Technology news and Jobs 
Our Blogs Fuzzy Logic - Your personal technology evangelist Sophos horrified at Microsoft notion of a ‘good worm’
Our Blogs Fuzzy Logic - Your personal technology evangelist Sophos horrified at Microsoft notion of a ‘good worm’ | Sophos horrified at Microsoft notion of a ‘good worm’ |
|
|
| by Alex Zaharov-Reutt | |
| Monday, 18 February 2008 | |
|
Page 2 of 3 Sophos’ own security researchers don't have quite the same enthusiasm, with Paul Ducklin, Head of Technology, Asia Pacific, at Sophos saying that the notion of ‘good worms’ is “Nonsense”.Ducklin then asks a number of pertinent questions, including: - “How do you regulate the behaviour of the worm at your network boundary? What if some of your computers inadvertently try to pass the update on to computers your company doesn't own or control?” - “How do you send a control message to the worm to regulate its behaviour after it has been released? (A second worm is no good, because it might not catch up with the first.)” - “How do you test the performance of the update worm in a network the size of the internet, and how do you vouch for its behaviour in the face of security software trying to prevent this sort of self-replication?” Ducklin then wisely argues that “a hierarchical updating system -- one in which updates fan out from a few central points, like branches on a tree -- with consenting computers polling their nearest upstream servers regularly, and fetching small updates whenever needed, can deliver similar performance with far fewer risks”. Ducklin believes the answer lies in ensuring the network administrator should remain in control of their network... For Ducklin's final comments - and my own - please read onto page 3. |
| < Next story in category | Previous story in the category > |
|---|
