Linked by Andrew Youll on Wed 17th Aug 2005 15:52 UTC, submitted by anonymous
Windows The internet is full of hosts running unpatched versions of Windows. Should Microsoft release patching worms to fix every vulnerable system on the Internet in a matter of minutes? That's one of the hot questions that security researcher Jose Nazario, famous for his WormBlog, answered in this interview on SecurityFocus. It's a nice read, especially when they start comparing computer worms to nature phenomena.
Thread beginning with comment 19138
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:

>>I think you're blowing this whole DRM thing out of proportion.

Fair enough...It's just the first example that came to mind.

I just have a problem with people thinking a 'patch worm' is a good idea. Like I said we need to beware the law of unintended consequences.

>>If for example, Microsoft removes your ability to play non-DRM'd
>>content (which I don't see happening anytime soon), use
>>something else. If the use of hardware enforced DRM
>>becomes mandatory, it's not the technology that is the
>>problem, but the people making the rules.

Ah! But with a 'patch worm' we're not talking about the people who make the rules anymore. We're talking about arbitary decisions being made for you by God knows who! Okay, here's a senario for you, like many of us I have a legal copy of Windows XP, yet use a VLK cd in order to not have to call home to Microsoft every time I reinstall or want to fiddle with my hardware or software. Now suppose someone gets tired of all the people out there running the FCKGW Windows series and builds a patch worm that would cause their machines to stop working by patching the system to behave like XP HomePro after the grace period.

What about a 'patch worm' that goes through your MP3s collection and if it finds say...Madonna it deletes all songs with her name? Or maybe the RIAA manages to get that law rammed through where by they can send viruses out to 'fix' your computer if you're caught with any of the known p2p mp3s?

>>TCPA can be used for a lot of good things, most of which
>>have sod all to do with DRM, and you as a Linux user
>>would do well to adopt it for those reasons when the
>>technology becomes widely available (storing
>>cryptographic keys in the hardware instead of in files on
>>your HD, etc.).

Which is eactly the arguments used by Linus himself in favor of adding these technologies to Linux. That said I don't like the idea of apps being able to run on my system without my giving the say so. And a surprisingly large ammount of the population agrees, which is why they've had so many people getting so upsset when random spyware app X installs itself without intervention. The loss of control of their machine infuriates them!

>>Back on topic, I think this patching worm is a neat idea,
>>but it's likely to cause more problems than it's worth.

Which is amazingly the point I'd been trying to make. Only I gave some examples.


Reply Parent Score: 1

Lazarus Member since:

Fair enough.

Reply Parent Score: 1