werner@utastro.UUCP (Werner Uhrig) (11/11/88)
I've seen a lot of dire anticipations about the worm having escaped before the (destructive) functions could be added; WHAT IF Mr. X was working on a worm that would go around patching systems and make them more secure? What if I'd tell you that it is a perfectly feasable concept to distribute system-patches (especially urgent ones) by releasing self-propelling code looking for a place where it is needed? Don't yell all at the same time - not quite yet.... What if, by definition, all UNIX-boxes on a network are insecure (lots of people say that) and what if all systems came with a feature heavily protected by encryption which would allow a vendor to send out patches, which, when they arrive on your system, would announce themselves and tell you what security holes you have left open and offer to close them for you? Wouldn't that work a lot better than the "old-boys-network" we have been using to distribute security fixes? It would help all those admins who either don't have time, knowledge or connections to get around to making their system secure, if someone like Robert would give them free security consultant's advice by releasing a "Self-Propelled Diagnostic-program" (in a minute I'll come up with a catchy name for that critter: -see below-) that does nothing but point out the weaknesses in the system and offer to teach you how to fix things. (let's not argue if you want to trust such a program or not; we are all in the habit of checking things out in varying degrees) - just pointing out the holes without fixing anything would be a smashing success - and, certainly, a lot fewer people would scream for his scalp - and more would praise him. OK, enough; I have no idea what Mr. X's actual actions, motivations, or plans were; but I have every confidence that they were not destructive, but rather the opposite. You are welcome to cite me in your defense, Mr. X... (-: below follows my brainstorm at a catchy name for the critter: Travelling Worm with a Beneficial Purpose? na, too long; TWwaBP? too cryptic. maybe I can stick AI in there somewhere - that field needs all the good press it can get: WAIT, Worm that uses AI Techniques? sounds slow, thus negative. NURSE ! Network Using Remote Service! here we go! I can already see the glossy color ads for AI-NURSE, Dumb Blonde NURSE, The NURSE is here - and YOU need a DOCTOR!!) -- --------------------> PREFERED-RETURN-ADDRESS-FOLLOWS <--------------------- (ARPA) werner@rascal.ics.utexas.edu (Internet: 128.83.144.1) (INTERNET) werner%rascal.ics.utexas.edu@cs.utexas.edu (UUCP) ..!utastro!werner or ..!uunet!rascal.ics.utexas.edu!werner
jejones@mcrware.UUCP (James Jones) (11/13/88)
In article <3372@utastro.UUCP>, werner@utastro.UUCP (Werner Uhrig) writes: > What if, by definition, all UNIX-boxes on a network are insecure > (lots of people say that) and what if all systems came with a > feature heavily protected by encryption which would allow a vendor > to send out patches, which, when they arrive on your system, would > announce themselves and tell you what security holes you have left > open and offer to close them for you? Then all the crackers would know just what to attack. I don't think anyone would trust such a mechanism, unless it were one that was under their control, i.e. the sysadmin would call the vendor's machine periodically to run something to probe their system for leaks. Even then, I would worry. James Jones