Good Worm Fixes Infected Computers

Security experts have debated the merits of using so-called "good worms" to fight virulent worms and viruses since the early 1990s. However, such activity is illegal under a 1986 computer crimes law.

A new Internet worm emerged today that is designed to seek out and fix any computer that remains vulnerable to "Blaster," the worm that attacked more than 500,000 computers worldwide last week.

The new worm scours the Internet for computers already infected with Blaster and deletes the "bad" worm, according to two anti-virus software vendors. The worm then fixes the computers with one of eight software patches developed by Microsoft Corp. Blaster and the new worm both target vulnerabilities in recent versions of Windows XP, Windows 2000 and Windows NT 4.0

You can see the whole story here:

http://www.ecommercetimes.com/perl/story/31373.html
http://www.cnn.com/2003/TECH/internet/0 ... t.blaster/

Interesting read..thanks.

I'm just thinking to myself..."what should be illegal about "good worms""? Man, it beats the crap out of searching for and installing patches all the time!

But it is basically "breaking and entering" I wouldn't want one of those things in my computer!

Understood b_heyer. Just thinking outloud mostly, and/or playing devils advocate.

hehehe of course of course, this reminds me of an email my dad got where a snake snuck through the psu fan of a computer...It was very blatenly faked but still a cool picture/notion.

I think one of the main reasons its illegal is because people do not really get to choose if they want it or not. Its all about choice. Secondly just because its a good worm, doesn't necessarily mean everything about it is good. It will probably consume some of the resources on the computer and take up some space (probably marginal and insignificant). I think they mentioned that some in the article too.

the anti-blaster worm has the good part, we have a saying in portugal "with that much charity, even a blind doesn't trust". There has to be a full description about the products that come out. In this case, the anti-blaster worm just searches frenetically for more hosts to de-infect and overloads networks.

IT admins never had to be so cautious and workful as now. You have to be informed about all that happens about your software and deply ASAP certified patches ie. hotfixes. Even with Win XP on SP1, you still need +16 additional hotfixes. Microsoft has eased the task about bugfixing and created MBSA.

GFI Languard also checks for system bugs and locates all missing patches for you!

Yeah, it's well-intentioned, but the energy needs to go into educating people about keeping their systems/networks secure and making sure Microsoft, etc. stops leaving so many vulnerabilities in their software.

M$ has been making an effort towards education and software improvement.
They're supporting 1 or more "secure software programming" courses, they intend to have the next OSes with all ports closed, so that the user chooses which ones to open by his free will etc...

I had the opportunity to teach Pro/ENGINEER in some companies, I ended up spending an hour or so explaining to the guys how to secure minimaly a computer. I was talking about firewalls (free ones like SPF) and antivirus (Symantec in this case). Nowadays I would recommend installing security patches urgently and so on.

Here's a nice article:
http://www.washingtonpost.com/wp-dyn/ar ... Aug23.html