I can't help but wonder why we don't extend the "virus" (or "infection") metaphor all the way out. The way viruses interact with our bodies is pretty !@#@$@& complex. I don't know of any naturally occurring viruses that are (purely) beneficial. But there are many that are, in some sense, neutral. It's reasonable to think there exist beneficial viruses, analogous to probiotic gut flora. Toss that into the hat with endogenous retroviruses and a somewhat rebellious attitude I hear from some people about purposefully exposing themselves to dirty contexts and refusing to use hand sanitizers in order to keep their immune system in good shape, and you begin to see a stark difference between the metaphor as used in computer networks versus the real thing. (Sheesh, is that a run-on sentence?)
I know a few radically "open" advocates here in Portland who refuse to secure their wifi access points/routers with passwords, allowing their neighbors and passers by to access a demilitarized zone on their network. This results in a "donation" of bandwidth to the public. But despite their technical efforts and skills with their internal firewalls, it still puts their network at risk. I would think we might extend the "infection" metaphor deeper and develop layers and sub-systems of different sorts of "immunity" against botnet, worm, and virus infections. But some of them, perhaps running BOINC or like this mapping botnet, could be considered healthy infections, perhaps even crowding out bad infections (e.g. Aida) like the good bacteria in our guts. On 05/01/2013 11:46 AM, Steve Smith wrote: > I have read the paper (but only once through) and it appears that most > if not all of the machines in question are in fact "embedded" computers > running inside of printers, webcams, NAS devices, set-top internet > devices (game consoles/Netflix boxes/etc) and even industrial control > systems. I do not see anywhere where "real computers" are excluded, I > assume that they are (mostly) self-excluded by not having a telnet port > open and/or having more security than no password or admin/admin or > root/root as password. > > I would call this more of an exploit than a hack (if the difference > matters)... and the humility shown in the work and in the paper is > surprising. If you read deep enough, you will discover that a > side-effect of this work was to take very limited steps to lame another > botnet being deployed at the same time, known as "Aida". All of the > resulting data is available online ~.6TB worth... I'll be interested in > subsequent analysis! -- glen e. p. ropella http://tempusdictum.com 971-255-2847 ============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com