an idea for better malware survival
Tuesday, June 7 2005
It was day two on Eagles Nest working on my cowboy electrician job. Things went better today because I was mostly working by myself, I didn't get shocked, and at the end of the day I got to test my work, which (though not yet finished) was bug-free. Most systems I build are complicated enough to require testing (sometimes of the extensive sort), but electrical wiring is so simple (and its rules so limiting) that testing is hardly necessary.
Later I had a housecall in Woodstock where I battled a process with the straightforward name of "Popuper." Usually these days malware authors, troglodytic though they are, have enough sense not to give away the purpose of their malevolent creations in the names that they give them. But not so with Popuper. It was a particularly buggy piece of code and dozens of copies of it were all trying to run at once on a beleaugured Windows Millennium Edition machine. You'd think malware authors would have enough sense to write their code so that it treads lightly, does its bad thing, and avoids notice. Not so with Popuper. It was the only thing I saw, repeated endlessly, when I brought up what passes for the task manager in Windows ME.
The only time I get called to deal with a spyware/malware emergency is when the computer in question has become essentially useless. The first few infections on such a computer go unnoticed and carry out their nefarious business without anyone being the wiser. But then the gates come crashing down and soon the computer is full MySearch, Gator, CoolWebSearch, 180 Search Assistant, SaveNow, Cydoor, etc. But a savvy malware author would implement robust anti-malware technology in his malware so that his code wouldn't have to jostle for memory and CPU time with all the other contagions and nastiness that end up in your typical vulnerable computer (picture a pink-desktopped Windows 98 box with a broadband connection owned by a slightly-less-than-completely-popular teenage girl). This sort of behavior is widespread in biological infections, where the best situation for an infectious agent is for the host to stay alive, infected, for as long as possible.1
While we're on the subject of the nastiness of troglodytes, I'd place in this category today's news that the Bush Department of Justice has reduced their requested racketeering settlement with the tobacco industry from $130 billion to a mere $10 billion. They obviously would have liked to have made it even lower, as evidenced by the fact that they lowered it to the lowest possible ten digit number, sort of the opposite of, say charging $9.99 for a six pack of microbrew. In Bush's "Culture of Life," it seems, the "life" of a human-killing corporation is, well, worth a lot more than a bucket full of even single-celled humans. As I was telling Gretchen the other night, an administration run by random number generator would make better decisions and be less harmful to the long-term health of this nation than this pack of crooks and fools. But you actually have to hand it to the balls of these people, coming out with this bit of transparent cronyism in the middle of the day in the middle of the workweek. I just hope that this time, with this pile they've left on the carpet, someone gets a chance to stir their nose in it.
1This is just one example of a case where software developers could benefit from a careful study of biology. In particular, the idea of survival of the fittest informs pursuits quite unrelated to biology: from subatomic physics to economics to sociology to trends in language and religion. Lessons learned by watching the relationships between hosts and parasites could even inform global policy decisions regarding mankind's use of both limited and renewable resources. We could be wiser by following the examples of the best-adapted of parasites and pathogens. Unfortunately, though, mankind seems to be following the example of the most aggressive and destructive of infections. In the grand scheme of things, though, mankind's relationship with Earth is just one instance among billions of potential instances, and plenty of individual contagions make the problematic "human" choice with regard to their hosts. But, unless it's a time when lots of hosts are dying anyway, that choice doesn't prove fit and the genes manifesting in that choice do not persist.
For linking purposes this article's URL is:feedback
previous | next