Microsoft scrambles to quash 'friendly' worm story
Microsoft is moving
to counter some scathing comments regarding a security paper authored by researchers
at its Cambridge, England, facility.
The paper, "Sampling
Strategies for Epidemic-Style Information Dissemination," looks at
how worms sometimes inefficiently spread their code.
The research explores how a more efficient method could, for example, be used
for distributing patches or other software. The advantage would be that patches
could be distributed from PC to PC, rather than from a central server.
That method would reduce the load on a server, and patches would be distributed
faster. But the patches would have the same qualities as a computer worm, a
generally malicious file.
Since a story about the paper appeared on Thursday in the New Scientist magazine,
the paper has been roundly assailed.
"This is a stupid idea," wrote Bruce Schneier, a security expert,
author and CTO of Mountain View, Calif.-based enterprise security vendor BT
Counterpane, on Tuesday, before quoting a passage from the New Scientist story
on his blog.
Schneier
wrote that the idea of so-called "benevolent worms" comes up every
few years.
However, a worm is designed to run without the consent of a user, which doesn't
make it a good method of software distribution, Schneier wrote. The worm patching
technique could also make the patches hard to uninstall or interrupt during
installation, he wrote.
Worms designed to distribute software patches could also be hacked to distribute
malicious software, wrote Randy Abrams, director of education for security vendor
Eset, in his regular e-mail commentary.
Forced patching is also troublesome since some patches may not be compatible
with critical software, Abrams wrote.
"Breaking into computers is a bad idea," Abrams said.
A Microsoft spokesman said on Monday that the New Scientist story is not inaccurate.
However, the writer of the story "sexed" up the research paper a bit,
particularly with the headline that used the phrase "friendly worms,"
the spokesman said.
In response to the criticism, Microsoft said it doesn't intend to develop patch
worms.
"This was not the primary scenario targeted for this research," according
to a statement.
The company also said it will continue to let customers decide how and when
they apply security updates.
One of the paper's authors, Milan Vojnovic, said in a statement that there
were no plans to incorporate the ideas into Microsoft's products. Efforts to
reach Vojnovic for comment were unsuccessful.
IDG News Service
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
