Interesting People mailing list archives

more on This worries me-- should I be djf Network Inoculation: Antivirus shield would outrace cyber infections

From: David Farber <dave () farber net>
Date: Thu, 8 Dec 2005 11:11:10 -0500



Begin forwarded message:

From: "Synthesis: Law and Technology"<synthesis.law.and.technology () gmail com>

Date: December 8, 2005 10:34:21 AM EST
To: dave () farber net

Subject: Re: [IP] more on This worries me-- should I be djf NetworkInoculation: Antivirus shield would outrace cyber infections


Dave,

These kind of theoretical approaches always scare me (and i likebeing theoretical).Look at the massive assumption inherent in the approach: They treata virus as something scalable. they can detect it and prevent it in adeterministic manner. Just looking at the recent Sony rootkit fiascoit is clear that the process of detection repair and innoculation isnot always a simple one. So the whole thing falls apart for a virusthat you cant prepare a standardized innoculation 'kit' in 'x' time.Seems to be creating a massive security hole in the guise of fixingthings, no?


Dan Steinberg

SYNTHESIS:Law & Technology
35, du Ravin phone: (613) 794-5356
Chelsea, Quebec
J9B 1N1

On 12/7/05, David Farber <dave () farber net> wrote:

Begin forwarded message:

From: Mary Shaw <mary.shaw () gmail com >
Date: December 7, 2005 6:37:26 PM EST
To: dave () farber net
Subject: Re: [IP] This worries me-- should I be djf Network
Inoculation: Antivirus shield would outrace cyber infections

Dave,

I thought this idea went the rounds a couple of years ago and was
abandoned.

Who gets to decide what needs to be fixed?  Me?  Symantec?
Microsoft?  Sony?

Why do we believe that the cures propagate in different ways from the
diseases?

Why is it more ethical to change my machine for something *you* say
is good than to change my machine for some other reason?  Your
favorite spammer probably thinks the world is a better place if he
can send spam from lots of locations rather than just one.  Your
favorite authority figure probably thinks the world needs to be cured
of the possibility of viewing certain kinds of material.

And who is responsible when the fix breaks something?

Mary


On 12/7/05, David Farber <dave () farber net> wrote:

Begin forwarded message:

From: Keith Dawson <kadawson () mac com >
Date: December 7, 2005 10:38:38 AM EST
To: dave () farber net
Subject: Network Inoculation: Antivirus shield would outrace cyber
infections

Dave -- for IP if you deem it of interest.

-- Keith Dawson
______________________

http://sciencenews.org/articles/20051203/fob4.asp
  or
http://tinyurl.com/7z6nv     [print version]

Network Inoculation: Antivirus shield would outrace cyber infections

Peter Weiss

The best way to stop an epidemic might be to start one. That's the
gist of a new strategy against computer viruses that was just
unveiled by Israeli researchers. In their theoretical approach, when
a computer network detects a new virus, it launches an internal
counter-epidemic of self-propagating, protective messages. Upon
receiving such a message, an uncontaminated computer immunizes
itself against the virus.
...
In the new scheme, proposed in the December Nature Physics, network
designers would scatter "honeypots" throughout a network. These are
computers secretly armed with software that can trap and identify
new viruses, then rapidly generate and broadcast the means to lock
out the intruders. The protective message would fan out among the
computers on links that only the antiviral mechanism could use.
...
What's most innovative about the [the new] scheme, Kephart says, is
the shadow network that would transmit the immunizing messages.
Those extra links could be as simple as a set of special e-mail
addresses. They would enable the epidemic of immunization messages
to take place "behind enemy lines," Shir says, and thereby gain the
upper hand.


Goldenberg, J.E. Shir, et al. 2005. Distributive immunization
of networks against viruses using the 'honey-pot' architecture.
Nature Physics 1(December):184-188. Abstract available at
http://dx.doi.org/10.1038/nphys177 .


-------------------------------------
You are subscribed as mary.shaw () gmail com
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-
people/


-------------------------------------
You are subscribed as synthesis.law.and.technology () gmail com
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/




--


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Current thread:

more on This worries me-- should I be djf Network Inoculation: Antivirus shield would outrace cyber infections David Farber (Dec 07)
- <Possible follow-ups>
- more on This worries me-- should I be djf Network Inoculation: Antivirus shield would outrace cyber infections David Farber (Dec 08)