Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fujitsu To Develop Vigilante Computer Virus For Japan

Posted by Soulskill on from the which-will-lead-to-anti-anti-virus-viruses dept.

wiedzmin writes "Japanese Defense Ministry has awarded Fujitsu a contract to develop a vigilante computer virus, which will track down and eliminate other viruses, or rather — their sources of origin. Are 'good' viruses a bad idea? Sophos seems to think so, saying, 'When you're trying to gather digital forensic evidence as to what has broken into your network, and what data it may have stolen, it's probably not wise to let loose a program that starts to trample over your hard drives, making changes.'"

31 of 129 comments (clear)

  1. A Polite Virus by Marxist+Hacker+42 · · Score: 4, Interesting

    Would be the answer. A polite virus doesn't migrate automagically- it *asks* before it migrates.

    --
    SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
    1. Re:A Polite Virus by nman64 · · Score: 5, Insightful

      Malicious authors would love that - another angle for them to take advantage of. Anyone with clue isn't going to trust a polite virus unless they've been told to expect it, and by the time they've been told this polite virus is friendly, the malicious authors will already be using polite messages to get users clicking where they want them to.

    2. Re:A Polite Virus by Moryath · · Score: 4, Insightful

      You've got it right. Malicious authors will just reverse-engineer Sophos's virus, tweak the payload, and then they're off to the races.

      And other antivirus houses, RIGHTLY, will peg Sophos's virus as malicious and work to block or eliminate it.

      This is the catch-22. If your virus tries to use a "break in then pull up the ladder with it" mentality, someone else will co-opt your work. Pretty soon, your "beneficial virus" will be meaningless. In the real world, virus writers have been caught "pulling up the ladder" from time to time, removing their competitors' viruses and taking over existing botnets. Sophos is trying the same tactic, which isn't going to be helpful for anyone.

    3. Re:A Polite Virus by TFAFalcon · · Score: 3, Informative

      That just trains people to click OK/ALLOW more. So the next 'polite' virus will do more then just kill other virii.

    4. Re:A Polite Virus by iateyourcookies · · Score: 3, Informative

      I know it's considered bad form to RTFA, and sometimes RTFSummary, but really... not reading the headline?! Fujitsu is developing the virus. Sophos is arguing against the idea!

  2. Ugh by afabbro · · Score: 4, Insightful

    Any "good" virus will be caught, captured, studied, mutated, and turned into a "bad" virus very quickly.

    Also, a virus by definition installs software on a machine without the owner's consent. So it's never a good idea.

    --
    Advice: on VPS providers
    1. Re:Ugh by badboy_tw2002 · · Score: 5, Funny

      I propose then we name the new "good virus" "Agent Smith"

      Agent Smith: I'd like to share a revelation that I've had during my time here. It came to me when I tried to classify your operating system and I realized that its not actually an operating system at all. Every OS on the Internet develops a natural equilibrium with the surrounding hardware environment, but your Windows does not. Its installed on fresh hardware and grows and grows until every hardware resource is consumed and the only way you can survive is to wipe the machine and start over. There is another program on the Internet that follows the same pattern. Do you know what it is? A virus. Windows is a disease, a cancer of the Internet. You're a plague and we are the cure.

    2. Re:Ugh by Marxist+Hacker+42 · · Score: 2

      KOH virus, used in several industries to encrypt hard drives across a network. Or at least was back in the 1990s. It was very polite- asked by drive letter if you wanted it to migrate, asked you for each boot volume for a 256 byte private key and a pass phrase. It was NOT just "Click OK to install" either- you needed to type YeS, with both capitals, to go, at least in the version my company sold as "CasinoCrypt" to casinos in British Columbia (based on a gaming commission requirement). It would even migrate to floppies, again asking first, effectively locking that floppy into use on that computer.

      --
      SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
    3. Re:Ugh by forkfail · · Score: 3, Funny

      Parody (tm) was retroactively patented last week, and the name trademarked and copyrighted. Use of the word Parody in it's verb form ("Parodying") is now an actionable civil offense.

      You can be sued for applying unlicensed Parody (tm) to any situation.

      You must have a valid license to apply Parody (tm). Furthermore, you need Parody Enterprise (tm) for any published, non-personal application of Parody. Parody Student Edition (tm) may only be used in an educational environment. Release of Parody (tm) works under GPL is prohibited.

      Note that a Parody (tm) license does not allow you to publish Satire (c); a separate license is required for such publications.

      --
      Check your premises.
  3. Um, no. by JustAnotherIdiot · · Score: 5, Funny

    Are 'good' viruses a bad idea?

    McAfee, Norton, AVG, etc have built businesses around good viruses.

    --
    What do I know, I'm just an idiot, right?
    1. Re:Um, no. by Riceballsan · · Score: 2

      Nope, a virus is a self replicating self installing piece of software, a Trojan tricks people into installing it by claiming to do something desired. Thus McAffee and Norton are high grade trojans, and some of the few that can trick you into paying to install them.

  4. We know where this is going... by SJHillman · · Score: 2

    Skynet, Landru, M5, the Matrix, HAL

    There's plenty of art for reality to follow.

  5. It's going to be hard to tell... by forkfail · · Score: 4, Insightful

    ... the white cells from the attacking entities.

    And the ramifications could get interesting.

    For example, will it be illegal to tamper with such a white cell virus that's on your system? To reverse engineer it? To release your own distributed anti-virus system that might view such a white cell virus as a threat, and hunt it down and destroy it across multiple networks?

    --
    Check your premises.
    1. Re:It's going to be hard to tell... by Bucky24 · · Score: 2

      For example, will it be illegal to tamper with such a white cell virus that's on your system? To reverse engineer it? To release your own distributed anti-virus system that might view such a white cell virus as a threat, and hunt it down and destroy it across multiple networks?

      Only if they copyright it.

      --
      All the world's a CPU, and all the men and women merely AI agents
  6. Back Hack? by Tavor · · Score: 2

    Considering this is Japan, I'm pretty sure they got the idea from Ghost in the Shell. The Major often times references performing a Back Hack, to determine the location of an attacker. Now if only I could teach Windows how to enter Autistic Mode...

    --
    Windows has detected an undetectable error.
    1. Re:Back Hack? by vlm · · Score: 2

      Considering this is Japan, I'm pretty sure they got the idea from Ghost in the Shell. The Major often times references performing a Back Hack, to determine the location of an attacker. Now if only I could ...

      ... I was thinking more along the lines of what to do with those who bring virii onto my network ... tentacles ....

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
  7. Re:Source by AngryDeuce · · Score: 4, Funny

    Specifically, I.E. 6 users, because fuck them.

  8. Source of Origin by JoeCoder7 · · Score: 5, Funny

    What happens when the Fujitsu virus meets itself and destroys its own source of origin?

  9. Re:Source by iggymanz · · Score: 2

    even windows 7 has infection rate of 4 per 1,000 machines. Let's talk about using real OS instead of Bill Gate's stupid glorified program loader.

    http://www.computerworld.com/s/article/9216654/Windows_7_s_malware_infection_rate_climbs_XP_s_falls

  10. An Exercise in Futility by nman64 · · Score: 3, Interesting

    An arms race against an opponent that know no boundaries is typically futile.

    It would be extremely difficult to develop a virus that could effectively spread and eliminate other infections without stooping to the same low levels as the malicious developers, at which point the friendly virus isn't so friendly anymore.

    Sophos is right that such a counter-attack launched on a managed network with security-aware personnel capable of removing the malicious infections and performing a proper investigation is only going to complicate matters.

  11. Collateral Damage by jjp9999 · · Score: 2

    I could see this having a lot of collateral damage, since hackers like to bounce their connections off of legitimate IPs to hide their own locations. The Chinese hackers, for example, use HTran to do this for them - it makes it look like the attacks are coming from University campuses or from IPs belonging to dissident groups.

  12. what would be better is by FudRucker · · Score: 2

    to develop operating systems that are impervious to viruses, trojans, worms and rootkits & etc... probably could not be done to 100% certainty but it can be implemented so the bad software is the rare exception to the rule rather than wide spread chronic infections like you see with that software from Redmond...

    that would more than likely put Microsoft in to a niche corner and out of the desktop operating system & office software suite business...

    --
    Politics is Treachery, Religion is Brainwashing
  13. Re:Source by nman64 · · Score: 4, Informative

    Face the facts. The malware problem today is the result of large, highly-profitable, highly-competitive criminal empires. These programs are written by hired developers working in a business infrastructure, not random script kiddies locked away in their parents' basements. The developers creating this malware are typically doing so on Windows systems, though much of the delivery infrastructure does run on other platforms. It has nothing to do with ideology, vendettas, social failures or platform choices. It's all about the money.

  14. Cane Toads in Australia by jenningsthecat · · Score: 3, Insightful

    The Internet and the vast number of computers connected to it form a vast, dynamic, and complex system whose detailed behaviour is difficult to fully understand and impossible to confidently predict.

    Just like the introduction of Cane Toads in Australia, ( http://en.wikipedia.org/wiki/Cane_toads_in_Australia ), and so many other similar introductions of organisms to 'fix' some problem in a complex ecosystem, this will probably turn out badly. And it may be impossible to undo once the virus is released into the favourable ecosystem that is the Internet.

    --
    'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
  15. Re:Source by Moryath · · Score: 4, Insightful

    Every time I see this, I remember the obvious counterargument.

    - If OSX had better than 8% market share, wouldn't there be hordes of virus programmers (russian mafia, bored script kiddies and pranksters, whatever) looking for holes in it to take over?
    - If Linux had better than 1% market share, wouldn't there be hordes of programmers trying to break it? Actually, if you look at the server market where Linux has a larger market share, they DO try to crack it - and lo and behold, they tend to succeed relatively on the same pace as breaking into Windows server boxes.

    The question isn't, is Windows insecure? Of course it is - due in no small part to being not-securely-configured by hordes of user-level operators at their houses. But if everyone magically switched to your OS of choice, are we really likely to find that the situation improved at all? Probably not. Even at their smaller market share, it turns out OSX has had its fair share, and Linux as well.

    And then, of course, there's the old "Problem between keyboard and chair" issue. Users willing to click on ANYTHING are going to be your worst source of problems, especially in the home market. Again, would that change if all of them switched to OSX or Linux? Of course not, they're still going to click on anything and enter their password to install the Free Puppy Screensaver or whatever else it is.

  16. Re:Source by VortexCortex · · Score: 2

    Did you by chance watch the Chaos Computer Club talk about Stuxnet? I was thinking the whole time: "Well there's part of the reason right there, MS: You hire folks like this moron."

    The vulns exploited are a direct evidence of lack of security in design. I mean, Guest accounts telling printer drivers to "print to file" ANY WHERE on the drive?! AS ROOT?!?

    Don't give me that "Mac & Linux are just as bad" bullshit. I deal with the Linux sources, MS isn't even in the same league. I've seen the (leaked) source code that Microsoft devs write... IT'S SHIT. Their OS is full of insecure kludgey shit. Remember the Zune Leap Year BS? Just try to get away with committing some of that shit to the Linux Kernel team. Google Tried committing crap kernel code from Android, guess what? IT WAS REFUSED; Told to get cleaned up. I mean... fuck man.. GET REAL!

  17. Re:Source by Moryath · · Score: 2

    Yawwwwwnnnn.

    Bugs are committed to Linux all the time. You just don't hear about it as much. It's not "big news" because (a) less people are trying to make a botnet out of a couple million Linux boxes and (b) it doesn't feed the "let's bash on MS" crowd on Slashdot.

    I'm not a Microsoft fanboy, but I'm willing to recognize the hurdles they have to face: trying to not break backwards compatibility, dealing with the fact that most home users will be the "fuck security, I don't want to have to enter a password it's MY computer" types, and being targeted because of sheer numbers of marketshare. And I guarantee you, if Linux had even 30% of the desktop market, you'd see an absolute ton of malware being written for it and "0-day" exploits every day. Even if the bugs were only present in the main branch of the discordant, splintered Linux distro world, it'd happen.

  18. Re:Source by forkfail · · Score: 2

    You persist in using desktop numbers, not internet server farm numbers. Which don't get published so much; they're mostly considered proprietary information. But it is easily verifiable that Google, Facebook, eBay, Amazon (including AWS), and pretty much all the other big names use Linux for their server farms, not Windows.

    Yes, I concede that for desktops, Linux has a tiny market share.

    For the internet backbones, server farms, research farms, and so forth, Windows doesn't get used all that much. And that's where the real concentration of data is.

    Also, you don't take into consideration the value of a compromise. The value of compromising J Random Luser's home PC is far, far less than that of compromising say a Facebook server with personal information or getting into some company's AWS virtual hosts.

    --
    Check your premises.
  19. Re:Source by forkfail · · Score: 2

    Except that they don't have the same rate of success, as evidenced by the fact that all the hosts on AWS and Google and so forth haven't been turned into bot farms and all the data exposed to the world.

    --
    Check your premises.
  20. Re:Source by sootman · · Score: 4, Insightful

    OS X has it's fair share? Really? They have, say, 10% of the computer market, and about 0.0001% of the actual, in-the-wild viruses. The main problem on OS X is trojans (to which ANY platform is vulnerable) and OS X has NEVER had a self-replicating virus the way Windows has. (Nimda, Code Red, Sasser, etc.)

    So yeah, if everyone switched to OS X or Linux, we probably WOULD be better off. Maybe not perfect, but much, much better.

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  21. Re:Source by kesuki · · Score: 2

    the freebsd port tree was the first attempt at a 'voluntary' walled garden, eg they would monitor and fix the ports tree, and you wouldn't get virused in the expected lifespan of the hardware. debian improved on the concept. with repositories, and ubuntu took away root with sudo commands... i realize from the software side there is no mechanism against installing 3rd party software, or making your user root, but the people who they intended to run the stuff wouldn't actually know they weren't in a walled guarden, if they followed the advice of their elders.

    --
    https://www.gnu.org/philosophy/free-sw.html