Wednesday, October 3, 2007

One virus to rule them all

How does one create the ultimate virus? well what is the ultimate virus? Some would say that it is the virus that crashes the internet. Or perhaps a virus that cripples the information infrastructure so badly that were taken back to the stone age.

There have been many noble attempts to fulfill the above goals but the internet is still around nonetheless. The ironic thing about the previously stated goals is that when the virus that destroys the net as we know it has done its work, the gentleman that wrote the virus will have nothing left to be proud of. It'll all be over. He will most likely be employed as a programmer, or at least in the IT field, so he will now be out of a job. The economy will grind to a halt in so many places. Chains of supply to consumers will be disrupted. No food, no petrol, no electricity. Well,.. sitting in a dark cold house with no food has never been a dream of mine.

So what are my attributes of the ultimate virus?
  1. Is hard to remove from a computer.
  2. Designed to survive in a networked environment.
  3. Has more reputation than any other virus.

Point 1:
So I think the ultimate virus should thwart all attempts at removing it, yet still make its presence know to the user. It should be a virus that is designed to last as long as possible - Survival for existence. Now some viruses excel at making their users aware of their presence, but do so irritatingly (pop ups, bandwidth usage) thus cause the user to format or remove the virus, thus contravening this first rule.

A virus that in no way, directly or indirectly, interferes with the user will not present any immediate need to remove the virus.

I'm still not set on how I would tell the user that they were infected, but I probably wouldn't go much further than emulating a dead pixel in the bottom right corner of their workspace. That's it. Just something small to say that the virus is present.

Point 2:
The ultimate virus should be network smart. As networks can vary in so many protocols, mediums, transfer speeds and security, it would need to carry some measure of heuristic power. It needs to be smart enough to travel from one network to the next; From file to file, virus to worm,.. It needs to be smart.

It needs to have a small, actually super small footprint. If the virus started to hog storage space or bandwidth it would start to present a need to be removed. Now the more intelligent we want our virus to be invariably the larger our footprint is going to be. No matter how smartly you design the virus,.. if you want to tap into any network and into any file, you are going to need a bit of code to make it work. Now instead of keeping all this viral goodness in one virus entity, why not split it up? Lets make this virus 'modular'. It will be conceived as one complete part, but will be able to break down into smaller segments; Each segment capable of basic viral activities and propagation.

A modular/segmented virus!.. Okay, so its got smaller parts - What else? Each segment should be able to be rebuilt from the cooperative work of other segments on the network. Something reminiscent of RAID 5 and 6 parity reconstruction. This will not only reinforce my second attribute to survive in a networked environment, but the virus is now designed to use the network to its advantage. Each segment should to some degree track from which 'parent' virus it came from, and/or where other virus segments are in its close neighbourhood. This way when it needs to perform some more complex or group viral activity it can gather the parts it needs, perform the task, then breakdown appropriately. Say a virus needs to do some brute force activity or large calculation, it should be able to distribute work to its segment friends on remote devices to help perform the task.

Point 3:
So the ultimate virus needs to be famous. What would stand out the ultimate virus from all the rest. Point 1 has ruled out all forms of destructive, indecent, or otherwise irritating behaviour. So whats left? We can't be bad... Well why not be good? Good! Sure,.. Why not make a virus that performs low level HDD defrag optimization during spare CPU time? How many virus's can lay claim to that fame?

Now here's the best for last. Here is the way to make our virus greater than every other virus. Give our virus the ability to intelligently search and destroy all other virus'. That's it; If you can't beat them, delete them. Who wouldn't want a piece of software that automagically removes all hazardous software from their computer/device?

Now although the virus coders carnal desire to destroy peoples computers isn't going to come true: He would have created, in my humble opinion, the penultimate virus.