How good of an idea is it to create a "good virus" to defend against viruses and cyberattacks?

ablake

To combat DDoS attacks, the Japanese government is apparently working on a "virus" that can trace back to an attacking resource, then disable it. I can't help but wonder how good of an idea it is to install a "good" piece of malware (or should I call it posiware?) as a preventative measure? What do you think about the concept, is it a good or bad idea?

Topic: Security
Answer this Question

Answers

2 total
AppDevGuy
Vote Up (22)

I don't like the idea of software, even presumably acting with good intentions, running on my machines without my approval.  Sure, I assume that it is meant to be installed by knowledgeable, most likely government users, but if it can react to external threats and "infect" the threat source autonomously, it seems like just a matter of time before it is essentially invited to infect a "black hat" machine through an attack, and the bad guys get access to the code to modify and use for their own purposes.  I also have concerns about the effect on memory and processor cycles, and bandwidth consumption, which seems inevitable with this type of software.   Nothing is free, so I would also expect to see memory drain if this is constantly running on machines to provide active defense against attacks.  All in all, I lean towards thinking this concept of a "good virus" is probably a bad idea.

jimlynch
Vote Up (17)

Sounds a bit like Spy Versus Spy to me. Heh. Where does it end? And could the Japanase idea complicate things and make an even bigger mess at some point?

But then again, I could be wrong in being skeptical about it. Sometimes fresh ideas and approaches can generate unexpected progress on problems like this. So perhaps it's a good idea to follow what the Japanese are doing and then see what comes of it?

At the very least I give them credit for being creative.

Ask a question

Join Now or Sign In to ask a question.
Earlier this week, an indictment was unsealed outlining a long list of charges against a group of men accused of running a three-year hacking spree that stole intellectual property from gaming companies.
The cybersecurity profession and its role in keeping the Internet safe is lost among young adults, who are therefore less likely to pursue a career in the field, a survey shows.
Don't think for an instant that once POS malware is defeated the first time, it's gone for good. These attacks have a habit of resurrecting themselves, with a lot of help from criminal hackers.
Researchers have discovered hackers trying to exploit the Shellshock Bash vulnerability to compromise network attached storage devices in universities in the U.S., Japan and Korea.
McAfee issues its annual list of the most dangerous people to search for online -- as in, you might get a virus if you do.
FireEye has detected Shellshock attacks against network-attached storage devices made by Taipei-based QNAP and used by universities and research institutes in Korea, Japan and the U.S.
The leader of the now-disbanded LulzSec hacking group directed members to attack targets in dozens of countries, including the U.K., Turkey, Brazil and Australia, even as he was serving as an FBI informant, according to a news report.
The Xen Project has revealed the details of a serious vulnerability in the Xen hypervisor that could put the security of many virtualized servers at risk.
The Joomla project pushed out new updates for its popular content management system Wednesday after a glitch was found in the high-priority security patches it released a day before.
Virtual private network servers based on OpenVPN might be vulnerable to remote code execution attacks through Shellshock and other recent flaws that affect the Bash Unix shell.

White Papers & Webcasts

See more White Papers | Webcasts

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness