 Cyberguru
join:2005-06-09
Phoenix, AZ | Great Idea I think this is a great Idea! As long as we are not compromising something in return I'm completely on board. Viruses have become an all to often occurrence. | |
|
 | 
Kompressor
Premium
join:2002-02-12
Huntington Beach, CA | Re: Great Idea After they combat the viruses, what will they combat next, free speech? | |
|
| | 
Jason Levine
Premium
join:2001-07-13
USA | Re: Great Idea How do you make the leap from combating viruses to restricting speech? | |
|
| | |
Kompressor
Premium
join:2002-02-12
Huntington Beach, CA | Re: Great Idea Immunization can be used for good and/or bad. If immunization is integrated into something like the internet, they will be able immunize, block or isolate things other than viruses. Who knows what the limits are. | |
|
| | | | Samwoo
join:2002-02-15
Rancho Palos Verdes, CA | Re: Great Idea Uhm blocking data is already a very easy thing to do.
This just allows us to block executable code with certain signatures. | |
|
| | | | | deepblackmag
join:2004-12-27
00000
1 edit | Re: Great Idea Whats to stop them from blocking ascii code with certain words?
And, where are you talking about blocking, because any sort of data inspection doesnt happen on the backbone. Core routers in exchanges hardly filter anything, and even then its not by content. To re-assamble every message in transit to inspect it to see if there is a certain block of bytes in it is rediculous. | |
|
| | | | | | 
envoid
join:2002-12-21
Duluth, GA
1 edit | Re: Great Idea It would be perfect for the NSA, FBI, CIA, and DoHS. Why have them build stuff that can look at everything and get blasted for it while everyone supports the "virus innoculizer" and its "side jobs".
But how would this setup keep the retarded from not loading virus/hoax/ad/spy/trojan-ware in the first place via web, mail, whatever? And just cuz it's on the Internet in many places won't stop the spread if there's a non-innoculized route. I'm sure there would be, especially with cable co's and their infrastructure.
Nice idea but don't think it'll work. | |
|
| | | | 
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB
| Nothing caters to government surveillance and restricted speech like the current insecurity of the internet.
Anything that looks like a worm, virus or trojan people automatically assume is from an independent hacker.
We never suspect that it might be a "friendly", hostile government, or political opponent.
And the current insecurity of the internet prevents individuals and local authorities gathering evidence.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC) | |
|
| Bait_hammer
join:2002-12-16
Victoria, BC | Great now the internet can gets its own version of AIDS.  | |
|
| | Cyberguru
join:2005-06-09
Phoenix, AZ | Re: Great Idea It already has it, this would be the cure dumb a@@ | |
|
|
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB
1 edit | You are correct, this is a very good and very long over due good idea.
The only real solution is (1) a world-wide network of detectors that collect intrusions and exploits, that use a network independent of the internet to simultaneously funnel them back to (2) redundant central points for analysis, (3) (an independent network) to send those analysis out to firewalls and anti-malware scanners ahead of the instrusions spread through the internet, and (4) firewalls and scanners capable of accepting warnings and automatically acting on them (in a user-customized way) to protect the LANs and computers behind them.
(5) The same mechnism could send SMS text messages alerting admins of the impending problem.
(6) This same independent network could be used for supplemental human communications on resolving problems if the internet failed.
The current security situation on the internet prevents free speech by making it to easy to disrupt free speech, and making it too easy for others to impersonate us.
The current situation means that we cannot really trust those we talk to on the internet to be who they claim to be, nor to be who they were last week. (That is, we would never know if someones that we know only by a nickname is the same someone that had that nickname last week.)
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC) | |
|
fiberguy
My views are my own.
Premium
join:2005-05-20 | Did anyone see terminator? To start, this sounds like a great idea...
But - did anyone see the Terminator 1, 2, or 3? Will the internet's immune system see US as the virus and launch all weapons?  | |
|
| |
| rradina
join:2000-08-08
Chesterfield, MO | I won't take it that far but someone might figure out a way to create a virus that rapidly morphs and acts as a carcinogen. | |
|
| | 
jmycknshk
...bring your green hat
join:2004-07-02
West Chester, PA | Re: Did anyone see terminator? basically keeping computer fully occupied and it "cooks" itself by maxxing out the proc and memory till it breaks.
i foresee a bunch of undue system stress. | |
|
| | | 
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| Re: Did anyone see terminator? said by jmycknshk  :basically keeping computer fully occupied and it "cooks" itself by maxxing out the proc and memory till it breaks. i foresee a bunch of undue system stress. Heh that takes alot more than you think. Realy constant load isnt as bad for a computer as wild swings in load. For example loading your ram up to max then emptying it all out and keep doing that for a few days youll trash your ram. Takes the cpu to 100% load hold for a minute drop to zero rinse and repeat and youl kill the cpu. Easyest piece of hard ware to trash with load is the power supply cycle it to peak load then zero over and over something is gona pop real fast.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channelopen source dns server for *nix and windows »powerdns.com | |
|
| 
JamesPC
join:2005-10-12
Orange, CA | LOL, wow. ya, terminator is "Real". You have a valid point but not in this context. | |
|
jmycknshk
...bring your green hat
join:2004-07-02
West Chester, PA
| who 3 questions...
1. who's going to pay for this?
2. how many suckers do you think will use these and forego the standard antivirus measures?
3. what about symantec, mcaffee, etc? i'm sure they're going to get their fingers in the honeypot first... | |
|
| 
GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
3 edits | Re: who said by jmycknshk :3 questions... 1. who's going to pay for this? 2. how many suckers do you think will use these and forego the standard antivirus measures? 3. what about symantec, mcaffee, etc? i'm sure they're going to get their fingers in the honeypot first... I suspect the targeted users of a service like this would be the ISPs and the security software companies. And if it looked workable, they would pay for the service. To help the end users, the security software companies would have to change their customer update model to a "Push" model instead of the current "scheduled pull" model. The ISPs could use the service to keep their email virus scanning systems much more current.
Some ISPs already make use of a type of honeypot system for SPAM detection. Comcast uses Brightmail service(Uses honeypot model) to keep their email server SPAM scanner current. But that service still misses a lot. So while a honeypot system works it still misses a small percentage of threats.
--
--
Join Red Room Forum
My Web Page | |
|
| |
jmycknshk
...bring your green hat
join:2004-07-02
West Chester, PA | Re: who but for it to truly be effective, we need all OS manufacturers to get onboard as well. symantec and others can only modify so much.
also, 90% of system vulnerability is human error/lack of knowledge bringing something in from the outside. | |
|
| 
Wills
join:2001-01-03
Port Charlotte, FL | You forgot #4.
4. How long will it take the honeypots to be hacked and infucted? | |
|
|
JamesPC
join:2005-10-12
Orange, CA
| software is obsolete at this point, web-based is the way to go...just like the company (spam soap) that currently filters spam over the internet meaning you are always protected by the latest filters that change every time a new spam is allocated to the system (community). This anti-virus block will be a great because it will be updated every time a new virus is found and recognize every instance of that file on the entire network. This system needs to be managed by the right people that have NO conflicts of interest (blocking wanted material).
In the future most all software will be web-based | |
|
Gwailo
join:2000-07-16
Richardson, TX
clubs: | Good Thinking Outside the Box It won't be implemented immediately but good thinking outside the box. To keep releasing updates hourly / daily / every few days is like the kids story of plugging holes in in a dike. | |
|
justmesqui
Just-
Premium
join:2004-05-14
BH9 2RJ | Artifical Inteligence This would only be possible with AI.
how would they combat a new virus if we Humans had not made a protection for it?
sounds a bit ambitious | |
|
| ForeverZero
join:2005-01-11
Hollywood, FL
| Re: Artifical Inteligence said by justmesqui :This would only be possible with AI. how would they combat a new virus if we Humans had not made a protection for it? sounds a bit ambitious Step 1) Read article
Step 2) Post response | |
|
yaplej
CCNA
Premium
join:2001-02-10
White City, OR
·Charter Pipeline
·Clearwire Wireless
1 edit | Not bad... Actually I think its a pretty good idea, but it needs to be incorporated into the hardware of the routers moving traffic around, not some super high powerful system that filters all internet traffic.
If the hardware could recognize a virus in transmission and stop it viruses would have a hard time spreading once it was initially discovered and virus pattern incorporated with the system.
It would make it nearly impossible for old viruses to spread through a network that had hardware to support something like this unless the virus was modified a bit, but then it would be a whole new virus anyway.
Edit:
This is probably something they have already, or are looking at. Identifying a virus in transmission is a huge challenge, and would probably consume a lot of resources on the hardware. | |
|
PacketDump
join:2005-11-29 | The firewalls are holding ---- I'm not sure Skynet's ready. ----
T3 | |
|
dunninger
join:2000-10-12
Arlington, VA | I had heard the Microsoft is already doing this Steve Gibson implied that Microsoft is already doing something like this:
»www.grc.com/sn/SN-002.txt | |
|
| 
ssj4android
Redefining Reality
join:2002-04-14
Wyoming, MI | Re: I had heard the Microsoft is already doing thi I thought a bunch of people were doing this. Certainly I know the idea of a honeypot is not new. Isn't that how antivirus companies gets samples of virii? | |
|
| | 
blueeyesm
join:2003-09-05
Waterloo, ON
·Rogers Hi-Speed
| Re: I had heard the Microsoft is already doing thi said by ssj4android :I thought a bunch of people were doing this. Certainly I know the idea of a honeypot is not new. Isn't that how antivirus companies gets samples of virii? There are, but they just montior and log hacking attempts on said honeypots, then use the info to as evidence if they catch the hacker.
This approach is about these 'pots being able to release fixes real-time. Sounds nice. | |
|
|
| 
MayBe
@sympatico.ca | Re: Old idea When honeypots are taken by hackers, the internet develops AIDS, oh my god | |
|
| |
jpark
join:2005-02-05
Jackson, TN
| Who will be watching the watchers? The idea is to release code to counteract the virus. An anti-virus virus.
Would not these systems (which would become trusted systems) be a great target for distribution of malicious code?
The systems would be designed to rapidly update millions of computers and insert code to protect them from a virus. Now assume someone compromises the protection system. They could, with unheard of rapidity, compromise millions of systems. | |
|
utahluge
join:2004-10-14
Draper, UT | Commercial I've seen those commercials where the kid downloads a program that has a virus at their dads work, and the system already catches it automatically... So is there something like this 'new stuff' already out there? | |
|
| 
golgoj4
join:2005-10-19
Los Angeles, CA | Re: Commercial heh
lemme just say that this site is quite humbling.
with that said, this sounds like a really interesting idea. I just wonder where the av companies will come down on this. | |
|
| | 
BetaTron
Sinz
Premium
join:2002-08-18
Brooklyn, NY | Re: Commercial Yep I agree. Cool idea but you've have to wonder how the av vendors are going to react if they think this will hurt business. | |
|
ctceo
Premium
join:2001-04-26
South Bend, IN
clubs: | Honeypot Virus What happens when the honeypot's get sick? | |
|
|
mamoon
@fdn.com | Re: Honeypot Virus A big stink in a big hurry. | |
|
unbelievable
@adelphia.net
| wow If they are calling it an "immune system" it would seem that it would work similar to the human immune system, which implies, that antibodies would be released on the internet to combat the viruses/worms.
Seems to me, that the antibodies would work much like a worm, having total unblocked access too all pc's on the internet to flow freely and combat whatever virus/worm it was designed to fight off.
First of all, an unblocked antibody "port" sounds like a huge exploit waiting to happen.
Secondly, it would seem that in order for this to work, firewalls/anti-virus S/W would have to be disabled, and most likely (if controlled by government, which we all know it would be) the first thing on the list of the antibodies to combat would be, anti-virus/firewall S/W as it will be considered a "security" threat to the "immune system".
Soon after, firewalls/anti-virus S/W would be considered the viruses/worms and these programs would become an underground development like viruses/worms are currently.
Lastly, we would be at the complete mercy of, eventually, "U know who" , under the disguise of the UN.
Any and all information deemed not "secure" (the word security can be defined many more ways than pertaining to just, the "internet") such as, information not "secure" for civilians to have, or certain information could be eliminated under the disguise that its a threat to national "security". People need to be carefull on how they define the word "security" because more often than not, the person/entities using the word may define it very different. Trust me, if this concept is allowed to continue and be developed, eventually, these will be facts not just speculation. | |
|
|
|
|
An Internet Immune System
Re: Did anyone see terminator?
·
