__/ [ Mark Kent ] on Monday 24 July 2006 10:00 \__
> Unnatural selection in the cyber world.
>
> The world's armies of identical computer systems are doomed -
> only those able to evolve into new breeds will survive
>
> http://www.newscientist.com/contents/issue/2561.html
>
> WHEN the Code Red computer worm made its debut on 12 July 2001,
> it seemed harmless enough. A week later, it transformed into
> one of the worst attacks the internet has ever known. In the
> intervening days, someone had fixed a bug in the worm. This
> allowed it to spread like wildfire, striking computers at random
> by infiltrating a program called Microsoft Internet Information
> Services. Once lodged inside, Code Red sent copies of itself to
> other machines worldwide - it is this ability to replicate that
> distinguishes worms from ordinary computer viruses. Within 24
> hours it had infected over 350,000 machines (see Maps).
So, I was thinking about this while walking down the street. You know, I have
not patched my SuSE 8.1 (it was still lowercase "U" at the time) box for
several years. Am I worried? Not at the slightest and lowest of levels. Why?
Come to consider the onslaught of regular patches that reach Linux boxes
quite immediately, as soon as their realisation or existence emerges. Then
come to consider frequent new releases (short release cycles, high frequency
which affects third-parties as well), as well as the immense number of
distributions out there. How the heck can someone shrewdly target such a
diverse pool? Or even plan to disseminate the attack in a propagative,
infectious fashion? The fact is: almost no chain can be found where boxes
are identical. Variety results from: O/S; distribution (including third
party software, desktop environment, Web browser, etc.) patches state;
version (more of these)...
A world dominated by Windows XP is a world that seems like the following:
http://www.redhat.com/f/ogg/choice.ogg
http://www.redhat.com/f/rm/choice_small.ram
http://www.redhat.com/f/mov/choice_small.mov (same video, different formats)
Oh, look! Diversity in formats, as well. Maybe we need more standards to be
obeyed unilatrally.
> Unfortunately, the whole article is a subscription one, however, the
> full text is also available in the paper magazine, which will be at your
> local library.
>
> It goes on to describe the success of current linux distros at avoiding
> this problem, and further, describes superior methods for taking linux
> forward to make it much more immune to such difficulties. Techniques
> which have been successfully used are described, including encrypting
> the running code in memory to make it much more difficult to exploit a
> buffer overflow (the virus wouldn't be able to encrypt itself the right
> way).
>
> The article is well written and worth a read.
>
> Apologies to Roy for nicking his News format :-)
The more, the merrier!
|
|
