How good of an idea is it to create a "good virus" to defend against viruses and cyberattacks?

ablake

To combat DDoS attacks, the Japanese government is apparently working on a "virus" that can trace back to an attacking resource, then disable it. I can't help but wonder how good of an idea it is to install a "good" piece of malware (or should I call it posiware?) as a preventative measure? What do you think about the concept, is it a good or bad idea?

Topic: Security
Answer this Question

Answers

2 total
AppDevGuy
Vote Up (21)

I don't like the idea of software, even presumably acting with good intentions, running on my machines without my approval.  Sure, I assume that it is meant to be installed by knowledgeable, most likely government users, but if it can react to external threats and "infect" the threat source autonomously, it seems like just a matter of time before it is essentially invited to infect a "black hat" machine through an attack, and the bad guys get access to the code to modify and use for their own purposes.  I also have concerns about the effect on memory and processor cycles, and bandwidth consumption, which seems inevitable with this type of software.   Nothing is free, so I would also expect to see memory drain if this is constantly running on machines to provide active defense against attacks.  All in all, I lean towards thinking this concept of a "good virus" is probably a bad idea.

jimlynch
Vote Up (16)

Sounds a bit like Spy Versus Spy to me. Heh. Where does it end? And could the Japanase idea complicate things and make an even bigger mess at some point?

But then again, I could be wrong in being skeptical about it. Sometimes fresh ideas and approaches can generate unexpected progress on problems like this. So perhaps it's a good idea to follow what the Japanese are doing and then see what comes of it?

At the very least I give them credit for being creative.

Ask a question

Join Now or Sign In to ask a question.
CRM data offers all sorts of goodies for hackers. Now's the time to step up your protections.
Ping Identity has picked up another $35 million in venture funding to speed development of the next-generation of its identity and access management technology and expand the company's presence in Europe and Asia-Pacific.
Apple's new passcode-based encryption for the iPhone and iPad can be circumvented and provides only limited protection to data.
Google, Dropbox and the Open Technology Fund are supporting a new organization focused on making open-source security and privacy tools more user-friendly.
Among six major U.S. cities, CSOs are paid the most in San Francisco and New York, but factoring in the cost of living makes Denver and Chicago the best bang-for-the-buck places.
Apple's iOS 8 addresses a serious weakness that could allow attackers to hijack the wireless network authentication of Apple devices and gain access to enterprise networks.
Legislation introduced in the U.S. Senate on Thursday aims to place limits on access by U.S. law enforcement agencies to emails and other communications stored abroad.
Two online advertising networks, Google's DoubleClick and Zedo, have been delivering malicious advertisements that could install malware on a person's computer, according to the security vendor Malwarebytes.
Google is turning on data encryption by default in the next version of Android, a step that mirrors broad moves in the technology industry to ensure better data security.
CloudFlare said it has engineered a novel way to handle sensitive encryption keys that allows organizations such as financial institutions to still use its caching service to fend off cyberattacks.