Auto-updating and worms
Posted on April 08, 2002 @ 10:25 in General
In the wake of the news that the 'million-downloader' KaZaA, a file-sharing utility, contains a hidden, auto-updating peer-to-peer program written by a company called Brilliant Digital, some disconcerting facts have surfaced (apart from the fact that this piece of unrequested software got bundled with another program and went live on your computer).
Slashdot reports on a short article by Nicholas Weaver that details how the Brilliant Digital P2P software constitutes the threat of becoming a Single Point of 0wnership. The term "single point of ownership" means that if the Brilliant Digital software or their auto-updating system is hacked in any way, the potentially malicious hackers could gain access to millions of machines on the internet. When a machine is hacked and under control of the hacker, it is "0wned". Weaver points out that the potential vulnerabilities of the Brilliant Digital could be very easy to exploit indeed. Put that together with the threat of a "Warhol Worm", described by Weaver in another article, and you have some pretty explosive stuff on your hands. I wonder if Brilliant Digital can be held liable if such a scenario happens.
Comments and Trackbacks
No comments or trackbacks for this entry yet.
Post a comment
Comments and trackbacks have been closed on this site. My apologies.
Since MT-Blacklist inexplicably stopped working I had no other recourse than close comments and trackbacks to stop the spam. I've been meaning to correct this for quite a while, but life got in the way... in a good way I should add.