From: www.itworld.com

Microsoft scrambles to quash 'friendly' worm story

by Jeremy Kirk

February 19, 2008 —

 

Microsoft is moving
to counter some scathing comments regarding a security paper authored by researchers
at its Cambridge, England, facility.

The paper, "Sampling
Strategies for Epidemic-Style Information Dissemination," looks at
how worms sometimes inefficiently spread their code.

The research explores how a more efficient method could, for example, be used
for distributing patches or other software. The advantage would be that patches
could be distributed from PC to PC, rather than from a central server.

That method would reduce the load on a server, and patches would be distributed
faster. But the patches would have the same qualities as a computer worm, a
generally malicious file.

Since a story about the paper appeared on Thursday in the New Scientist magazine,
the paper has been roundly assailed.

"This is a stupid idea," wrote Bruce Schneier, a security expert,
author and CTO of Mountain View, Calif.-based enterprise security vendor BT
Counterpane, on Tuesday, before quoting a passage from the New Scientist story
on his blog.

Schneier
wrote that the idea of so-called "benevolent worms" comes up every
few years.

However, a worm is designed to run without the consent of a user, which doesn't
make it a good method of software distribution, Schneier wrote. The worm patching
technique could also make the patches hard to uninstall or interrupt during
installation, he wrote.

Worms designed to distribute software patches could also be hacked to distribute
malicious software, wrote Randy Abrams, director of education for security vendor
Eset, in his regular e-mail commentary.

Forced patching is also troublesome since some patches may not be compatible
with critical software, Abrams wrote.

"Breaking into computers is a bad idea," Abrams said.

A Microsoft spokesman said on Monday that the New Scientist story is not inaccurate.
However, the writer of the story "sexed" up the research paper a bit,
particularly with the headline that used the phrase "friendly worms,"
the spokesman said.

In response to the criticism, Microsoft said it doesn't intend to develop patch
worms.

"This was not the primary scenario targeted for this research," according
to a statement.

The company also said it will continue to let customers decide how and when
they apply security updates.

One of the paper's authors, Milan Vojnovic, said in a statement that there
were no plans to incorporate the ideas into Microsoft's products. Efforts to
reach Vojnovic for comment were unsuccessful.


IDG News Service