Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kraken Infiltration Revives "Friendly Worm" Debate

Posted by kdawson on from the damned-if-you-do dept.

Anonymous Stallion writes "Two security researchers from TippingPoint (sponsor of the recent CanSecWest hacking contest) were able to infiltrate the Kraken botnet, which surpasses its predecessors in size. The researchers have published a pair of blog entries: Owning Kraken Zombies and Kraken Botnet Infiltration. They dissect the botnet and go so far as to suggest that they could cleanse it by sending an update to infected hosts. However, they stopped short of doing so. This raises the old moral dilemma about a hypothetical 'friendly worm' that issues software fixes (except that the researchers' vector is a server that can be turned off, not an autonomous worm that can't be recalled once released). What do you think — is it better to allow the botnet to continue unabated, or perhaps to risk crashing a computer controlling a heart monitor somewhere?"

2 of 240 comments (clear)

  1. Desperate Situations by ajs318 · · Score: 0, Flamebait

    Desperate situations call for desperate remedies.

    Really, if you follow the money, it's all Microsoft's fault. It was their bad design decisions (i.e. not building-in privilege separation from the ground up, from day one) which led to this situation. Since then, a whole generation of self-taught wannabees with knocked-off copies of Visual Studio (which Microsoft never stopped them from making, probably because "hey, at least they weren't using a competitor's development environment") have been writing applications with no regard for proper techniques. As a result, "legitimate" software has been taking advantage of the exact same bad programming in Windows that allows malware to propagate.

    Windows is essentially beyond repair. Bodged-on attempts at artificial privilege separation won't block malware if it's easy to get around them, nor if they have to be turned off to allow "legitimate" software to function. Real, ground-up privilege separation (as found in operating systems which cost much less than Windows, but are not backward-compatible with existing Windows software) will break backward-compatibility with existing Windows software.

    The roof was leaking, so we put in a floor drain so the water would have somewhere to go; but the drain got blocked and started to smell, so we installed plug-in air fresheners so we wouldn't have to smell it; but one of our best people was allergic to the air fresheners so we had to let her go, and then they ran out anyway; so we lit a load of joss sticks, but the joss sticks kept setting off the smoke alarms ..... and the roof is still leaking!

    --
    Je fume. Tu fumes. Nous fûmes!
  2. Re:Had me up until the sensationalism by mgblst · · Score: 0, Flamebait

    ow many times have you heard of someone dying because their heart monitor failed?

    What a ridiculous statement. What are you, in primary school? Is that how you make all your decisions? based on how many times you have heard of something happening. There are 1000s of deaths a year due to Hospitals making mistakes in someway.