Benevolent Worms
This is a stupid idea:
Milan Vojnovic and colleagues from Microsoft Research in Cambridge, UK, want to make useful pieces of information such as software updates behave more like computer worms: spreading between computers instead of being downloaded from central servers.
The research may also help defend against malicious types of worm, the researchers say.
Software worms spread by self-replicating. After infecting one computer they probe others to find new hosts. Most existing worms randomly probe computers when looking for new hosts to infect, but that is inefficient, says Vojnovic, because they waste time exploring groups or “subnets” of computers that contain few uninfected hosts.
This idea pops up every few years. This is what I wrote back in 2003, updating something I wrote in 2000:
This is tempting for several reasons. One, it’s poetic: turning a weapon against itself. Two, it lets ethical programmers share in the fun of designing worms. And three, it sounds like a promising technique to solve one of the nastiest online security problems: patching or repairing computers’ vulnerabilities.
Everyone knows that patching is in shambles. Users, especially home users, don’t do it. The best patching techniques involve a lot of negotiation, pleading, and manual labor…things that nobody enjoys very much. Beneficial worms look like a happy solution. You turn a Byzantine social problem into a fun technical problem. You don’t have to convince people to install patches and system updates; you use technology to force them to do what you want.
And that’s exactly why it’s a terrible idea. Patching other people’s machines without annoying them is good; patching other people’s machines without their consent is not. A worm is not “bad” or “good” depending on its payload. Viral propagation mechanisms are inherently bad, and giving them beneficial payloads doesn’t make things better. A worm is no tool for any rational network administrator, regardless of intent.
A good software distribution mechanism has the following characteristics:
- People can choose the options they want.
- Installation is adapted to the host it’s running on.
- It’s easy to stop an installation in progress, or uninstall the software.
- It’s easy to know what has been installed where.
A successful worm, on the other hand, runs without the consent of the user. It has a small amount of code, and once it starts to spread, it is self-propagating, and will keep going automatically until it’s halted.
These characteristics are simply incompatible. Giving the user more choice, making installation flexible and universal, allowing for uninstallation—all of these make worms harder to propagate. Designing a better software distribution mechanism, makes it a worse worm, and vice versa. On the other hand, making the worm quieter and less obvious to the user, making it smaller and easier to propagate, and making it impossible to contain, all make for bad software distribution.
EDITED TO ADD (2/19): This is worth reading on the topic.
EDITED TO ADD (2/19): Microsoft is trying to dispel the rumor that it is working on this technology.
EDITED TO ADD (2/21): Using benevolent worms to test Internet censorship.
EDITED TO ADD (3/13): The benveolent W32.Welchia.Worm, intended to fix Blaster-infected systems, just created havoc.
Clive Robinson • February 19, 2008 7:27 AM
Like a lot of “stupid ideas” it is actually a “sounds sensible” one that has uncontrolable side effects. Which is of course the real danger (eternal vigilance being the only defence).
I think it was PARC that did the original work on this back in the very early days of networked computers (1980ish).
I suspect that MS will come up with the same thing again under a new “Trusted Platform Initiative” or whatever it decides to call it’s next attempt to own your hardware and work.