RE: Extropians GIMPS team

Billy Brown (ewbrownv@mindspring.com)
Tue, 17 Aug 1999 21:15:07 -0500

Bryan Moss wrote:
> Eugene Leitl wrote:
> > Why going at such great lengths? There are enough holes in network
> > protocol stacks and applications to make possible its propagation to
> > be purely automatic.
>
> I did think about a self-reproducing worm. With it we could do away with
> the server and let the worms report to each other. For instance, say a
worm
> has searched data spaces 1, 2, and 3, and, detecting that its host is
> on-line, starts propergating to random IPs. Its children do one of two
> things; if no worm is detected on the new IP the new worm will take root
and
<...>

You guys have been reading too many cyberpunk novels. You can get this sort of thing to work very erratically (for random virus propogation), and you can usually crack any given system with determined effort from an expert, but you can't just whip up a magical worm program that does usefull work for you.

You can get moderately reliable infection mechanisms (since most people don't have any security), but that doesn't get you anything usefull. First off, you will be detected and reported within a few weeks at most (by one of the 0.1% of us who actually use our anti-virus software), and the whole project will rapidly become public knowledge at that point. Since the whole affair is highly illegal (one felony offense for every system the worm attempts to infect, I believe), this is a big problem.

Beyond that, you are asking for capabilities that would require either decades of work by some lone genius (and I mean a *real* genius, not some hacker wannabe), or a billion-dollar R&D investment. You need secure, low-visibility network traffic across heterogeneous networks (plus firewalls, proxy servers, etc), you need sophisticated multithreaded computation & spoofing on the infected machines, and you need to invent a completely new (and extremely complex) scheme for enabling these scattered programs to coordinate their efforts without a dedicated server to talk to. Then you want to cram the whole thing into <100KB to make it easy to miss?? Dream on.

If you can do that, you don't need to compete for some piddling little $100K prize. Start your own software business and give Bill a run for his money.

Billy Brown, MCSE+I
ewbrownv@mindspring.com