![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Anti-worm?
2003-08-18 02:02 pmThe appearance today of an anti-worm that propagates using the same mechanism as the widely-reported Blaster worm (and which both removes Blaster, if present, and installs Microsoft's patches to prevent reinfection) raises some interesting questions:
- Should the anti-worm be considered 'malware', like all other worms, or should it be considered simply as an interesting method of patch distribution?
- Should the anti-worm's developer be hailed as a hero or reviled as yet another wild-eyed cracker?
- Is it legal? Should it be?
- Will this lead to copycat worm/anti-worm pairs whereby an enterprising individual or company launches (anonymously, of course) an innocuous but fast-spreading worm, followed a few days later by a widely-publicized antidote? Has this already happened?
- Will a series of helpful anti-worms lead in turn to the obvious deception in which the purported anti-worm installs yet another and more insidious payload, which users fail to check for because they assume that the anti-worm is benign, like all the others?