No Need To Deceive, Viruses Offer Users A Faustian Bargain
from the 6-6-06 dept
Malware distributors commonly hold out the lure of free games and screensavers as means of getting users to download the offending software. Often, the games don't work, but in the meantime the user's computer silently becomes part of a malicious botnet that sends out spam and participates in DDOS attacks. Fitting with today's date, two researchers have released a paper describing what they call a Devil Virus. While the Devil Virus in the paper is a theoretical model, it incorporates characteristics from existing viruses that inform users that they are indeed a virus, but will confer on them great powers. To use an example from the paper, the virus may silently infect Alice's computer, and then send an email to her colleague Bob, offering him the chance to read all of Alice's files, or at least any that mention Bob's name. At this point, most competent computer users will realize that this is some unkosher software, but many will take the lure. Furthermore, if Bob has nothing to hide on his computer, it increases the likelihood that he'll risk having the same done to him -- this is known as the paradox of the virtuous sinner. It may propagate itself further still, by allowing Bob to select further recipients, offering them the chance to read Alice's files, and Bob the chance to read their files. Oh yeah, and if Bob wants out of the deal, or doesn't offer up more names it can threaten to encrypt his files, crash his hard drive, or at least expose his wanton ways to his colleagues and company, just as the Devil would do if one backed out. It's widely understood that one of the big security challenges is informing ignorant users about the danger that lurks online, but it's even harder to stamp out seemingly small temptations, that play upon character flaws to carry out an attack.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
first
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Seen it sort of
I know of at least one person that knew what it was, but couldn't resist reading private messages from political types.
cut to a reformat later and the knowledge that would have made a decent news story.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: anon coward
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: anon coward
[ link to this | view in thread ]
Fo shizzle
[ link to this | view in thread ]
Re:
Umm Keep thinking there, and let us know when you successfully engineer "Socail".
[ link to this | view in thread ]
Re: Re:
I was scared the day when I went to 'End Process' my firewall, and windows told me I wasn't allowed to do that.
Plus the well know problem of uninstalling Norton Anti-virus... Seen that one before.....
[ link to this | view in thread ]
Actually a better virus...
Next, a better virus that I would be in favor of is one that turns ordinary computers into spam machines that spam the spammers. A massive flood of e-mails sent to those whose business is to spam would get my approval anyday. Heck if one could engineer a virus to do DoS attacks would be even better.
Bottom line for me is to really stick one up the collective rear ends of all those spammers out there. Honestly, the penalty for such spam should be the most cruel, unsual, very painful, and very slow death imaginable.
Just my two cents...
[ link to this | view in thread ]