Inoculating the Internet - Embedded.com

Inoculating the Internet

Maybe it's a good thing that several operating systems have found footholds in the newly emerging net-centric computing market. If Microsoft were to have its way and such Balkanization did not occur, we could face the day when this elaborate net-centric computing environment of connected computers and smart embedded devices could come crashing down around our ears.

The situation is analogous to the early 1960s when major portions of the world were in danger of being unable to grow enough food to feed their populaces. Along came the United Nations and a new breed of agricultural researchers, who, using traditional farming and advanced horticultural methods, succeeded in creating strains of staple grains that produced far more food, measured in bushels per acre, than any of the local strains could.

Very quickly, these new breeds produced enough food to stave off worldwide famine, but in the process drove all of the local breeds out of existence. Now, after studying the historical and biological records, agronomists and others are having second thoughts. They note that when one breed drove out others, it thrived for a while and then disappeared, and the civilizations that depended upon it for food did too. Eventually, after nature filled in the ecological niches left bare, new strains emerged.

But what had happened? Simple. The dependence on one strain is a knife edge, no matter how well it satisfies the demands of the human population depending on it. All it took was one virus, one predator, or one spell of bad weather to wipe everything out. The fail-safe system that nature had created, that is, a diversity of strains with varying abilities to resist viruses, no longer existed there.

What does this have to do with Microsoft? Microsoft dominates 90 percent of the desktops, as well as a nice piece of the server market. While the company has devoted considerable effort to constantly improving its Authenicode security methodology, every week or so, we all go into a panic, and justifiably so, when viruses are found with unnerving regularity riding in via email on one or more of the application programs.

Companies like Symantec (Norton) and Network Associates (McAfee) valiantly and profitably fight and defeat each virus as it is introduced, a situation not unlike a house in danger of being overrun by South American fire ants while the residents stand at the door squashing each ant one by one.

Microsoft is moving from the desktop to appliances and traditional embedded systems. In none of these applications does the company have as much market penetration it does on the desktop. As we move from occasional links to the Internet to 24/7 connections via cable or DSL, such dominance should worry us as much as the dominance in the Green Revolution by a few strains of wheat, rice, and barley worries some agronomists.

Computer viruses will soon be able to race across the Internet at the speeds it does through some corporate intranets and local area nets via our 24/7 connections. What now still takes days to spread could soon proliferate in a matter of hours.

The danger has not gone unnoticed. IBM, which maintains an intranet, local area networks, and virtual private networks of a size that would rival many small-to-medium-sized countries has certainly invested a lot of research in this area. Out of this work has come the Immune System for Cyberspace, a global distributed system that can find a previously unknown virus on a system and send it safely over the Internet to an automated analysis center on the same time scale with which it infects a networked system. There, the virus is analyzed, detection and cure information is extracted, the prescription is sent back over the Internet to the infected system, and then made available to other systems all over the world. This process is completely automated, and in the tests IBM has run on the methodology, takes just minutes and takes just minutes from finding a new virus to making the cure available worldwide.

How far is this effort from commercialization? Well, in the Java space, Sun has exerted a great deal of effort making sure that applications and applets based on Java are as immune as possible. But no matter how virus proof things can be made, the idea of a write once, run anywhere world of Java applications just makes me shudder. On the Windows side of things, IBM and Symantec as part of a co-development and co-marketing arrangement on anti-virus technology are pushing this technique to market as quickly as they can. For its part, Symantec has begun customer trials of the Digital Immune System based on IBM's technology. And IBM will market the technology as an add on to its SecureWay suite and as a part of Intrusion Immunity, a policy driven immunization scheme that will be integrated with IBM's Policy Director. No doubt their competitors are developing similar schemes.

The result, however, will be a half dozen different services and offerings. And just as stealthy bands of guerrillas are able to slip through a battlefront defended by half a dozen aggressive but uncoordinated regiments, a lot of viruses can still slip through the Cyberspace front lines and wreak havoc. When will we see a coordinated effort? Soon, I hope, but not likely. I see three possibilities, all of which will take time. First, one or another of the anti-virus vendors will beat the others into submission and become the defacto standard. Second, the industry will actually get together and agree to a common, coordinated approach. (Yeah, right.) Third, the government will step in and say “do something or else we will,” — a very likely possibility considering how integral Internet-based commerce and communications is becoming in our economy.

Until one of the above occurs, I still think that a little operating system Balkanization is the safest bet. The geneticists think that an agriculture based on just a few strains of a particular plant is unsafe. I think the same is true of the computer industry as well.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.