Fujitsu To Develop Vigilante Computer Virus For Japan

wiedzmin writes "Japanese Defense Ministry has awarded Fujitsu a contract to develop a vigilante computer virus, which will track down and eliminate other viruses, or rather — their sources of origin. Are 'good' viruses a bad idea? Sophos seems to think so, saying, 'When you're trying to gather digital forensic evidence as to what has broken into your network, and what data it may have stolen, it's probably not wise to let loose a program that starts to trample over your hard drives, making changes.'"

A Polite Virus

[Marxist+Hacker+42]

Would be the answer. A polite virus doesn't migrate automagically- it *asks* before it migrates.

Re:A Polite Virus

[nman64]

Malicious authors would love that - another angle for them to take advantage of. Anyone with clue isn't going to trust a polite virus unless they've been told to expect it, and by the time they've been told this polite virus is friendly, the malicious authors will already be using polite messages to get users clicking where they want them to.

Re:A Polite Virus

[Moryath]

You've got it right. Malicious authors will just reverse-engineer Sophos's virus, tweak the payload, and then they're off to the races.

And other antivirus houses, RIGHTLY, will peg Sophos's virus as malicious and work to block or eliminate it.

This is the catch-22. If your virus tries to use a "break in then pull up the ladder with it" mentality, someone else will co-opt your work. Pretty soon, your "beneficial virus" will be meaningless. In the real world, virus writers have been caught "pulling up the ladder" from time to time, removing their competitors' viruses and taking over existing botnets. Sophos is trying the same tactic, which isn't going to be helpful for anyone.

Ugh

[afabbro]

Any "good" virus will be caught, captured, studied, mutated, and turned into a "bad" virus very quickly.

Also, a virus by definition installs software on a machine without the owner's consent. So it's never a good idea.

Re:Ugh

[badboy_tw2002]

I propose then we name the new "good virus" "Agent Smith"

Agent Smith: I'd like to share a revelation that I've had during my time here. It came to me when I tried to classify your operating system and I realized that its not actually an operating system at all. Every OS on the Internet develops a natural equilibrium with the surrounding hardware environment, but your Windows does not. Its installed on fresh hardware and grows and grows until every hardware resource is consumed and the only way you can survive is to wipe the machine and start over. There is another program on the Internet that follows the same pattern. Do you know what it is? A virus. Windows is a disease, a cancer of the Internet. You're a plague and we are the cure.

Um, no.

[JustAnotherIdiot]

Are 'good' viruses a bad idea?

McAfee, Norton, AVG, etc have built businesses around good viruses.

It's going to be hard to tell...

[forkfail]

... the white cells from the attacking entities.

And the ramifications could get interesting.

For example, will it be illegal to tamper with such a white cell virus that's on your system? To reverse engineer it? To release your own distributed anti-virus system that might view such a white cell virus as a threat, and hunt it down and destroy it across multiple networks?

Re:Source

[AngryDeuce]

Specifically, I.E. 6 users, because fuck them.

Source of Origin

[JoeCoder7]

What happens when the Fujitsu virus meets itself and destroys its own source of origin?

Re:Source

[nman64]

Face the facts. The malware problem today is the result of large, highly-profitable, highly-competitive criminal empires. These programs are written by hired developers working in a business infrastructure, not random script kiddies locked away in their parents' basements. The developers creating this malware are typically doing so on Windows systems, though much of the delivery infrastructure does run on other platforms. It has nothing to do with ideology, vendettas, social failures or platform choices. It's all about the money.

Re:Source

[Moryath]

Every time I see this, I remember the obvious counterargument.

- If OSX had better than 8% market share, wouldn't there be hordes of virus programmers (russian mafia, bored script kiddies and pranksters, whatever) looking for holes in it to take over?
- If Linux had better than 1% market share, wouldn't there be hordes of programmers trying to break it? Actually, if you look at the server market where Linux has a larger market share, they DO try to crack it - and lo and behold, they tend to succeed relatively on the same pace as breaking into Windows server boxes.

The question isn't, is Windows insecure? Of course it is - due in no small part to being not-securely-configured by hordes of user-level operators at their houses. But if everyone magically switched to your OS of choice, are we really likely to find that the situation improved at all? Probably not. Even at their smaller market share, it turns out OSX has had its fair share, and Linux as well.

And then, of course, there's the old "Problem between keyboard and chair" issue. Users willing to click on ANYTHING are going to be your worst source of problems, especially in the home market. Again, would that change if all of them switched to OSX or Linux? Of course not, they're still going to click on anything and enter their password to install the Free Puppy Screensaver or whatever else it is.

Re:Source

[sootman]

OS X has it's fair share? Really? They have, say, 10% of the computer market, and about 0.0001% of the actual, in-the-wild viruses. The main problem on OS X is trojans (to which ANY platform is vulnerable) and OS X has NEVER had a self-replicating virus the way Windows has. (Nimda, Code Red, Sasser, etc.)

So yeah, if everyone switched to OS X or Linux, we probably WOULD be better off. Maybe not perfect, but much, much better.