Every so often, an old wheel is reinvented. In the anti-malware game, an old favourite is what Dr. Fred Cohen used to call the "benevolent virus" or "maintenance" virus. Dr. Cohen’s early research and commentary remains the formal basis for much of the way we think about malware and anti-malware today. Several pages in "A Short Course on Computer Viruses" (Wiley, 1994) addresses the theoretical issues regarding what a benevolent virus could do, and his "It’s Alive: the New Breed of Living Computer Programs" (Wiley, 1994) covers similar ground more thoroughly. The latter work is not to be confused with Larry Cohen’s 1974 horror film, by the way, though there’s a certain irony in the re-use of the title: the anti-malware research community does generally react with distaste if not actual horror when the idea resurfaces, as it does every few years. (It was very popular at the time of the Code Red worm and its siblings.)
According to New Scientist, the latest group to rediscover this idea works for Microsoft Research at Cambridge. It’s not unreasonable to revisit such ideas from time to time, though the thought of using malware like Blaster as a model doesn’t inspire confidence. There are many legal, ethical and practical drawbacks to the use of replicative code for legitimate purposes, though, and I hope that when this team presents its paper at Infocom in April, they will have looked back at previous research (including Cohen’s, as well as Dr. Vesselin Bontchev’s "Are ‘Good’Viruses Still a Bad Idea?" and considered those drawbacks.
I have a feeling this won’t be my last word on this subject here. :)
Author David Harley, ESET