The internet is full of hosts running unpatched versions of Windows. Should Microsoft release patching worms to fix every vulnerable system on the Internet in a matter of minutes? That’s one of the hot questions that security researcher Jose Nazario, famous for his WormBlog, answered in this interview on SecurityFocus. It’s a nice read, especially when they start comparing computer worms to nature phenomena.
Should Microsoft Release Patching Worms?
2005-08-17 5:00 pmDittoBox
Bloody well put.
This comes up every 6 months. The answer hasn’t changed.
2005-08-17 4:20 pmAnonymous
The article also says no. For the same reasons as before.
It is a good read, though.
I know this is one of those recurring memes onthe net, but really who is it that tinks this is a good idea? How much will these peole like it when the next ‘patch worm’ does a DRM update and suddenly non of their media will work? Or suddenly they’e unable to open the html document they jut saved because they don’t have authorcreator authentications?
Don’t laugh, the way things have been going lately that IS the future. The next time one of us geeks wh ought know better proposes something like this, even as speculaion, let’s try to remember that what gets imposed on the technically iliterate is something that we ALL have to lve with–just look at Windows activation and how many pirates its created out of people who use a VLK copy of Windows despite actually being the owner of a legitatmate Windows Key and media simply to avoid the hasslesof re-re-e-re-regstation every time they upgrade.
People need to start thinkin about the law of unintended consequences!
PS: ‘I use Linux, this type of stuff doesn’t affect me’ doesn’t apply here–Linus has made it clear that he (for better or worse) sees nothng wrong with DRM…this type of thing affects everyone!
2005-08-17 5:24 pmLazarus
I think you’re blowing this whole DRM thing out of proportion.
If for example, Microsoft removes your ability to play non-DRM’d content (which I don’t see happening anytime soon), use something else. If the use of hardware enforced DRM becomes mandatory, it’s not the technology that is the problem, but the people making the rules.
TCPA can be used for a lot of good things, most of which have sod all to do with DRM, and you as a Linux user would do well to adopt it for those reasons when the technology becomes widely available (storing cryptographic keys in the hardware instead of in files on your HD, etc.).
I don’t ever see a situation come about wherein alternative operating systems will not be able to run on TCPA hardware. If some Disney flicks won’t play on these machines because that corporation doesn’t trust your software, I hardly see that as a huge loss.
Back on topic, I think this patching worm is a neat idea, but it’s likely to cause more problems than it’s worth. That’s what automatic updates are for.
2005-08-17 5:47 pmbornagainenguin
>>I think you’re blowing this whole DRM thing out of proportion.
Fair enough…It’s just the first example that came to mind.
I just have a problem with people thinking a ‘patch worm’ is a good idea. Like I said we need to beware the law of unintended consequences.
>>If for example, Microsoft removes your ability to play non-DRM’d
>>content (which I don’t see happening anytime soon), use
>>something else. If the use of hardware enforced DRM
>>becomes mandatory, it’s not the technology that is the
>>problem, but the people making the rules.
Ah! But with a ‘patch worm’ we’re not talking about the people who make the rules anymore. We’re talking about arbitary decisions being made for you by God knows who! Okay, here’s a senario for you, like many of us I have a legal copy of Windows XP, yet use a VLK cd in order to not have to call home to Microsoft every time I reinstall or want to fiddle with my hardware or software. Now suppose someone gets tired of all the people out there running the FCKGW Windows series and builds a patch worm that would cause their machines to stop working by patching the system to behave like XP HomePro after the grace period.
What about a ‘patch worm’ that goes through your MP3s collection and if it finds say…Madonna it deletes all songs with her name? Or maybe the RIAA manages to get that law rammed through where by they can send viruses out to ‘fix’ your computer if you’re caught with any of the known p2p mp3s?
>>TCPA can be used for a lot of good things, most of which
>>have sod all to do with DRM, and you as a Linux user
>>would do well to adopt it for those reasons when the
>>technology becomes widely available (storing
>>cryptographic keys in the hardware instead of in files on
>>your HD, etc.).
Which is eactly the arguments used by Linus himself in favor of adding these technologies to Linux. That said I don’t like the idea of apps being able to run on my system without my giving the say so. And a surprisingly large ammount of the population agrees, which is why they’ve had so many people getting so upsset when random spyware app X installs itself without intervention. The loss of control of their machine infuriates them!
>>Back on topic, I think this patching worm is a neat idea,
>>but it’s likely to cause more problems than it’s worth.
Which is amazingly the point I’d been trying to make. Only I gave some examples.
2005-08-17 5:50 pmLazarus
Principal Skinner: Milhouse? Do you like the beach?
Milhouse: Who doesn’t?
Principal Skinner: Good. I want you to pick up all this medical waste that’s washed up on the shore, here.
Milhouse: Ow! I pricked myself.
Principal Skinner: Well, just keep working. You’ll prick yourself with the antidote sooner or later.
I think it’d be neat to see someone do this, but like the guy in the interview said, there are downsides to it.
Despite the potential downsides, I say go for it!
2005-08-17 6:27 pmAnonymous
Despite the potential downsides, I say go for it!
OK, what are the upsides that are worth the downsides?
Keep in mind that you have to put serious effort into convincing me (and others) who have already gone over this idea many times in the past and have come up with the conclusion each time that it’s a really really bad idea.
I’m not against being convinced, though at this time I’d have to consider anyone who released a patching worm in to the wild a “bad guy” just as bad as the creators and distributors of intentionally distructive viruses.
That’s what Windows Update is for. If they want to force a patch, then they should push it through Windows Update without the option to refuse the patch. There are numerous reasons for not doing this of course, most of them mutual to the idea of a “patch worm”, but if they are going to do it at all, it should be through the front door and not the back.
2005-08-17 6:29 pmAnonymous
Agreed. I like to know when i’m being flam-boozled
In case you don’t know the first worm was designed to automagically patch a piece of software and it soon got out of control. Imagine the disaster of a piece of software designed by Microseft combined with the potential havok wrecking of a worm. The best thing they could do is unplug all those PCs running the proprietary piece of shit Windows XP system from the network and ony allow non-Windows OSs on the Internet.
2005-08-17 5:52 pmRonald Vos
You need to recheck your worm-history.
Wasn’t the first internet worm pretty innocent, but the coder made a mathmatical error and it brought most of the internet down? I’d hate to see what a buggy rushed to release MS produced worm could do.
2005-08-18 4:13 amAnonymous
If you are talking about the Morris worm, it is questionable if it really was a mathematical error. Later analysis showed that it was fairly sloppy written, and I seem to remember that this “mathematical error” didn’t really have any impact on the outcome.
Ok, besides the topic being old and beaten, there were some interesting links behind the article. From the blog, you can reach that guy’s papers for example. Good reading.
what I cannot understand is this….
why do journalists come up with stupid ideas like this and expect everyone to say “yes please!”
do they think all Windows users are that stupid they do not know the importance of updating their own machines ?
do they not trust the Windows users to try at least to keep their own PCs secure ?
do they think all Windows users are so dumb that they have to have everything done for them automatically ?
Personally, I do not use Windows, but if I did, I would have felt insulted by the retard who thought of this.
2005-08-18 4:20 amAnonymous
It’s a reality that a lot of hosts on the internet that run MS Windows aren’t patched. We are talking about 30% or more. And since Windoh has a great market share, we are talking of millions vulnerable systems…
I’m sorry, but no. That’s rediculous and people should go to prison if they unleash it.
… mickeysoft unfukcs the damage. Now, bend over and enjoy.
Updates are always a difficult process, sometimes they break things. eg.XP service pack 2
But at least when you do apply them you know that you applied them and can take steps to figure out how to fix the newly created problem.
If patches are applied without your knowledge then you have no starting point with which to fix things.
Very Bad Idea.
I just spent a whole evening with a Powerbook, and then checked OSNews and there it was. People argue with foam at the mouth about whether or not MICROSOFT SHOULD RELEASE ITS PATCHING WORM! And another article is about “New variants of worms” that hit Windows systems. Wake up people! That’s gross! That’s ridiculous! Are you taking worms for granted or what? They should never ever happen in the first place!
i got enough 3rd party software i use that does a good job at preventing worms. i never had any virses at all since i deleted internet explorer and used opera as my default browser
Jesus Christ, how much bandwidth do you want to waste to fix a broken product? It’s time to give up the idea of security on a closed source platform and switch to open source.
Be free, be open. FREEDOM!
A patching worm has just as much potential to halt the internet as a real worm. What if microsoft had released XP SP2 (or parts of it) as a worm? I saw that SP crash 8 out of 10 computers it touched.
And when they get sued when their patching worm corrupts a production system in a fortune 1000 company we can all sit back and laugh.
Some companies skip patches for a reason.