Linked by Andrew Youll on Wed 17th Aug 2005 15:52 UTC, submitted by anonymous
Windows The internet is full of hosts running unpatched versions of Windows. Should Microsoft release patching worms to fix every vulnerable system on the Internet in a matter of minutes? That's one of the hot questions that security researcher Jose Nazario, famous for his WormBlog, answered in this interview on SecurityFocus. It's a nice read, especially when they start comparing computer worms to nature phenomena.
Thread beginning with comment 19091
To read all comments associated with this story, please click here.
bornagainenguin
Member since:
2005-08-07

I know this is one of those recurring memes onthe net, but really who is it that tinks this is a good idea? How much will these peole like it when the next 'patch worm' does a DRM update and suddenly non of their media will work? Or suddenly they'e unable to open the html document they jut saved because they don't have authorcreator authentications?

Don't laugh, the way things have been going lately that IS the future. The next time one of us geeks wh ought know better proposes something like this, even as speculaion, let's try to remember that what gets imposed on the technically iliterate is something that we ALL have to lve with--just look at Windows activation and how many pirates its created out of people who use a VLK copy of Windows despite actually being the owner of a legitatmate Windows Key and media simply to avoid the hasslesof re-re-e-re-regstation every time they upgrade.

People need to start thinkin about the law of unintended consequences!

--bornagainpenguin

PS: 'I use Linux, this type of stuff doesn't affect me' doesn't apply here--Linus has made it clear that he (for better or worse) sees nothng wrong with DRM...this type of thing affects everyone!

Reply Score: 1

Lazarus Member since:
2005-08-10

I think you're blowing this whole DRM thing out of proportion.

If for example, Microsoft removes your ability to play non-DRM'd content (which I don't see happening anytime soon), use something else. If the use of hardware enforced DRM becomes mandatory, it's not the technology that is the problem, but the people making the rules.

TCPA can be used for a lot of good things, most of which have sod all to do with DRM, and you as a Linux user would do well to adopt it for those reasons when the technology becomes widely available (storing cryptographic keys in the hardware instead of in files on your HD, etc.).

I don't ever see a situation come about wherein alternative operating systems will not be able to run on TCPA hardware. If some Disney flicks won't play on these machines because that corporation doesn't trust your software, I hardly see that as a huge loss.

Back on topic, I think this patching worm is a neat idea, but it's likely to cause more problems than it's worth. That's what automatic updates are for.

Reply Parent Score: 1

bornagainenguin Member since:
2005-08-07

>>I think you're blowing this whole DRM thing out of proportion.

Fair enough...It's just the first example that came to mind.

I just have a problem with people thinking a 'patch worm' is a good idea. Like I said we need to beware the law of unintended consequences.

>>If for example, Microsoft removes your ability to play non-DRM'd
>>content (which I don't see happening anytime soon), use
>>something else. If the use of hardware enforced DRM
>>becomes mandatory, it's not the technology that is the
>>problem, but the people making the rules.

Ah! But with a 'patch worm' we're not talking about the people who make the rules anymore. We're talking about arbitary decisions being made for you by God knows who! Okay, here's a senario for you, like many of us I have a legal copy of Windows XP, yet use a VLK cd in order to not have to call home to Microsoft every time I reinstall or want to fiddle with my hardware or software. Now suppose someone gets tired of all the people out there running the FCKGW Windows series and builds a patch worm that would cause their machines to stop working by patching the system to behave like XP HomePro after the grace period.

What about a 'patch worm' that goes through your MP3s collection and if it finds say...Madonna it deletes all songs with her name? Or maybe the RIAA manages to get that law rammed through where by they can send viruses out to 'fix' your computer if you're caught with any of the known p2p mp3s?

>>TCPA can be used for a lot of good things, most of which
>>have sod all to do with DRM, and you as a Linux user
>>would do well to adopt it for those reasons when the
>>technology becomes widely available (storing
>>cryptographic keys in the hardware instead of in files on
>>your HD, etc.).

Which is eactly the arguments used by Linus himself in favor of adding these technologies to Linux. That said I don't like the idea of apps being able to run on my system without my giving the say so. And a surprisingly large ammount of the population agrees, which is why they've had so many people getting so upsset when random spyware app X installs itself without intervention. The loss of control of their machine infuriates them!

>>Back on topic, I think this patching worm is a neat idea,
>>but it's likely to cause more problems than it's worth.

Which is amazingly the point I'd been trying to make. Only I gave some examples.

--iWindoze

Reply Parent Score: 1