GCN LAB IMPRESSIONS

Why not a stealth virus that only does good?

I was watching the movie “I Am Legend” the other day with its interesting take on the zombie apocalypse. In the movie, the government comes up with a good virus that prevents all negative viruses from harming a person. No more sickness is a huge draw, and most of the population line up to get injected. Everything is fine until years later when people infected by the good virus turn into zombies.

This is all told via back story while Will Smith’s character, a government scientist who worked on the project, tries to find a cure in the middle of an overrun New York City. Luckily for him, the zombies can’t come out during the day, so he’s got some room to work.

Although it didn’t end that great for the humans in the movie, I was thinking that the same technique might do just fine for computers.

Consider that most people who get infected by a computer virus these days either don’t have any anti-virus software or don’t have the latest profiles for the protection they do install(as in they have not updated their profiles in months, or ever). Or the infected are servers without the latest security patches, which happens a lot.
 
So many people have come to me personally after an infection and needed help, that I’ve become adept at post-infection healing. But it’s hard to do. One person had more than 300 viruses and 150 pieces of spyware running on their laptop. Even my go-to tool, Malwarebytes, had trouble with that one. And most modern viruses resist AV-software and can stop it from working once they’ve gained a foothold. I often use Malwarebytes just to create a path for AV software to install.

I don’t know why people run their computers without even the most basic anti-virus protection. There are even completely free programs out there, like AVG Free that cost nothing and work well. But for some reason, people don’t use them, and that more than anything else helps to foster the global virus blooms we see from time to time. When those make the nightly news, it’s far too late to combat them.

So I’ve started working on a secret project, one I’ll probably never finish, but one that I think would really help the world: a good computer virus.

This as-yet unnamed program (I might call it White Knight) would be a self-replicating stealth virus that would only affect computers without virus protection. Once installed, it would protect the registry, the root directory and the memory from other viruses. It would also prevent common attacks like stack overflows from happening. The only difference between it and standard heuristics-based protection is that a user would not be aware that it’s been installed.

So here is what White Knight will do:

  1. Self replicate through e-mail, social network sites and instant messaging.
  2. Hide its presence from a user.
  3. Fight against and protect computers from any harmful malware that tries to install itself.
  4. Send up a flare to any system running any form of antivirus (known signatures could be programmed) so that it won’t install on any system with antivirus protection and will identify itself and volunteer to be deleted by any anti-virus scan.

The No. 4 goal would slow down its replication around the world, but White Knight would only be interested in installing on systems where no protection exists. Anti-virus companies could even be given the code so that they could protect against it.

Now, for legal reasons, I have to stress that I am not planning on finishing this project, or at least never plan to release it into the wild.

But what do you think? Is such a program viable? Would it make a difference in the world, or would it be destined to betray us and turn New York City into a zombie-filled wasteland?

About the Author

John Breeden II is a freelance technology writer for GCN.

Reader Comments

Wed, Jun 29, 2011 dex

Although i see the downside by installing a stealth virus, couldn't this be likened to criminals with guns? The average Joe doesn't have a gun, so he is at a disadvantage... criminals might think twice if their intended victim is armed. By stealth they attack us, by stealth we can thwart them.

Thu, Jun 23, 2011 Thomas Kesolits Holmdel, USA

I suggested this to GRUMMAN Data Systems in 1995. It was rejected.

Thu, Jun 23, 2011 Paul Chapman Chicago,IL

After reading over the posts I think that both sides of this argument have merit, I would have to say that overall after consideration I would fall on the side against this type of project. While there are many people out there that are not using virus protection on their systems, I wouldn't like the idea of anything being distributed onto my computers without my permission. The fact of the matter is you don't know what software I have running on my system, and if your so called good virus did something to cause conflicts with something that I am using I would be very upset spending hours researching processes and error reports trying to isolate the problem. I to am a computer tech not for Geek Squad, Far past that level and I admire the thought of protecting the unprotected however the risk of harming people unintentionally has to weigh heavy on this discussion. Finally once your "project" is out there what is to stop someone from modifying your code and making it another of the millions of Rogue viruses out there. You will have effectively created a delivery platform for something that may be even worse then what is already out there now.

Thu, Jun 23, 2011

This has already been tried and slowed down the whole internet. http://en.wikipedia.org/wiki/Welchia

Thu, Jun 23, 2011 Ramon Garciis Tucson

The purpose of this article was to infect a person with a mind virus, so that someone else does this for him.

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above