How good of an idea is it to create a "good virus" to defend against viruses and cyberattacks?

ablake

To combat DDoS attacks, the Japanese government is apparently working on a "virus" that can trace back to an attacking resource, then disable it. I can't help but wonder how good of an idea it is to install a "good" piece of malware (or should I call it posiware?) as a preventative measure? What do you think about the concept, is it a good or bad idea?

Topic: Security
Answer this Question

Answers

2 total
AppDevGuy
Vote Up (19)

I don't like the idea of software, even presumably acting with good intentions, running on my machines without my approval.  Sure, I assume that it is meant to be installed by knowledgeable, most likely government users, but if it can react to external threats and "infect" the threat source autonomously, it seems like just a matter of time before it is essentially invited to infect a "black hat" machine through an attack, and the bad guys get access to the code to modify and use for their own purposes.  I also have concerns about the effect on memory and processor cycles, and bandwidth consumption, which seems inevitable with this type of software.   Nothing is free, so I would also expect to see memory drain if this is constantly running on machines to provide active defense against attacks.  All in all, I lean towards thinking this concept of a "good virus" is probably a bad idea.

jimlynch
Vote Up (15)

Sounds a bit like Spy Versus Spy to me. Heh. Where does it end? And could the Japanase idea complicate things and make an even bigger mess at some point?

But then again, I could be wrong in being skeptical about it. Sometimes fresh ideas and approaches can generate unexpected progress on problems like this. So perhaps it's a good idea to follow what the Japanese are doing and then see what comes of it?

At the very least I give them credit for being creative.

Ask a question

Join Now or Sign In to ask a question.
A critical vulnerability found recently in a popular newsletter plug-in for WordPress is actively being targeted by hackers and was used to compromise an estimated 50,000 sites so far.
Google, Microsoft and Yahoo are meeting with European data protection authorities Thursday to discuss how to implement a recent ruling that gives people the right to have personal information excluded from search results.
Hackers have stolen user contact information, including email addresses and phone numbers, from the website of the European Central Bank and attempted to extort money from the institution.
EBay faces a class action suit in a U.S. federal court over a security breach earlier this year.
A vulnerability broker published a video demonstrating one of several flaws it has found in the privacy-focused Tails operating system, which is used by those seeking to make their Web browser harder to trace.
Juniper Networks has divested its mobile security product line, selling the assets to a private equity firm for $250 million.
Six people have been indicted on charges of running an international ring that resold tickets bought through compromised StubHub accounts for some of New York's biggest concerts and sporting events.
Dutch intelligence services can receive bulk data that might have been obtained by the U.S. National Security Agency (NSA) through mass data interception programs, even though collecting data that way is illegal for the Dutch services, the Hague District Court ruled Wednesday.
The TOR Project thinks it has figured out how the author of a canceled Black Hat talk cracked its software to mask the source of Internet traffic, and it is working on a patch.
Businesses wanting the security of BlackBerry Enterprise Service 10 without the complexity of managing it onsite can now buy it as a hosted service from six BlackBerry partners.
randomness