How good of an idea is it to create a "good virus" to defend against viruses and cyberattacks?

ablake

To combat DDoS attacks, the Japanese government is apparently working on a "virus" that can trace back to an attacking resource, then disable it. I can't help but wonder how good of an idea it is to install a "good" piece of malware (or should I call it posiware?) as a preventative measure? What do you think about the concept, is it a good or bad idea?

Topic: Security
Answer this Question

Answers

2 total
AppDevGuy
Vote Up (15)

I don't like the idea of software, even presumably acting with good intentions, running on my machines without my approval.  Sure, I assume that it is meant to be installed by knowledgeable, most likely government users, but if it can react to external threats and "infect" the threat source autonomously, it seems like just a matter of time before it is essentially invited to infect a "black hat" machine through an attack, and the bad guys get access to the code to modify and use for their own purposes.  I also have concerns about the effect on memory and processor cycles, and bandwidth consumption, which seems inevitable with this type of software.   Nothing is free, so I would also expect to see memory drain if this is constantly running on machines to provide active defense against attacks.  All in all, I lean towards thinking this concept of a "good virus" is probably a bad idea.

jimlynch
Vote Up (13)

Sounds a bit like Spy Versus Spy to me. Heh. Where does it end? And could the Japanase idea complicate things and make an even bigger mess at some point?

But then again, I could be wrong in being skeptical about it. Sometimes fresh ideas and approaches can generate unexpected progress on problems like this. So perhaps it's a good idea to follow what the Japanese are doing and then see what comes of it?

At the very least I give them credit for being creative.

Ask a question

Join Now or Sign In to ask a question.
For almost an entire year, malicious attackers may have been harvesting customer information including credit card data.
During a week in which everyone seemed to be searching for answers amid revelations of the Heartbleed bug, several universities and their partners announced new efforts to explore IT security advances.
The amount of electronic information (e.g., documents, images, emails, videos) organizations produce is staggering. Storing all your digital data in your data center can be expensive. That's why cloud storage -- which often comes at a fraction of the cost of storing the information on-premises -- has become increasingly popular.
Reduce your exposure to spying eyes with sandboxing, disk encryption and more.
Just days before Microsoft retired Windows XP from public support, the company drastically reduced the price of custom support agreements that give large companies and government agencies another year of XP patches, experts reported today.
The Heartbleed Bug disclosed by the OpenSSL group on April 7 has sent many vendors scurrying to patch their products and that includes security firms Symantec, Intel Security's McAfee division, and Kaspersky Lab.
Canadian police have arrested a 19-year-old man for allegedly using the Heartbleed bug to steal data about taxpayers.
A new webmail service called Lavaboom promises to provide easy-to-use email encryption without ever learning its users' private encryption keys or message contents.
Oracle has issued a comprehensive list of its software that may or may not be affected by the OpenSSL (secure sockets layer) vulnerability known as Heartbleed, while warning that no fixes are yet available for some likely affected products.
Socially-engineered malware tries to trick users into downloading and executing malicious code through tactics that include everything from fake antivirus to fake utilities to fake upgrades to the operating system and trojanized applications. NSS Labs tested several endpoint security products to see how well each would block these attacks.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness