VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Why a "good" virus is good idea

29a [5]
December 2000

[Back to index] [Comments]

Back in 1997, the well known antivirus expert Vesselin Bontchev wrote an article giving twelve reasons to proof viruses are always a bad idea.

That's too pedantic for my vx taste, then i decided to write this article explaining why a "good" virus can be a good idea.

First, we will hear what "good thinking minds" have to say about the question. Here we have Vesselin's article with his 12 reasons:

A dozen reasons why a "good" virus is a bad idea

by Vesselin Bontchev

  1. It is unethical to modify somebody's data without his/her knowledge. In several countries this is also illegal.
  2. Modifying a program could mean that the owner of the program loses his/her rights for technical support, ownership, or copyright.
  3. Once released, you have no control on how the virus will spread; it may reach a system about which you know nothing (or which could have even not existed at the time the virus is created) and on which it might cause non-intentional damage. Even if the bug is discovered, it would be extremely difficult to find all replicants of the virus and apply the appropriate fix to them.
  4. A bad guy could get a copy of the virus and modify it to include something malicious. Actually, a bad guy could trojanize any program, but a "good" virus will provide the attacker with means to transport his malicious code to a virtually unlimited population of computer users.
  5. The anti-virus programs will have to distinguish between "good" and "bad" viruses, which is essentially impossible. Also, the existence of useful programs which modify other programs at will, will make the integrity checkers essentially useless, because they will be able only to detect the modification and not to determine that it has been caused by a "good" virus.
  6. A virus will eat up disk space and time resources unnecessarily while it spreads.
  7. A virus could contain bugs which might damage something or harm somebody. Any program could be buggy, but the virus is a self-spreading buggy program which is out of control.
  8. A virus will disable the few programs on the market which check themselves for modifications and halt themselves if they have been changed, thus performing a denial-of-service attack.
  9. Anything useful that could be done by a virus, could also be done with a normal, non-replicating program.
  10. A virus steals control of the machine from the user and ruins the trust that the user has in his/her machine - the belief that s/he can control it.
  11. Declaring some viruses as "good" will just give an excuse to the crowd of virus writers to claim that they are actually doing "research".
  12. For most people the word "computer virus" is already loaded with negative meaning. They will not accept a program called like that, even if to claims to do something useful.

Here you can read a more recent article talking about the same matter...

Can viruses be used for good instead of evil?

by Bruce Schneier and Elizabeth Zwicky

September 15, 2000

(IDG) -- H.L. Mencken once said, "For every human problem, there is a neat, simple solution; and it is always wrong."

That axiom applies to the cool-sounding idea that computer-security gurus propose: Why don't we use viruses for good instead of evil? As long they're infecting everyone's computer, why don't we distribute them to patch vulnerabilities, update systems and improve security?

A virus is made of two parts: a propagation mechanism and a payload. The propagation mechanism spreads the virus from computer to computer. The payload is what it does once it gets to a computer. The idea is to create viruses with beneficial payloads and let them propagate.

This is tempting for several reasons. One, turning a weapon against itself is a poetic concept. Two, it's a technical challenge that lets ethical programmers share in the fun of designing viruses. And three, it sounds like a promising technique to solve one of the nastiest security problems: patching, or repairing computer vulnerabilities.

Right now, the best patching techniques involve a lot of negotiation and manual labor -- which nobody enjoys very much, especially computer technicians.

Beneficial viruses seem like a nice remedy: You turn a byzantine social problem into a fun technical solution. You don't have to convince people to install patches and system updates. You just use the technology to force them to do what you want.

Therein lies the problem. Patching other people's machines without annoying them is good; patching other people's machines without their consent is not.

Beneficial viruses are a simple solution that's always wrong. A virus is not "bad" or "good" based on its payload. Viral propagation mechanisms are inherently bad, and giving them beneficial payloads doesn't help. A virus isn't a tool for any rational network administrator, regardless of intent.

A good software distribution mechanism has the following characteristics:

A successful virus, on the other hand, is installed without a user's consent. It has a small amount of code and it self-propagates, automatically spreading until halted.

These characteristics are incompatible with those of software distribution. Giving the user more choice, making installation flexible and universal, allowing for uninstallation -- all of these make it harder for the virus to propagate. Designing a better software distribution mechanism makes it a worse virus. Making the virus quieter and less obvious to the user, smaller and easier to propagate, and impossible to contain add up to lousy software distribution.

All of this means that viruses are easy to get wrong and hard to recover from. Once a virus starts spreading it's hard say what it will do. Some viruses have been written to propagate harmlessly, but wreaked havoc -- ranging from crashed machines to clogged networks -- due to bugs in their code. Some viruses were written to do damage and turned out to be harmless, which is even more revealing.

Intentional experimentation by well-meaning system administrators proves that in your average office environment, the code that successfully patches one machine won't work on another. Indeed, sometimes the results are worse than any threat from an external virus. To combine a tricky problem with a distribution mechanism that's impossible to debug and difficult to control is risky. Every system administrator who's ever automatically distributed software on his or her network has had the "I just automatically, with the press of a button, destroyed the software on hundreds of machines at once!" experience. And that's with systems you can debug and control; self-propagating systems like viruses won't let you shut them down when you find the problem.

Patching systems is fundamentally a human and social problem. Beneficial viruses are a neat, simple technical solution -- and Mencken was correct.

Obviously, i can not discuss viruses are basically pernicious, but i can not accept the remaining idea in those two articles: viruses are always bad... they can not be used for good purposes.

VXers are always the bad buys of the movie... or maybe not... I can, and i'll proof that a virus can be a good thing... maybe not legal, but ethical and moral correct.

Just read the next text:

"The weak point of the speculative capitalism is the financial system. More dangerous than the Y2K bug, would be a virus that modify all the unbackeds. A virus that would alter the titularity of the stock-markets. A virus that redirects the funds of the weapon manufacturers to the counts of the humanitary organizations. A virus in the roulette of the system, the tricked ball that would make the bank blow up. The backdoor is in Wall Street. The followers of the empire will call him criminal, but the human able to create that virus has a reserved place in the history books."

(Carlos Sánchez Almeida from "Revolución", 15th october 1999)

In the above text we find the key for the "good" virus... "A virus that redirects the funds of the weapon manufacturers to the counts of the humanitary organizations."

That sounds to Robin Hood: steal to the richs to give to the poors.

Robin Hood is considered a hero... The virus coder that writes such virus, not only has reserved a place in the history books, he will be also considered a hero.

As final thought i'ld like to say that the world is needing badly "good" viruses.

[Back to index] [Comments]
By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! aka