Odyssey

…the wanderings

The White Botnet

This is a work of fiction. Any resemblance to reality is entirely unexpected. All similarities (like pigs can fly) are coincidental. Of course, all trademark names used here (starting right from the next line) are property of their owners.

As the first quarter of 2009 ended people had mixed feelings about the Conficker worm (aka Downadup, Kido). It was simultaneously not a joke or an immediate disaster. But, very few knew that this was a beta run of what would eventually be a White Hat vulnerability-patching network. It was clear that the botnet could only hit systems that were not patched for a long known vulnerability. The infection smartly started protecting the systems it conquered and made them safe from further malware. It moved on to become a server of protection that located other weak hosts and propagated towards them in a race against other malware.

The Microsoft Windows machines that are not patched against known attack vectors are usually because of pirated software or Overworked IT Administrators. Is that a good enough reason for malware to propagate towards unprepared legal users? That is where the Open Group came together to build a distributed protection system. This system had to work as a secondary solution in tandem with the existing anti-virus and anti-spyware securities. It had to be disconnected β€” and, by that reason, at crossroads β€” with these solutions.

The solution is to propagate a neutralizing white-botnet across the Internet. It is maintained by a group that partly consists of people from the AV/AS, OS vendors and search engine companies; though most of these vendors are themselves not yet directly associated with it. Google has tweaked its search algorithms to locate and assimilate zero-day vulnerability information quickly. These public postings are verified (coz, they might be poisoned) and associated patches are pushed through the white botnet to manage the ‘compromised’ machines. The window of attack reduces again to the time a patch is found for a zero-day exploit. All hosts will be patched one-way or the other.

…and pigs will fly!

Advertisements

April 20, 2009 - Posted by | writing | , ,

2 Comments »

  1. Hi,

    well you might enjoy another piece of fiction :
    Curious Yellow http://blanu.net/curious_yellow.html

    Cheers,
    Fabien Benetou aka Utopiah

    PS : it’s a pain to have to use a WordPress account to comment, an OpenID login would be *really* appreciated πŸ˜‰

    Comment by fabienbenetou | April 21, 2009

  2. Also you might be curious about http://www.prevx.com/blog/110/RealWorld-Example-of-IntheCloud-Technology.html

    Comment by fabienbenetou | April 21, 2009


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: