability after vulnerability. However, it must be done, and non-data-destroying worms and virii provide a nuisance that protect the ignorant and incompetent from bigger threats.
Biological immune systems are so effective because they automatically stochastically learn how to detect and neutralize antigens. By and large there is no such thing for computers (except for large expensive "enterprise nervous systems", but the majority (in quantity) of victims are end users, not the enterprise), so it is a bit disengenous to imply that viruses confer some sort of innoculation. Not to say that having holes brought into daylight won't in turn force increased security, but that can be done through traditional bugtraq/exploit channels without introducing an epidemic in the wild.
It's 10 PM. Do you know if you're un-American?
That if virii didn't exist in the first place, then immunity would never be required!!!!!
For all that is holy, the plural of "virus" is "viruses."
IT WILL DEFENIATLEY happen to debian, The 2.2 kernel is filled with bugs. YES DEBIAN ZEALOTS, stable!=secure. Modding this -1, trollbait won't help you when your'e r00ted, stop running debian, use an up to date distro such as Gentoo, Slackware and Mandrake Cooker. All aimed at advanced users, but ARE UPTO DATE AND SECURE!
I knew TWO companies that were rooted because they ran debian woody, so I switched them to Slackware and they haven't been hacked for over a year!
The real story on viruses/virii is about the money.
Microsoft loves having a low security OS because it forces people to upgrade whenever Microsoft's security PR team issues a "fixed in the next version of Windows" press release. And that brings in money. Much more money than having to staff a few extra people and say "we're doing our best patching all the holes in Windows".
Symantec, Network Associates, IBM, and all the other security companies are making big time paper off of viruses and other security threats. In the early days of "scan", it was a common rumor that McAffee wrote the viruses as well as the virus scanner -- to the point "scan" was jokingly referred to as "scam".
So of course, a security site has an interview with some professor who comes up with some flim-flam about how viruses are good. It's called job security. Or buttering your bread. Whenever one sees such obvious collusion, the simple way to find the truth is to FOLLOW THE MONEY.
Whenever there is a giant multi-billion dollar business depending on virus writers you can bet your bottom dollar there will be virus writers. And professors saying how virus writers are good for you.
And when it comes to the validity of the professor's basic premise, only an idiot would get suckered in by such a stupid argument.
Pollution kills many beneficial organisms and makes an existing ecosystem weaker. Crime does the same thing.
Do people move to high crime areas to make themselves stronger? Or to high pollution areas? Life is finite; life is fragile; ecosystems are fragile, especially software. Viruses and other attacks take away precious resources from doing good things in life with the resources you have. It's simply a waste of resources to have to armor and protect every website/house/place of business to the point of absurdity.
Ugh. Corruption is just so smelly.
he asserts that immunity is built by infection, and without it you would have a much weaker ecosystem.
So...without virus writers, our computers would weaker, easier to infect by virus writers? hmmm.
In other news, breathing is good for you.
You want some analogies?
Computers have varying levels of protection: We, administrators, play the role of t-cells, white blood cells, and macrophages.
So a computer 'ecosystem' is like a lan or a network; or even the internet. So the immune response? Train the users not to click attachments. Install firewalls. Install filters. Install anti-virus programs. Install patches.
Don't forget that systems aren't static! Windows Update, patches, new holes, etc, are 'discovered' and 'sealed' in organic, not deterministic, fashion. Likewise as new systems are brought into the network, they will/should have greater protection, according to patches, newer users with 'learned' behavior from prior attacks, and newer software.
You can't treat a computer network separate from the users, else you can't take into account trojans!
GPL Deconstructed
one cannot assert that without viruses, we'd have a weaker technical ecosystem. because, without viruses - 'security' wouldn't be a fitness test for ecosystem strength.
this statement is only valid if one assumes that a virus -will- eventually exist. and then, it is suggesting that the quantity of past viruses survived, should imply higher probability of survival in the face of this 'new' virus.
but it is fairly plain to see that each successive measure to defend ourselves is only a successful defense against the -last- virus. and in fact, that is all anti-virus companies do: they write code to check for the presence of virii they know to exist.
but does this make us any safer against the next virus? were we any safer from MSBlaster than we were from Nimda? (as an ecosystem as a whole)
the only -preventative- measures that give our ecosystem 'strength', is more attention to patches, more attention to system resources, diversity (not putting everything on a single mission-critical box), and redundancy.
these strengths, are lent to the ecosystem moreso from dealing with hardware failure, software bugs, system interoperability, natural disaster, and maximizing resources for free market competitive fitness; rather than solely from dealing with malicious code.
// "Can't clowns and pirates just -try- to get along?"
Why computer virus writers are useful and we should thank them.
SyS64738
08/25/2003
The title is obviously a provocation. I am considered a balanced personality but sometimes, I like to stretch things to the extreme and to provoke reactions. This article is one of my rare attempts to provoke you... or not?
Today, after the alarm caused by the fast diffusion of the Sobig virus, we are all talking about the reasons why virus writers are coding more and more viruses.
"They should stop, somebody stop them!" I hear all the time but... is this right?
We try to answer to this question with an interview with Professor Samuel D. Forrester, one of the most famous immunologists in the world. Dr. Forrester is on the run this year to get the Nobel Prize for his recent discovery of the mechanisms of aggression of over-reacting immune cells and antibodies. He teaches at the Immunology faculty at the Konigsberg University since 1986.
Zone-H: ZH
Professor Samuel D. Forrester: SDF
ZH: Thanks for having accepted to release an interview to Zone-H
SDF: Thank you, even if it is quite unusual to be interviewed by a computer security website.
ZH: Dr. Forrester, can you tell us what is the branch of the immunology?
SDF: Immunology is the study of the complex and sophisticated immune system. The immune system is a network of cells and organs that work together to defend the body against attacks by "foreign" invaders or germs. The body provides an excellent environment for germs. When they do break into a system, it is the immune system's job to keep them out or to seek and destroy them.
ZH: What is the job of the immunologist?
SDF: Clinical immunologists research new tests and treatments involving allergic and immunologic disorders of the immune system. They work with physicians in general practice and in hospital-based specialties to treat diseases using complex and sophisticated clinical techniques. The science of clinical immunology is a fast developing area of the medical profession. The role of the immunologist is increasingly important, both in laboratory work and in patient care.
ZH: Have you heard about the recent Sobig-F virus deployment?
SDF: Yes, I read something on the newspapers. Even if computer science is not my science, the topic of the computer viruses is obviously of my interest. See, many aspects of the traditional immunology and the computer viruses are in common.
ZH: And this is the reason why Zone-H wanted this interview.... Dr. Forrester, what do you think about computer viruses, what do you know about them?
SDF: Computer viruses are exactly like the normal viruses. They can kill you if your immune system doesn't work, but at the same time, your body should thank them if your immune system is today capable to protect you from deadly illnesses.
ZH: Can you please develop the concept?
SDF: It's simple: every time you get a cold, you sneeze. But you could die, actually. The only reason why you don't die is because your immune system has been programmed to react to the "threat" posed by a germ. It's a paradox, but it's the same germ that could kill you that trained your immune system to react when invaded.
ZH: And what makes the difference? How is it possible that a germ can kill you and the same germ can train your immune system making you stronger?
SDF: It's just a matter of doses. Like with wine, one glass every day makes your heart stronger and lowers your blood pressure, one bottle every day can kill you. This is the concept on which vaccines are based.
ZH: We understand that. Can we stretch the concept saying that a constant flow of germs, if received in the proper dose, makes the body actually stronger?
SDF: Absolutely. If hypothetically we could take two newborn twins and put one of them under a glass-dome and the other one straight into the dangers of the real world, guess who would survive in case of a serious plague?
ZH: The
Immunity is exposed by infection. It isn't created out of thin air as needed.
Yeah, tell that to my sysadmin pal - his boss decided last week that as a result of infection, all 3000 windows boxes were in need of manual patching, RIGHT NOW.
Computer viruses make systems more secure because if there weren't computer viruses, the systems would be more vulnerable to....um...computer viruses.
Car accidents make cars safer...
Terrorism makes a society more safe...
The USSR did huge studies on this, varying the flourine levels and getting statistics.
Mod the parent down. I can no longer sit back and allow communist infiltration, communist indoctrination, communist subversion, and the international communist conspiracy to sap and impurify all of our precious bodily fluids.
I think we can all agree that cracking is immoral. But put that aside for a second. The fact that cracking is simply possible means that someone will probably do it. Leaving your box open for attacks, which could in turn compromise other machines, simply because you're depending on the moral behaviour of someone else, is irresponsible.
Furthermore, I disagree that only damage can result. By assuming adverse behaviour, the result is a much stronger network, in which one malicious or malfunctioning node doesn't bring down service for everyone. Better understanding of network dynamics and network protection results from attacks, regardless of how much we hate them.
Toronto-area transit rider? Rate your ride.
It seems to me that viruses could be doing a lot more evil, yet they aren't.
The conspiracy theorist in me says that the 'virus-scanning companies are really the ones behind these pussy-ass viruses.
Since none of them do any real damage, it could be argued that antivirus companies create them, distribute them, then 'convieniently' have a fix ready. To cover their tracks, all viruses are 'hobbled' in function - if a virus happens to be traced back to them, AV companies can say it was a 'proof of concept' that was accidentally released.
To those who say that viruses are an unnecessary evil, I submit that if there were no viruses, that one would be 'accidentally' created eventually by self modifying code that will be used in more and more devices. With computer power increasing at its current rate, I predict that (rather, I hope that) software will be available to infer what the 'writer' wants and go ahead and create the code via genetic algorythims.
At some point, genetic coding would create something self-replicating and inadvertently release it to an fertile playground.
Ultimately, it comes down to human nature. We have viruses because we have people. For profit, or for glory - humans create these viruses. Just like humans, they aint goin nowhere.
The computer virus analogy is unusually good as electronic:biological analogies go. Let's not overextend it.
While virii do help organisms become stronger, we have to remember that evolution is a key player in this situation. For computers, it's not the same because operating systems do not evolve naturally. They are patched. They are designed. They can be resurrected on computers by formatting and starting over. While virus writers do help out by finding flaws, this is only really a side benefit.
Well, there's spam egg sausage and spam, that's not got much spam in it.
if real viruses could be created on your home computer just for fun, what would life be like? "Honey, could you get the update for the firewall on your way home?"
This is definitely an outrageous statement coming from a professional. Consider that viruses that humans get as opposed to computer viruses, are not created. Now we all know that some have been created, but not to the extent of computer viruses. How responsible would it be for the Center for Disease Control to create viruses unleash them with the monicker "Hey we did it for your immune system. Is this guy insane. Remember that people rely on electricity, so stop to think about all of the emergency rooms that had no power. Stop to think about surgeons in the middle of surgery who had power zapped on them due to a virus.
ZH: So you are saying that virus writers have their own role in the Internet system.
SDF: Absolutely.
This leads me to believe that some of these scientist create viruses and unleash them to the general public. Anytime I see this guy's name mentioned anywhere near the word government I would hope he is not under contract with them in any shape fashion or form for his lack of ethics.
To think virus writers have a purpose is the most ludicrous statement I've heard to date. Does this moron have a clue as to how much money companies spend in downtime due to some e-diots writing shit nobody wants on their systems. Does this e-diot have any idea how much time admins have to spend fixing machines, not to mention software developers working double time for a fix. What the hell is the net coming to?
MoFscker
You don't use flouride to kill bacteria in water. It is added as a form of mass medication to prevent tooth decay. Bacteria and other nasties in tap water are usually killed by chlorine or ozone (although there are other ways it can be done, such as using UV). Over chlorination is usually avoided because it makes the water taste bad, is hazardous if you REALLY overdo it, and because it is a waste of money. Too much ozone is hard on pipes. Too much flouride kills people with weak kidneys (well, actually if you get the levels high enough, it will kill anyone, but that's way above the level used in municipal water systems).
I like my beverages with warning labels!
Why computer virus writers are useful and we should thank them.
SyS64738
08/25/2003
The title is obviously a provocation. I am considered a balanced personality but sometimes, I like to stretch things to the extreme and to provoke reactions. This article is one of my rare attempts to provoke you... or not?
Today, after the alarm caused by the fast diffusion of the Sobig virus, we are all talking about the reasons why virus writers are coding more and more viruses.
"They should stop, somebody stop them!" I hear all the time but... is this right?
We try to answer to this question with an interview with Professor Samuel D. Forrester, one of the most famous immunologists in the world. Dr. Forrester is on the run this year to get the Nobel Prize for his recent discovery of the mechanisms of aggression of over-reacting immune cells and antibodies. He teaches at the Immunology faculty at the Konigsberg University since 1986.
Zone-H: ZH
Professor Samuel D. Forrester: SDF
ZH: Thanks for having accepted to release an interview to Zone-H
SDF: Thank you, even if it is quite unusual to be interviewed by a computer security website.
ZH: Dr. Forrester, can you tell us what is the branch of the immunology?
SDF: Immunology is the study of the complex and sophisticated immune system. The immune system is a network of cells and organs that work together to defend the body against attacks by "foreign" invaders or germs. The body provides an excellent environment for germs. When they do break into a system, it is the immune system's job to keep them out or to seek and destroy them.
ZH: What is the job of the immunologist?
SDF: Clinical immunologists research new tests and treatments involving allergic and immunologic disorders of the immune system. They work with physicians in general practice and in hospital-based specialties to treat diseases using complex and sophisticated clinical techniques. The science of clinical immunology is a fast developing area of the medical profession. The role of the immunologist is increasingly important, both in laboratory work and in patient care.
ZH: Have you heard about the recent Sobig-F virus deployment?
SDF: Yes, I read something on the newspapers. Even if computer science is not my science, the topic of the computer viruses is obviously of my interest. See, many aspects of the traditional immunology and the computer viruses are in common.
ZH: And this is the reason why Zone-H wanted this interview.... Dr. Forrester, what do you think about computer viruses, what do you know about them?
SDF: Computer viruses are exactly like the normal viruses. They can kill you if your immune system doesn't work, but at the same time, your body should thank them if your immune system is today capable to protect you from deadly illnesses.
ZH: Can you please develop the concept?
SDF: It's simple: every time you get a cold, you sneeze. But you could die, actually. The only reason why you don't die is because your immune system has been programmed to react to the "threat" posed by a germ. It's a paradox, but it's the same germ that could kill you that trained your immune system to react when invaded.
ZH: And what makes the difference? How is it possible that a germ can kill you and the same germ can train your immune system making you stronger?
SDF: It's just a matter of doses. Like with wine, one glass every day makes your heart stronger and lowers your blood pressure, one bottle every day can kill you. This is the concept on which vaccines are based.
ZH: We understand that. Can we stretch the concept saying that a constant flow of germs, if received in the proper dose, makes the body actually stronger?
SDF: Absolutely. If hypothetically we could take two newborn twins and put one of them under a glass-dome and the other one straight into the dangers of the real world, guess who would survive in case of a serious plague?
ZH: The
All of you saying this is a pile of shit are mostly wrong. Think of a computer virus as something like a cold virus. It's a royal pain in the ass but it's not going to kill you. Look at how many systems have become more secure as a result of the viruses/worms that have spread over the past few years. Consider how pathetic security was before all this. Now think of a malicious cracker or a terrorist network hacking into any and every computer on the net. That scenario becomes much less likely if people are forced to secure their systems first. I only hope that enough of these mostly benign worms go around before someone releases something really nasty.
... they provide you with a near weekly reminded of why you shouldn't use Windows! ;)
-- james
there is nothing new about this idea; it's bean around for years. taken out of context, however, it leads people to the erroneous conclusion that if a bunch of virii are let loose on the net, all the systems that survive will somhow improve. to extend the bio-system analogy, that would be like dropping anthrax in time-square, figuring that whoever made it out would be better equipped to survive an attack. in reality, however, bio-systems are strengthened through either eons of evolution, or limited exposure to weakened strains. to extend this analogy, having a bunch of OS developers sitting in an isolated area studying the effects of a virus on a discreete system, then applying what was learned to the next itteration would help. thinking that letting worms loose to imporve the net as a whole is pure hooey.
!(^((ri)|(mp))aa$)
In this interview he asserts that immunity is built by infection, and without it you would have a much weaker ecosystem.
This is really just an unhappy coincidence brought on by what is really a poor analogy.
By his analogy, we should thank burglars for helping create better security systems. We should thank child molesters and child beaters for helping us create tougher child abuse laws. WWe should thank police brutality for making us more vigilant of abuses of police authority. We should thank the 9/11 terrorists for helping toughen up airport screenings.
While in some measure your statement has validity, it doesn't quite get the point.
In the creation of antibodies and other receptors in the immune system, cells literally rearrange their chromosomal DNA to create antibodies with different specificities. That means each cell has a different potential specificity. When the body gets exposed to a new pathogen, it probably has one or two cells that will make an antibody that can respond to it. If it does, it only has a very few cells that make appropriate antibodies -- in effect, at the moment of exposure, the body has no immunity, only the potential for immunity. Those cells have to be stimulated to reproduce and develop into specialized antibody factories before the body has anything sufficient to fight the infection. The immunity gets created based on existing potential.
Immunology works as a metaphor. The analogy in this case is the following:
A virus is released. Several people have the knowledge to patch the security hole exploited by the virus. The larger system of users does not become immune until those with the knowledge write and distribute the patch. The patch doesn't exist before the virus challenges it. It gets created out of existing potential.
If I remember my immunology right, he's not wrong.
Threats are handled in a couple of ways. The body can mount an untargeted 'kill it' response that doesn't depend on prior exposure. At the same time, specific cells detemine the chemical structure of the assault and build specific response chemicals (antibodies) that are used in subsequent attacks. The body does build a completely new antibody to a new threat - it's not just exposing some already there antibody. This is why innoculation against last year's virus doesn't help this year. Your survival isn't dependent on what antibodies you have but rather on your ability to create new and successful antibodies when required.
Dogu
He's not saying that a world in which no viruses were created would have more security problems. Rather that a world in which no viruses were released into the wild (but in which viruses continued to be developed) would be very susceptible. Even better: if there were two completely disconnected internets (call them Europe and North America before 1492) only one of which had viruses released onto it then the other internet would be a security train wreck waiting to happen. The absence of such a large virus proving-ground explains why the propagation methods of most viruses are flawed.
This might have been true if there wasn't an OS monopoly. Microsoft has no truly compelling reason to stop writing buggy software. 90% of the software market will use thier stuff regardless. Viruses apply to 'survival of the fittest' models, which unfortunately doesn't apply here.
"as plurdled gabbleblotchits on a lurgid bee" - Prostetnic Vogon Jeltz. (One man's humorous is another mans flamebait)
Hah! The Warsaw Pact countries were behind this fluoride thing afterall.
How can you know how good you have it if it's not even possible to have it any other way?
In other words: I don't use a Mac because I dislike Microsoft, I dislike Microsoft because I have used a Mac.
Thank you professor Forrestor - you have been exhastive.
Carpe Daemon
As most of us know (the article's been slashdotted, so I don't know if it's there), vaccines actually work by inoculating a small quantity of the agent into our system so that our immunodefensive system can learn how to combat it when it comes back full force.
... No? Well, there's nothing wrong with letting him play in the rain, then." And indeed there wasn't. Now I don't care about the cold, I'm very resistant to common disease and pain (I once had an ingrown toenail that I foolishly let grow and infect, and the podologist said it was the biggest she'd ever seen and exclaimed "It must hurt like hell!" and my genuinely surprised reply was "It's supposed to hurt?"). When most people I know catch the flu and so do I, they're floored for two weeks and load up on antibiotics (which don't make a fucking difference because the flu is a virus and antibiotics only kill bacterias!), and I just sniffle for a few days and go on with my life like nothin'.
When I was a baby and a kid, my parents let me walk on the floor naked, put things in my mouth and all things that most parents shriek at. But the consequence is that my immunodefensive system got extremely strong very soon, so now I don't have any problems. In kindergarten and school I would drive teachers mad because I'd play in the rain with only a shirt on, and they'd call my mom and she'd simply reply "Well, does he get sick?
I know it sounds like I'm recounting all of this just to brag, but it's actually to prove a point. Most people will cover up with a bunch of sweaters (especially their children) whenever it's a bit cold, or it rains. We're not made of sugar! The rain won't melt us! It's good to be a little exposed to the Bad Things of this world, because it's the only way we can fight them when we get really exposed.
Flouride keeps your teeth clean, however it is poisonous. Granted, in small doses, there seem to be no negative effects. However, if you think years and years of flouride won't hurt you, you're kidding yourself.
Getting old does not mean getting sick.
"Yeap, he's dead... but damn, look at those teeth!"
Spoon not. Fork, or fork not. There is no spoon.
So, are the ordinary Internet user with virus checker protected against the following?
1. Dynamic code unrolling (privatized unzip algorithm)
2. Stack corruption opportunity hijacker
3. stealth trojan distribution
4. encrypted homing control channel
5. subervise subchannel carrier over TCP or IP option field or unused media bits?
Then you would have to use NetBSD operating system (latest and greatest in security).
And clearly the virus outbreaks of the past do nothing more than make the public sit up for a moment then forget about it. Too many people still don't have anti-virus protection, despite previous outbreaks. Every year there's some virus outbreak or other, despite all the fuss made over last year's outbreak. I don't see any real changes or improvement happening here.
A non-malicious demonstration of an exploit in question, perhaps?
White-hat are the innoculants of the software world. Of course, it's up to the company on the receiving end whether they patch up their servers or sue the good samaritan under the DMCA.
So in short, the virus fighting elements should first actually be part of the OS before this analogy would make any sense.
If nobody wrote viruses or took advantage of insecure systems, computing would be much cheaper and everyone would lead a happier life, except maybe the people at Norton.
You can lead a horse to water, but you can't make it dissolve.
Ok, so every virus writer on the planet has left your machine alone. It's running fine and has never been patched. You surf all day long with no more than a pop-up ad. Then comes the horde of flying saucers who tap into the internet and take over all of the PCs using the RPC flaw, thus using our own global network against us. Your PC is but the first to fall.
Meanwhile, everyone else has patched their systems, and is now joining in on the offensive. I, for one, Welcome our new alien overlords, but you will be one of the slaves building the giant statue of Kang.
Do you feel the same way about burglars, rapists and murderers?
"I dont care about catching rapists, so long as they rape your mother/sister/wife and dont come in my house."
So your saying it is just as bad for someone to infect your computer with a virus, as it is to for someone to rape your mother/sister/wife?
It's really a moot point, because most viruses exploit vulnerabilities we don't know about yet.
Sorry, but that statement is just plain wrong. Almost EVERY virus/worm takes advantage of well-publicized vulnerabilities. In the overwhelming majority of cases, the fix is already available well before the virus arrives. Since patches were already available weeks in advance of the first appearance of "in the wild" viral code the recent widespread outbreaks tells us that the problem lies in getting new security patches in place, not in discovering them.
Life is short: void the warranty.
The professor compares the internet to the human body. I think he's incorrect in this. In the case of a human body - if you get a virus that you have no way of defeating, you die. Better would be to compare the internet with a population. A really nasy biological virus will wipe out a large portion of the population, but hopefully the diversity of the population will mean that someone will have an immunity or at least be capable of creating one, and that immunity will then spread through the population using the standard principles of natural selection. This is a good argument for keeping the diversity of computer systems connected to the internet high.
Imagine that every IP on the internet is running Windows. Now imagine a really nasty worm that exploits an, as yet unpatched, hole. The whole internet dies almost instantly. However, if the population is diverse then only a percentage is lost and the remainder can be used to rebuild those losses.
As much as I hate to say it, we're going to have to keep Windows around for operation "Human Shield".
Carpe Daemon
One of the weaknesses of a group mind - they never wrote any software viruses, so they never learned to build anti-virus software. If they had A/V software, we never would have been able to send them that virus to drop their shields.
If it weren't for hackers and virus writers, there would be no defence mechanisms against major attacks. If sobig was the first malware we'd ever seen, the net would be so screwed right now...
Linux is only strong because hackers have historically 0wn3d boxen for their useful features. That's how I learned my lesson, and now I take care.
Windows historically has had lousy connectivity, so it's blight has been through virii. Now that's getting better, it's the turn of the worm.
Now for those antibodies....
You fool! You've given cheese to a lactose intolerant volcano god! Do you know what that means?
Good to be reminded that what ever kind of 'world leader' you are you can still talk utter bollocks without alcohol.
There's a difference between the biological and electronic systems. Biological threats are always external and can randomly mutate. If we don't have a good immune defense, a small random mutation or exposure could kill us.
However, what if there were *no* viruses or bacteria (forget the fact that this is biologically impossible...), in this case, what use would the immune system be? If we eliminate electronic viruses, what will our systems have to be strengthened against?
In this interview he asserts that immunity is built by infection, and without it you would have a much weaker ecosystem.
If we didn't have viruses we wouldn't need immunity from them.
I think he is implying Darwinism. I.E. Those that do not adapt to virii attack, become extinct.
The problem is that those who survive get better at surviving viruses, but that diverts energy away from the constructive activities that we could be undertaking if we weren't defending ourselves from the unholy alliance of Bill Gates and half-assed teenaged code wankers.
Weed out the week and stupid, leave only the competent. We need less computer users anyway. We can go back to good old BBSing and a USENET free of assholes.
I don't recall that BBSes and USENET had fewer assholes back in the day, though I'll grant you that fewer of them were dumb assholes.
Proud member of the Weirdo-American community.
Surviving a flu virus does NOT improve your resistance to plague. In fact, it doesn't necessarily even improve your resistance to the next season's flu variant. The immune system is very specific. With very few exceptions, immune resistance is absolutely disease specific. Nietzsche was not an epidemiologist: what does not kill you usually makes you weaker, more susceptible to the next infection.
to err is human, to forgive is divine, to forget is... umm...
There are "safer countries" with regards to viruses, too: Os X, Linux, BSD, Plan 9, etc. Microsoft is to viruses what the US is to crime (the "less civilized" bit is wrong, unless it's being tautological; crime is worse in the US than in many less developed countries.)
By the reasoning of the article, Microsoft operating systems are enjoying the benefits of a challenging environment in which to evolve, while the others are not.
I think the original viruses-as-Darwinian-pressure analogy is far less apt than the viruses-as-crime one is. Are computer systems better because we now have a thriving market in antivirus software? Is a crime wave a good thing because it encourages businesses to hire armed guards (passing the costs on to the consumer), thus making the business "stronger?"
Sometimes it's not a matter of "that which doesn't kills you, makes you stronger." Sometimes it's "that which doesn't kill you, almost killed you."
Of course, you know that viruses are actually written by the same people who write the virus checking software... It's a clever scam to create a software business out of nothing :)
"I've been thinking about how wonderful it would be if all people renounced violence forever."
"That's a beautiful thought, Dogbert."
"If nobody else was violent, I could conquer the whole stupid planet with just a butter knife."
~ Dogbert and Dilbert, Dilbert by: Scott Adams
Aliens are attacking the earth(of course represented by the US) by sending a virus/worm into the internet. But wait, it doesn't infect anyone, not even Windows machines. Fast forward to mandatory speach by whoever is US president at the time "Thank you sobig.F ! And God bless america"
As I interpret the sentiment, the author is saying that the internet will "evolve" to be more resistant to the bad effects of virii.
That "evolution" may not be in a direction that we would regard as desirable.
For instance, introducing per packet fees/taxes would be a highly effective way to deal with both virii and spam, as it would impose both a disincentive for mass-mailers (affecting both spammers and clueless users whose systems become "owned"), and much improved traceability (anonymous mailers can't be billed, so they don't get serviced).
The open, "public" interent would quickly give way to an all-commercial/goverment (exempt from fees, of course) internet that was largely free of spam and virii.
One of the nicer aspects of trying to preserve the weak along with the strong is that it expands diversity and possibility. Give me a world with antibiotics and medical infrastructure any day over trying to make it on the merits of my own immune system.
I prefer the notion of exterminating virii (and spam) as opposed to surviving them. We just have to be sure that the cure is not worse than the disease.
Do Linux, BSD, and Mac OS X have enough people checking for security flaws? Or do all these viruses actually HELP windows catch up?
Will windows eventually become better as a result of all these attacks?
Democracy Now! - uncensored, anti-establishment news
First of all, perhaps it's better to think of IT/programmers/security-experts as the antibodies, rather than the antivirus software. The whole thing makes a little more sense.
Antivirus software and security software developed originally on simpler systems to fight against simpler attacks. This correlates to an immune system learning to fight more resilient viri by training on the common cold. Not such a stretch.
And it's the programmers/IT who learn to adapt. This leads to better antivirus software/firewalls/security procedures/whatever. If we had not developed this technology/know-how over time, and then were hit all at once with SoBig, the damage would be far more extensive. And, inevitably, someone will write something 50x worse than SoBig, and then the argument can be made that the experience with SoBig was helpful in preparing us.
In addition, it brings up and interesting idea (for me, anyhow) that perhaps we should be looking at biological defense mechanisms as models for developing analogical computer defenses (ones that are adaptive and all).
You could do a little beter than just dynamic code unrolling. Each time the virus propagates, it needs to rewrite parts of itself at the machine code level, so that the bitpattern changes. For example, there's more than one way to zero a register (XOR with self, subtract from self, move immediate zero to self) and there's more than one way to add a constant (add one, subtract -1). This would make viruses harder to identify.
Viruses also need to propagate decoys. For example, 65 gigabytes of simple pattern, bzip'd, is less than 100k. So, to thwart scanning of compressed files, send around lots of compressed nothing, that will bog down the scanners. That will cause people not to use them.
SoBig's rendezvous scheme was also pretty silly. 20 fixed IP addresses? Get real. Each virus should carry around (say) 100 IP addresses, and as it propagates it should randomly replace old addresses with new ones (dynamically assigned IP addresses would give this some trouble -- imagine that, variable IP addresses as a good thing). That way the viruses form a mesh that is not vulnerable to the loss of just a few links. Communications over the mesh would need to be public-key-signed, so that it could not be hijacked by people attempting to trace the behavior of the virus.
It could also tear apart its "next step" into pieces so that anyone intercepting just a few copies of the virus would be unable to tell what to do. At the activation time, it could do peer-to-peer reassembly of the Next Step, either using simple cut-and-paste, or using something more clever like Reed-Solomon coding so that it need not be so picky about exactly which peers it finds. (The peers, of course, must be programmed not to reveal their part of the Next Step until after the activation time.)
There's also been not nearly enough multi-mode propagation. An email virus combined with a few buffer-overflow attacks could get in behind a firewall and make a thorough mess of things.
The virus could also undertake a DDOS against all the usual suspects after it had achieved critical mass (similar to the behavior of actual bacteria as individuals, versus as a group) to make it difficult to receive security updates or news.
So, yeah, life could get plenty interesting.
Anyway, it seemed like the ZoneH guy was just skimming the surface of the similarities/differences of computer and human viruses, basically just trying to get a professional immunologist to confirm how "cool" and beneficial viruses are. Trolling, if you will.
The old adage "What doesn't kill you will only make you stronger" is applicable towards humans, since our immune system builds a defense by sampling new pathogens and working to defend the body against further attacks from that particular strain of pathogen. Does this really work when applied to computers though? It seems that although there's antivirus apps out there to protect your computer against new attacks, computer viruses are a pretty binary thing: either you're infected (and pretty much fucked most of the time), or you're not. Whereas with humans, it's possible to have a minute amount of a pathogen in your system in order to build a defense against it. One could argue that that's exactly what antivirus apps have in their signature database, although I don't totally buy it. That's more analogous to a mother passing on her immunological "database" to a child at birth through ImG and ImM (IIRC) via the ambilical cord and breast milk (later on, when the child's born). The child is protected, but because of a third party's intervention...much like my laptop using Norton's AV database of known viruses.
For me at least, it would have been interesting to see what this guy thought of polymorphic computer viruses. Pretty fascinating stuff, really...a virus who's characteristics change in order to defend against antivirus detection? Same payload and effect, but different signatures everytime? Why couldn't they have talked more about stuff like this?
Just my 2 cents.
"Hell hath no fury like a woman scorned for SEGA. ..."
{Of apples and oranges}
This is the sort of flawed logic that arises from the use of analogies. I mean you can't define one system by using facts from another system and expect it to be completely accurate, they are different systems, if they were the same system you wouldn't need to use analogies; they'd be the same...
A computer virus is not naturally occurring so it should not be compared to something that is naturally occurring.
So, with that said, here is my analogy on why this is flawed. "Hey Biff I have a truck to help you move". Ned shows up with a car, Biff says, "Where is your truck?" Ned says "a car is like a truck"
I also must disagree with the good doctor. "SDF: Computer viruses are exactly like the normal viruses." They are not exactly alike, they may have similar characteristics but they are not exactly alike. I am a security administrator for a Fortune 500 company, that does not qualify me to publish a study in The Journal of the American Medical Association, so when they come to interview me, which I am sure they will, about this seasons flu, I will decline.
500 dollar reward for tip(s) leading to the arrest of the person(s) who stole my sig.
Hmmm. She told me I was the only one.
Forget thrust, drag, lift and weight. Airplanes fly because of money.
Cats were considered to be small demons by the excessively-Chrisitan (and excessively stupid), and routinely killed. This allowed the rats (and thus, the plague) to spread unchecked. Delightfully ironic -- who in this case was doing Satan's work, the cats, or the cat-killers?
========
Together, we will drive the rats from the tundra.
--
Sort of. The genes that code for antibodies contain "hypervariable" domains that mutate much more often than normal genes. This causes the body to be continually generating antibodies against completely random targets. The neat part is, that if you feed the body something to which one of those random antibodies can bind, then the cell that makes that antibody gets a big proliferation signal, makes many copies of itself and more-or-less ensures that that particular antibody becomes permanently expressed.
So, clinical immunization depends on feeding the body a thing that looks a lot like live virus/bacteria/etc, but which won't cause sickness. The immune system gets to do target practice on the dead virus, creates or reinforces the B cells (T cells? ...could never keep them straight) that target those particular epitopes.
There is no listing for virii, but Dorlands Medical dictionary (probably one of the most widely used ones), lists viruses as the plural of virus. There is no medical word virii. I have never heard any of my medical co-workers use virii - we all use viruses.
..........FULL STOP.
I reject the notion that my inaction would make me bear any sort of responsibility for someone else's criminal actions. That's like saying a woman who dresses a certain way deserves to get raped.
Of course, that being said, I am not going to make it easy for them, not because of any sort of ethical obbligation, but rather because I don't want to subject myself to the inconvenience.
You're using her as bait, Master!
yes, it is all part of Microsoft's security initiative!
It's he the one that put Joel through all of those B grade movies on MST3k? So he does have a real job?
What doesn't kill you makes you stronger...? I think we've all known this to be true for years.
I run CP/M, and has had no problems with viruses etc. Time for you guys to migrate to a secure OS!
using that, and the story posted earlier about windows being insecure by design, shouldnt it have become extinct by now?
but it hasnt, thus this isnt darwinism.
turn up the jukebox and tell me a lie
...or at least just a troll. Google for Professor Samuel D. Forrester and Konigsberg University. They exist only in the mind of the article's author.
Think about it.
BSD is designed. Linux is grown. C++ libs
virus writers are useful...he asserts that immunity is built by infection
So what he's saying is that virus writers are useful because they create viruses, which teaches us to make hardier computers that can resist viruses. This seems like a tautology to me. We should be thanking virus writers because they teach us to fight viruses? Viruses that we wouldn't have to resist if these luzers wouldn't write them in the first place?
Seems kind of like a burglar busting into your house and cleaning you out, and you thanking him because he showed you that you need to install an alarm system.
get a Mac
Slashdot Eds Link Anonymous Posts With Logged Posts
They Are Vermin Feeding On Each Other's Feces.
I Hate \.
Then you have the Microsoft species, which maybe has one or two chromos in its whole makeup. With this species, the genetic disposition is for such a bloated, yet simplistic organism that has a very slow capability of learning. A big blob that tries to swallow everything up, but no immune system.
The irony (if I'm using that word correctly) is that in the animal kindgom where there is a mix of advanced and simple organisms, the simple organisms will generally tend to evolve quicker than they normally would because of having to compete with the advance organisms. So why does it seem Microsoft, which is surrounded by very advanced organisms, only ever seems to plod along and make the same mistakes with each new version?
--
Luck is just skill you didn't know you had.
One would think they have had enough viruses for a long enough period of time to have caught up by now.
I don't buy that virus infections will help that much in the long run. Most of the times, a quick patch is rushed out. More important to long term security would be code reviews and coding practice changes as a reaction to virus infections. This is why I don't see MS ever catching up to someone like OpenBSD, where proactive measures are taken.
The war against viruses, worms, and exploits cannot be won in a defensive struggle. You have to go on the offensive.
Usenet without assholes is like donuts without donutholes. I'm not sure how the creme gets into assholes, though.
A better analogy for your point would be that I should expect to be able to walk through a crime ridden neighborhood at 1am without being mugged. The response is then that everybody would *expect* to get mugged if they walked through a crime ridden neighborhood at at 1am, so while being mugged isn't your fault per se, and you aren't any less of a victim, it isn't a big surprise.
However, given the number of women that dress provacatively that don't get raped, and the number of women who dress more conservatively and get raped anyway, makes me doubt the strength of a casual relationship between how a woman dresses and the likelihood of rape. Also, a woman dressing provacatively doesn't fear impending rape, while most people probably would fear impending assualt while walking through a crime ridden neighborhood.
Anyway, the point is this: the internet is a crime ridden neighborhood after dark right now. That's not the way it should be, and not the way it will always be, but for the forseeable future your only real security will come from your ability to protect yourself.
It's nothing but crumpled porno and Ayn Rand.
One benefit of having a variety of viruses in the wild is that they help provide guidance when it comes time to choose an operating system.
Ahh, if only your Darwinian dream were able to come true. *wistful sigh*
From Wikipedia:
"Slashdot consists of submitted articles and a self-moderated discussion on each story. In response to the stories, large masses of readers rush to view referenced sites. The ensuing flood of page requests, known as a slashdotting, often exceeds the ability of the site to respond in a timely manner, rendering the site slashdotted and, for many visitors, unavailable for a time, occasionally exceeding the site's bandwidth limitations. 'Slashdotted' is sometimes abbreviated as '/.ed'."
This year the University of Calgary in Alberta, Canada is offering a course on how to write virii. The reason for this is that they think that knowing how to write one will help people write software to protect against them.
--- to swing on the spiral...
This is simply another way of stating that what doesn't kill you makes you stronger.
Unfortunately the corollory is that what doesn't make you stronger can only kill you.
Green Monkey san
After reading some of the comments, it seems that people agree that almost all viruses used lately are somewhat harmful, but not as bad as they could be.
What was the last virus that really did exploit a serious security hole to the worse possible extent? SQL Slammer maybe? I would imagine that any virus that has access to run a process on a remote machine with administrative rights could do some real, permanent damage (e.g. delete all system files that don't happen to be in use at the time).
Why do virus writers write malicious viruses that aren't *that* malicious (or at least as much as they could be)? I mean, some of those lately are set to expire! Do they hope that if they get caught, the judge will go easier on them since it "wasn't really that bad"?
"Truth is not decided by majority vote" consensus gentium -- Norman Geisler
someone moderated the two previous posts at this level as flamebait... i guess this person dislikes having their precious religion questioned
Really? Anybody care to enlighten somebody who always thought mosquitoes were prime candidates for the species-nobody-would-miss-if-they-became-extinct dept?
..makes them pay attention. Otherwise, Microsoft seems to ignore security holes unless there are lots of complaints.
It works like this: Nice virus => Morons^H^H^H^H^H^HUsers Complain => Microsoft Patches Hole => *your* files are safe.
Of course, that is, if you keep your sensitive data on Windows, which you shouldn't, really:)
OTOH, a real life virus only makes you immune to *that*same*virus*, which uses up your immune system capacity and is useless against all other viruses (in most cases).
Why stop there? Why not weed out the month and the stupid? Or the year and the stupid?
http://www.rootstrikers.org/
In nature, viruses generally arise by mutation-and new viruses are relatively frequent.
In computers, viruses are a relatively less frequent event and arise by conscious intent.
I tend to think the right way to handle this:
create a controlled test bed for virus propagation. Offer rewards for folks that can get a virus to propagate in that environment-and use that information to immunize the OS. Personally, I would love it if Redhat would do something like this with the goal of making the stock installs more resistant to newer viruses. Basically, I would get a team involved and reward the team based on how long the mainstream release goes without a virus vulnerability.
Without computer viruses, he couldn't have saved the world.
Some people have a way with words, and some people, um, thingy.
I think viruses, hackers, and bugs all play an important role in getting people to use computers properly:
It teaches as a cheap and easy explanation to end users as to why you shouldn't put complete trust in computers. Computers are great tools, don't get me wrong. Still, so much can go wrong, and inevitably will. My parents were surprised when their hard drive went bad for no reason whatsoever, but they had a backup... Why? Because I told them viruses were coming after them, and without backups and Norton Internet Security, the viruses would eat their grandchildren.
Everyone has this crazed view that everything must be done on computers, because computers are perfect and will replace mankind in every task due to their perfect execution of logic.
Two words: bull and sh*t . Computers are great tools for people to executs some tasks more efficiently, but we (mankind) always need to maintain the ability to function without them. Computers break down, and data gets lost, and personal data gets stolen. Computers shouldn't be trusted, because they aren't smart enough to protect the data important to you, and often are not as reliable as a paper backup.
And if they ever do get smart enough, watch out! What's going to happen when SkyNet launches the missles, huh? Oh, I'll be hiding in a bunker with no computers newer than 1965.
I think they have no choice. In addition the horrid licensing schemes and bad business practices (most of which the common public is not aware of anyways), viruses and hacks are a major bane of MS products. If anything, I think that such problems are one of the major points causing people to look at alternate solutions. Many have pointed out that perhaps this is the point of current viruses such as slammer, to point out what a joke MS "security" is.
Now, push the fast-forward button. Microsoft doesn't improve security, they lose customers. Licensing schemes get worse... they lose customers. In the end, I think that we will see improvements in windows, or we'll see windows dying and linux improving where it once treaded (to make up ground). Personally, I'm not so attached to linux that I wouldn't shell out for MS if they managed to make a decently secure product without an insane license. And there are improvements... just try running an old 95 machine and see how many times it crashes over XP...
Since when do the orderlies who change bedpans talk about viruses in the first place?
As always, another flawed analogy. Virus writers manufacture the virii with express purpose to cause damage (in the worst case), while natural virii only cause damage as a side-effect. The better analogy would be (evil) scientists in the lab creating man-made bilogical virii to kill people. And we certainly don't want that, nor do we think that would help us in any way. The difference is intent combined with the knowledge of specific flaws to exploit.
Taken the other way, bugs or mistakes in programs may unintentionally create havoc in a system, and we should fix those. But they are not intentionally malicious, designed to take the utmost advantage of a flaw and cause the most damage. A biological virus is trying to replicate and survive, and does not exist merely to kill its host.
Virus writers also bring out the compulsiveness in people.
Just open the attachment for an awesome screen saver...
Learn something new.
If it wasn't for the virus writers would we need the immunity they so kindly supply?
i.e. If it wasn't for the crooks in the first place would we need such things as locks in the second?
Evolution rarely swaps out your eyes and gives you a brand-new pair of assholes every generation.
Sure I'm paranoid, but am I paranoid enough?
I think he is implying Darwinism. I.E. Those that do not adapt to virii attack, become extinct.
.edu /corp....you must be new here.
After Msblaster, well, would that it were true.
I just got through with a machine that hadn't had virus defs updated in #3++ years!
Sircam everywhere! Oye.
Weed out the week and stupid, leave only the competent.
Hi! Welcome to Slashdot/state or fed gov't/
We need less computer users anyway.
Hummm...I'm honestly torn between agreeing with you and not...so many reasons (the stock of alcohol I have now because of blaster is quite large) Ok, I agr...err...I'll drink to that!
We can go back to good old BBSing and a USENET free of assholes.
USENET free of assholes? I thought it was comprised of assholes... where else does all that good/bad/indifferent shit come from?
Yep, assholes.
Have you read the moderator guidelines? Well, have you, PUNK? (and I want a Karma: Gnarly option)
If Linux systems aren't getting targetted by viruses, it can only mean one thing.
Virus writers are pro-Linux and anti-Windows.
Thanks, Henry.
oh brave new world, that has such people in it!
That's correct. No need for a police force.
Now, when a criminal does arrive from some far off land, no one is prepared for it.
This is a fallacy. While there's no need for a police force in a crimeless society, it doesn't mean that people would have no defense against it. There are several reasons for that:
- people will know that there's crime in other countries, so some kind of security or vigilance against foreign criminals would be likely to happen.
- a reduced police force could be maintained for emergencies (crowd control, psychosis induce crimes, etc.) so they would be able to handle a few criminals
- Ordinary citizens could be able to defend themselves, either using guns or just their wits/defense trainment. There are millions of people around the world skilled in martial arts, knife bearing criminals aren't a tough challenge for them.
- Probably some kind of army would be maintained (even if not permanent), because crimeless doesn't imply in without enemies (or terrorists).
- Some people may commit crimes (and be labeled criminals) because they don't realize they're breaking some law or they think the law is unfair (civil disobedience anyone?). We still need police in these situations.
People don't need to be threatened to develop defenses against attacks.Disclaimer: If I disagree with you I'm probably trolling...
Sure, an automated scanner (such as a mammalian immune system) trained on one virus won't necessarily find another. But the techniques learned by human minds that have studied one virus will apply to the next virus. For example, the way to prevent e-mail worms from spreading is to execute any attachments in a sandbox that cannot open a network socket, and that will apply to any worm that uses e-mail or Usenet attachments as a vector.
Will I retire or break 10K?
the sweet just ain't as sweet.
But there is another kind of evil that we must fear most... and that is the indifference of good men.
Remember about American Indians and people from Polynesia? The arrival of germs brought by Spanish and French invaders mostly exterminated them. The few of them whose immune system was strong enough and trained enough to sustain the arrival of new germs, have survived.
Mmm hmm. And we good old British WASPs played no role in that at all, eh?
I'm not saying that the French and the Spanish did nothing. But the spread of smallpox among t North American plains Indians was almost wholly the fault (even conscious in some cases) of the English-speaking settlers coming from the east.
Maybe I'm nitpicking, but the convenient omission of the now-dominant national group kind of pissed me off.
I'd have to say I agree with the sentiment--these people are losers (I'd use stronger language, but ... I don't use stronger language) and we should call them such. The fact that the good guys can make something good come out of something bad, doesn't make that bad thing good, and it certainly doesn't earn the least bit of gratitude for the losers who prefer to create trouble than help fix it.
The people we should be grateful to are the one's who respond to the virus writers--they're the one's that make us stronger.
If your hard drive is wiped out by a virus, if you lose irreplacable data, if you have to waste time removing a virus, are you supposed to smile and say "I'm sure glad I had this opportunity to get stronger"? If these people want to earn ANY gratitude AT ALL, they should be writing COMPLETELY benign virii, if anything--perhaps install something that generates a popup whenever someone's computer launches that tells the person that their computer is vulnerable, and tells them where to find the info/tools to fix it. And don't hog all sorts of bandwidth in the process of spreading the good word. If these people had the decency to carefully construct tools to do this, and ensure that they weren't going to cause problems, you might convince me to be grateful. Till then, they're losers.
Convert RSS to HTML - integrate webfeeds into your website
Why computer virus writers are useful and we should thank them.
SyS64738
08/25/2003
The title is obviously a provocation. I am considered a balanced personality but sometimes, I like to stretch things to the extreme and to provoke reactions. This article is one of my rare attempts to provoke you... or not?
Today, after the alarm caused by the fast diffusion of the Sobig virus, we are all talking about the reasons why virus writers are coding more and more viruses.
"They should stop, somebody stop them!" I hear all the time but... is this right?
We try to answer to this question with an interview with Professor Samuel D. Forrester, one of the most famous immunologists in the world. Dr. Forrester is on the run this year to get the Nobel Prize for his recent discovery of the mechanisms of aggression of over-reacting immune cells and antibodies. He teaches at the Immunology faculty at the Konigsberg University since 1986.
Zone-H: ZH
Professor Samuel D. Forrester: SDF
ZH: Thanks for having accepted to release an interview to Zone-H
SDF: Thank you, even if it is quite unusual to be interviewed by a computer security website.
ZH: Dr. Forrester, can you tell us what is the branch of the immunology?
SDF: Immunology is the study of the complex and sophisticated immune system. The immune system is a network of cells and organs that work together to defend the body against attacks by "foreign" invaders or germs. The body provides an excellent environment for germs. When they do break into a system, it is the immune system's job to keep them out or to seek and destroy them.
ZH: What is the job of the immunologist?
SDF: Clinical immunologists research new tests and treatments involving allergic and immunologic disorders of the immune system. They work with physicians in general practice and in hospital-based specialties to treat diseases using complex and sophisticated clinical techniques. The science of clinical immunology is a fast developing area of the medical profession. The role of the immunologist is increasingly important, both in laboratory work and in patient care.
ZH: Have you heard about the recent Sobig-F virus deployment?
SDF: Yes, I read something on the newspapers. Even if computer science is not my science, the topic of the computer viruses is obviously of my interest. See, many aspects of the traditional immunology and the computer viruses are in common.
ZH: And this is the reason why Zone-H wanted this interview.... Dr. Forrester, what do you think about computer viruses, what do you know about them?
SDF: Computer viruses are exactly like the normal viruses. They can kill you if your immune system doesn't work, but at the same time, your body should thank them if your immune system is today capable to protect you from deadly illnesses.
ZH: Can you please develop the concept?
SDF: It's simple: every time you get a cold, you sneeze. But you could die, actually. The only reason why you don't die is because your immune system has been programmed to react to the "threat" posed by a germ. It's a paradox, but it's the same germ that could kill you that trained your immune system to react when invaded.
ZH: And what makes the difference? How is it possible that a germ can kill you and the same germ can train your immune system making you stronger?
SDF: It's just a matter of doses. Like with wine, one glass every day makes your heart stronger and lowers your blood pressure, one bottle every day can kill you. This is the concept on which vaccines are based.
ZH: We understand that. Can we stretch the concept saying that a constant flow of germs, if received in the proper dose, makes the body actually stronger?
SDF: Absolutely. If hypothetically we could take two newborn twins and put one of them under a glass-dome and the other one straight into the dangers of the real world, guess who would survive in case of a serious plague?
ZH: The secon
Can someone point me to the web site of Konigsberg University, mentioned out in this article? How about something written by Samuel Forrester in a peer reviewed journal? How about something Google or any search engine that refers to him? If he's one of the world's leading immunologists, I'd like to read some of the other things he's written.
thanks,
cbd.
Look, flouride is a poison. Why do you think it keeps your teeth so nice? Magic?
I am shocked that information is modded as flamebait. Look it up... anyone!
Spoon not. Fork, or fork not. There is no spoon.
If your HD was erased by a virus, would you conclude you are an inferior user and get rid of your computer? Of course not. I don't think *anyone* has ever completely given up computer use even after a major disaster. Cells are not individually sentient, users are. This is why the analogy doesn't quite work.
There is no listing for virii, but Dorlands Medical dictionary (probably one of the most widely used ones), lists viruses as the plural of virus.
Perhaps because we stopped speaking Latin a great many years ago? See also: focus, octopus. If nothing more, I hope this article will stop people from using the term virii. That has always angered me.
Is that a real poncho? I mean, is that a Mexican poncho or is that a Sears poncho?
I read a good in depth report once, explaining very well why virus would not pluralize to virii in latin. Apparently, 'virus' did not mean the same thing in Latin as it does in English, and in Latin, it wasn't something that could be pluralized. And even if it was pluralized, it would have been pluralized differently.
This was a while ago, so I don't remember any of the details.
it's that a given? i mean, we've known it's bad to use antibacterial soap when washing up because it will weaken our immmune systems by not giving them the chance to react for how many years?
but what about "boxen"? or should that be "boxii"?
cpeterso
Allow me to engage in self-gratifying clarification of your post that you may or may not endorse.
Cells are not individually sentient, users are.
SHould be:
Cells are not individually sentient, users might be, but scientists have yet to offer incontrovertible evidence of this.
Like what I said? You might like my music
I think he is implying Darwinism. I.E. Those that do not adapt to virii attack, become extinct.
;-)
If immunity comes from infection, Windows should be the most immune OS ever....
The problem is that, as with Darwinism, immunology is only one part of the equasion, and it comes down to food (money) requirements and supply, reproduction (marketing, distribution), etc. Yeah, Darwinism works, but it is not so simple
LedgerSMB: Open source Accounting/ERP
The more numerous the population and the longer its evolution, the greater the risk to that population due to greater exposure TO, variety OF and total fatality caused BY yet unknown threats. Populations naturally counter the increased risk with varied success by becoming more numerous.
The good doctor fails to see the big picture here, otherwise he would know that we are not the only species on this planet that is evolving. By overpopulating the planet we are also creating conditions for known threats to evolve into more dangerous threats and for yet unknown threats to break the magic incidence of 1 in 6+ billion.
Due to the long evolution of the species on this planet, each new threat is more likely to cause higher fatality than any already known threat. The level of sophistication of that threat, its resemblance to any known threats to which the target population is immune and adaptability of the immunity of the target population as a whole determine both the incidence of and fatality caused by that threat.So far, we have always managed to survive as a species and our immunity is a direct product of interaction with our environment throughout evolution. What this means is that, contrary to what the good doctor seems to believe, were our immunity weaker today, the number of threats we would be exposed to would be much smaller as well. Otherwise we, as a species, would have either developed immunity to those threats or become extinct.
I suggest that the good doctor not buy his degree online in the future.
That's why the eco-system is so stable here in Soviet Russia!
Dennis G. Jerz
Jerz's Literacy Weblog
Literacy Weblog http://jerz.setonhill.edu/weblog
Will windows eventually become better as a result of all these attacks?
Maybe these viruses are the selection mechanism that will kill the closed source approach to operating system and infrastructure application development, allowing it to be replaced with the more resistant open source versions.
Just a speculation, but an interesting one.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
Isn't listing MacOS X after BSD somewhat redundant?
Nah, all the viruswriters in the world can't take the place of even one security-minded lunatic like Theo DeRaadt.
That immunologist doesn't know what he's talking about. Arguing that computer viruses are good is kinda like arguing that getting kicked in the nuts is good for you. Yeah sure, if you get kicked in the nuts a lot, you probably could deal with
having your nuts cut off better than the next guy.
But are you really happy you got racked so many times?
The analogy to biological viruses is wrong for a couple of reasons.
1) Unlike viruses that attack organisms, computer viruses cause significant harm even if they don't kill your computer.
2) Unlike biological immune systems, computer systems can improve even without viruses.
Point 1
-----------
From a biologist's perspective, an organism is successful if it survives to reproduce, but this perspective is not appropriate for computer viruses. Biologists tend not to worry about the pain and suffering that you endure when you're sick, because evolutionarily speaking, the only important consideration is whether you live
to have children. However, computer viruses cause a lot of damage during the period when the virus is active, even if they don't crash your hard drive. Think about the hours of productivity lost, not to mention the psychological annoyance, so many people suffer. There's a lot of harm caused even if your computer doesn't fail. How can this be a good thing? Answer, it can't. Of course, it's very bad if your computer actually fails. But it's certainly possible that viruses do so much crap to your computer that you might wish you'd never even had one in the first place.
Point 2
--------
Second, computer security doesn't have to evolve the same way the immune system does. In biological systems, there is no other mechanism to build up antibodies other than exposure to a pathogen. So you need viruses to gain immunity. However, there are plenty of ways to test computer security other than to have a virus over-run the internet. For example, how about a controlled stress-test on a private network? Sure, testing of computer security helps improve computer security, but it doesn't have to be done in the damaging ways viruses "test" security.
WTF is that?!
--
Linux User
Do Linux, BSD, and Mac OS X have enough people checking for security flaws? Or do all these viruses actually HELP windows catch up? Will windows eventually become better as a result of all these attacks? Tune in next week for the exciting conclusion where our hero's z3r0cool and 4cidburn duke it out with the evil SCO and their band of IP lawyers!
The English word 'virus' derives from the Latin noun 'uirus', meaning 'poison'. This is a 2nd declension neuter noun, in that it has genetive form 'uiri'. Anyone who knows Latin will realise that it is therefore irregular, one expects such verbs to end in '-um' (like 'pudendum'), and to have plural in '-a'. 'Uirus', on the other hand, does not seem to occur in the plural, where one might expect 'uiria' (or possibly 'uira').
The 'i' in 'uirus' is long in Latin, which is why one says 'vie-rus' and not 'vih-rus'. This serves to distinguish forms of 'uirus' from forms of 'uir', which means 'man' or 'hero' (as in 'virile'). Since in English one can't just import the Latin lenght/stress system, the word 'viri' might actually mean 'men' in some sort of legal sense. I have no idea who invented 'virii', and on what basis.
Since 'virus' has undergone a change in sense and since the Latin plural (if there ever was such a thing) is not established in English (c.f 'genus', 'genera'), it should be treated as an English word, and given the English plural 'viruses'. This is what is recommended by H. W. Fowler in his _Dictionary of Modern English Usage_ (first published 1926).
Saying 'virii' will make you look clever only to people who are less well educated than youself. By all means do this, but it's probably not going to work so well here.
Virus writers pushed me into changing to Linux and totally dumping windows.
So, here's a great big THANK YOU to all the virus writers out there, you really, really did me a huge favor.
One very satisfied Linux convert.
In biology, host defense systems against virii bacteria, fungi and parasites in higher life forms have evolved into incredibly complex systems that range from simple things like antimicrobial peptides, to white cells and the like. An incredible amount of time, effort and resources goes to fighting off all of this crap.
Is anyone actually dense enough to think that it would be any different for operating systems, word processors, or other large software systems? Think about all of the time and effort that goes into fighting frigging computer viruses and worms.
Cut the damn virus writer's fingers off and take a blowtorch to their genitals so they can't breed! I'm sick of having to fight off this garbage. It is a waste of my time, money and patience.
I can imagine a world where everyone lives in peace with no danger or ill-will. No one would even lie lies and there would be no need for protection. The whole planet would be bathed in love and know nothing else.
I can also imagine finding this planet, enslaving everyone, taxing them at 40%, and selling thousands of Starbucks and McDonalds franchises to collect the rest.
Hunger is the best sauce.
No, seriously. You have no idea how much the W32.Blaster.Worm helped boost business. People are such idiots, every time they bring their computers in we get the latest Windows Updates for their system and tell them to CHECK REGULARLY, and still those very same people come back in a couple weeks later with MSBlaster, which could've very easily been prevented. (We usually get about 4 or 5 systems in a day; we got 20 of them the day of MSBlaster.)
[insert witty comment here]
It's sometimes been noted that Linux/ (and BSD, opensource) has more security alerts than does Windows. However, you see less damage per hole than Windows largely because Linux is better designed and the holes are public so that they can be patched. Of course you still have lossers who don't bother applying patches but overall Linux handles things much better. It's based on Unix concepts and Unix has been around (and taking hard lessons) for a lot longer than Windows.
Windows is weak because they threw away most of what they had learned and tried to do it different. Then they took their different system and tried to give it the abilities of what they could have started with anyway. So you get this sort of fractured fairy tale version of an OS. It'll take them a long time to gain the maturity of the Unix world. Linux on the other hand modeled itself on Unix and opened the code so that anyone that found something implemented incorrectly or incomplete could fix it. It's the difference of trying to build a 747 (but entirely different) starting from scratch or trying to build a 747 from the blueprints of a 747.
MacOS is based on BSD in part so it should inherit some of it's security. The closed portions though may be as insecure as Windows but as you say less tested.. so those insecurities are unknown factors.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
I'd tend to think that the major difference is that in a unix system, holes are typically in nonprivilaged positions (running as a non-root daemon or as a user process) whereas on a windows system, about everyone runs as root.
In 95/98/ME _everyone_ is root and you can't change it.
In NT/2000/XP, not everyone HAS to be root, but most people run it that way for convenience.
Dr. Forrester seems to have a (disappointingly) poor understanding of ecology (in the natural and artificial world). Every benefit has a cost associated with it. When there is selective pressure, organisms capable of coping with the selective pressure gracefully will thrive, and those that can't won't. This however doesn't mean that the ability to cope with that selective pressure is universally good; advantage is determined by the environment.
A real life example: livestock are given antibiotics in their feed, because it makes them grow bigger, faster. Why? Because in such a (antibiotic rich) situation where the challenge presented to their bodies by bacteria are diminished, they can spend less resources on their immune system, and therefore more resources on growing bigger faster.
This is not to say that feeding antibiotics to livestock is a good thing for society. It isn't, and for a very similar reason. Frequent use of antibiotics selects for antibiotic resistant bacteria - in an antibiotic rich environment, resistant bacteria thrive, and non-resistant bacteria die. However, just like everything else, there is a cost to antibiotic resistance. In an antibiotic-free environment, non-resistant bacteria have an advantage, and they will outcompete their resistant bretheren. Whereas the presence of antibiotics selects for resistant bacteria, the absence of antibiotics selects for antibiotic susceptible bacteria. When you get a life threatening infection, I assure you, you would prefer that the bacteria inside you did not previously reside in an antibiotic rich environment.
Given that we live in a world where there is crime, it is a good thing that we spend a lot of money on government organizations that fight crime, but if we lived in a crime-free world, it would be silly to spend any money on policing, and we would be better off spending it on something else (or reducing taxes accordingly). Dr. Forrester's argument is in essence a tautology, it boils down to "Given the way things are, its good that things are the way they are." In biology, as in computers, there is no such thing as a free lunch. Because there are virus writters, we spend money on virus-scanners, and time disinfecting computers. In a virus rich environment, it is good that there are virus-scanners, but if no one wrote viruses (because everyone was thoughtful), we could spend our money and time otherwise.
This said, I should point out that pathogens (biological, computer, or societal - e.g. criminals) are essentially inevitable. Selection rules. If there is a way to leach off the system, there is probably a selective advantage in doing it, and something with figure out how to do it. Giving credit where credit is due, these arguments are derived, however distantly, from The Selfish Gene by Richard Dawkins.
This came to me in a dream last night. Floppy-based viruses, once so abundant, are nigh extinct on account of the floppy being nigh extinct, and the net being such a faster, easier medium.
But CDs on the other hand - almost every new puter comes with a CD burner, and most Windows boxes have autorun enabled for CDs. Even easier than a floppy virus; as soon as CD is inserted, computer is infected. Virus will modify Nero &/or EasyCD Creator &/or WindowsXP's CD burning thingie so that every new CD burnt will insert the virus into autorun.inf. For audio CDs, the virus might add a track at the end of the CD containing some zany music that formed part of its payload (compressed).
Not that I have the knowledge, inclination, or time to put this into practice, but it is an interesting concept.
That'll teach ppl to rethink autorun.
Unfortunately, your theory is complete nonsense, as it goes against the holy scriptures. Everybody knows that Computers were created by the almight Bill Gates, and the Internet by Al Gore.
"I think it would be a good idea" Gandhi, on Western Civilisation
"computer viruses are good, because every time we beat a computer virus it makes computers better able to defeat computer viruses". If the only advantage of virus exposure is that you're better able to withstand more viruses, that is not a valid argument for viruses being valuable. It's like saying that "since we learn that we need to fix things when they break, we should break more things". Idiocy. If there were no viruses, there would be no NEED to have protection against them. What, are we developing an immunity to when the space aliens try to take over our computers from orbit? :/
...and the template represents existing information. The process which patterns antibodies doesn't invent anything new, it simply takes an attacker's design and uses that as a weapon. Kind of like shotgunning Mynx en passant and winding up with her blue Triple Damage thingy, ammunition and weapons.
Got time? Spend some of it coding or testing
Think of the patches as digital protein rings.
Got time? Spend some of it coding or testing
The body, in your example, is replicating a design in order to battle infection. In analogy this would be like a computer being able to make RPCs to other computers to DDoS an attacker into obliviion (and you can imagine that being abused!).
The body also has processes to pattern antibodies from the attacking organism. In analogy, this would be software which recognises an attack, reconfigures itself to render the attack ineffective, and broadcasts the reconfiguration data to other computers before they're attacked. And then DDoSes the attacker into oblivion.
Patching is more like medical intervention. An intelligent agency outside the computer designs a remedy, which is then manufactured, distributed and applied, again at the instigation of various external agencies.
Got time? Spend some of it coding or testing
Yes, that's exactly what I said. "Innate immunity" is the same as immunity "exposed by infection" in the same way that rocks are exposed as the tide goes out.
BTW, we do have pre-emptive antivirus software.
This is different to how the body deals with novel attackers; the body patterns a specialised defensive cell after the attacker (kind-of makes a negative of the attacker). Then defenders bred from that cell can then bind with and neutralise the attackers, in principle before they destroy anything valuable.
Got time? Spend some of it coding or testing
Yes, even water is toxic.
Just like taking too much flouride is toxic, drinking too much water *will* kill you.
Just goes to prove that anything done without moderation will kill you.
Ask any doctor, "The Dose Makes the Poison".
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
aren't some types of shots basically weakened critters that don't cause an actual infection but spur the body to respond as if real?
... to the extent that there is no world famous immunologist known as Samuel Forrester and certainly not one being named for Nobel consideration, I can assure you. Google or PubMed/Medline for Samuel Forrester (or derivations) to try and find mention of any of the "Nobel" worthy research. The Iraqi Infirmation Minister must be doing this guy's PR.