Worming to the idea?

Most computer 'worms' are slimey, wriggly things; but the same principle can be used to spread helpful stuff.

Worms are a form of self-replicating program that can spread across networks without such a host. They often do so using little or no human interaction. Generally, such programs are used to distribute malicious payloads. The idea of using the same type of mechanism to distribute software that does good instead of evil has cropped up repeatedly over the years.

The Microsoft paper analysed the way that information spreads across fragmented networks such as the Internet, and tried to find ways to optimise it as a theoretical way of disseminating information online. It also hoped to use the research to find potential ways of better containing Internet worms, explained the abstract.

"In the context of epidemic-style patch dissemination, Microsoft will always let customers decide whether a particular security update is appropriate for them," said a Microsoft spokesperson. Just as well, say some antivirus companies, because if such a system emerged, they would be obliged to protect against it. 

Although such worms could distribute patches quickly if coded properly, the potential problems outweigh the benefits. For one thing, the worm would try to 'infect' the computers of people not running the vendor's software - presenting a nuisance and hogging Internet bandwidth.

Also, people still like to control the software patches installed on their computers. Consumers tend to swallow everything that Windows Update throws at them, say Microsoft's security insiders; but business users are more discerning, and will wait until proper testing has been completed before following something out internally.

This is an important step, because security patches have been known to cause problems with existing software configurations in the past.

There have been some friendly worms written by underground authors. The KOH virus encrypted floppy disks and hard-drives on computers that it infected, so that data thieves couldn't steal it. Another, called Nachi, tried to remove versions of the Blaster worm from any system that it found, before downloading a security patch from Microsoft. And malware writers sometimes write quasi-friendly routines in their own software out of self-interest.

During the wars between the Bagle and Netsky Internet worms, one piece of software would try and detect the other, removing it from the system, so that the infected machine would be 'owned' by one party alone.

So, friendly and quasi-friendly worms do have a dark, underground history, even if Microsoft has stamped on a legitimate future for the idea.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them