not falling down

Sumana sent me a great article called “Fight Virus With Virus,” where by “great” I mean “horrendously ill-advised.” Basically, Paul Boutin argues that instead of offering cash rewards for the capture of virus writers, the (ostensible) good guys should write viral programs that attack the malignant viruses with their own methods.

You may recall last fall, during the heyday of Blaster, when some idiot attempted to build a “good worm” that would fix the problem Blaster exploits. I’m sure it came as a shock, to people who weren’t paying attention, when it only made the problem worse. Boutin makes that worm (”Nachi”) a key point of his proposal. “Ingenious!” he says. “There was only one problem: Nachi overloaded networks with traffic, just like Blaster had.”

Casting it in those terms makes it seem like the traffic problem was a minor side effect, something that could have been fixed with a little careful programming. In fact, it’s a big glaring fundamental flaw. Boutin’s argument is equivalent to saying “there’s only one problem with water: it’s wet.”

The fact is that it no longer matters what, if any, payload a virus carries. The Denial-of-Service attacks that MyDoom and Blaster were supposed to create failed, because it was easy to figure out what they were doing and take countermeasures. It’s self-evident that it’s very easy to protect a single target when you know it will be attacked, and very difficult to defend millions of targets when the time of attack is unknown. The problem isn’t the end goal of a single instance of the virus, it’s their collective method of replication–which, in an increasing number of cases, is the end goal.

Boutin proposes that the hypothetical antivirus would “[spread] itself slowly and carefully to prevent traffic jams.” But programs that are allowed to grow unchecked are impossible to control, because they grow unchecked. Even writing a program that, say, replicates itself no more than once a week would mean only a minor delay on its growth pattern. Self-replicating programs grow exponentially, and restrictions would only divide that growth factor by a constant. People who know about complexity theory know that no matter how many fractions you put in front of an exponential variable, it’s still exponential; whether or not its curve stretches horizontally near the origin very quickly ceases to matter.

The heart of the virus / antivirus problem is an ethical one: it is wrong to alter any system without its owner’s informed consent, regardless of your intentions. It’s wrong to take over a system to use it for a DOS attack. It’s equally wrong to take over a system as part of a plan to stop that attack. This is a fundamental principle for the “white hats” to whom Boutin is trying to appeal.

(An aside: Microsoft will probably soon begin including the ability for Windows to patch itself automatically, which I’m gonna go ahead and say now will be exploited, and badly. I’m not really an outright MS-basher, but I don’t think the folks in Redmond have ever really been considered white hats, either.)

Boutin actually states the best available solution to the whole problem in his article, before going on to ignore it. “As the Washington Post reported yesterday, protecting yourself is easy,” he writes. “Install some anti-virus software and set it to automatically update itself (the default for most programs).” Actually, it’s not that easy, it’s not cheap, and many people can’t be bothered to do it. And yes, it sucks that their apathy screws up the entire Internet for the rest of us.

But as democracy is to government, so self-protection is to countervirus measures: the apathy of the many causes problems for all, yet it’s the least bad solution available. Increasingly complex tools are subject to increasing numbers of flaws, and will be so as long as they continue to increase in complexity (according to Moore’s Law, that’s forever). The right to repair those flaws rests solely with the owner of any particular instance of a tool; no matter how much one wants to, taking those rights for one’s own is wrong. Malignant programs can make computers into monsters, but as somebody who knew a little about computers once said, there is no silver bullet.

The homeless leprechaun had always hated Natalie Portman.

The Lovecraftian epithet “Black Goat with a Thousand Young” becomes less frightening when you realize that technically, it should be “Black Goat with a Thousand Kids.”

Grand Theft Auto (and sequels)

They’re Grand Theft Auto.

Crimson Skies

It’s Grand Theft Auto, plus Halo, plus airplanes.

Spider-Man 2

It’s Grand Theft Auto, except you’re Spider-Man.

You know, rolly chairs are pretty awesome.

Yes, for the record, Elizabethtown has been filming about a hundred feet from my apartment for a couple days now. No, I haven’t seen anybody famous (although Ian has), and I’m finding it very difficult to care, except that traffic is worse because of all the blocked lanes. No concern for celebrity! I feel practically un-American.

I don’t think today’s For Better Or For Worse is supposed to be as funny as it is.

Apologies for the lack of Anacrusis this past week; they were all written ahead of time, but I banked on having Interweb in California, then didn’t. Have it.

Anyway, last week’s are all posted at their intended times, and I’m back to the regular schedule now.

• Gave away what, 60 copies of HONOR? Something like that. Two of them I traded for other ashcans (Yeperynye and The Last Sane Cowgirl), which I totally count as sales. And every copy given away was to somebody whose work I (or Will or Stephen) really respect, which is a worthwhile transaction, in my opinion.
• Left my hat at Preview Night. Never got it back.
• Got to meet a lot of cool people from the online.
• Cool people I met from the online all had a curious need to run off to important, distant engagements within seconds of meeting me. Either I smell bad or I’m Creepy Interweb Fan, or (probably) both.
• Had a really good time with Monica, Will, Stephen and Maria. And Stephen’s lady Erin, at whose residence we crashed, is maybe the coolest person on the whole planet.
• Ran out of plane-ticket money and was unable to visit Leonard and Sumana. That was a pretty stupid mistake, and I feel really bad about it. Hopefully, a post-student-loan trip is in the works.
• Tycho and Gabe were the coolest, most professional people at the whole freaking Con. Scott Kurtz is actually almost the same size as the Con, but was also professional and nice. Kris Straub is scared of me. Fred Gallagher (Piro) is a bitch, and I really can’t say I mean that affectionately.
• Speaking of Tycho and Gabe, I had one of the world’s most random encounters: passing by their booth, I recognized Paul Mattingly, a great guy who was in Richmond Children’s Theatre with me a billion years ago and who now works as a Klingon and Second City understudy (!) in Vegas. I literally hadn’t seen him in over a decade. He even has a site, The Famous Paul, though I understand that’s mostly a placeholder for the moment.
• Getting to California by train was interesting, right enough, and I’m glad we tried it. but the people who work for Amtrak seem unhappy and unhelpful and it’s very bumpy. I think I’ll pretty much be flying from here on out.
• I thought about taking a whole bunch of stuff to get signed, but eventually decided against it. I had a better idea. Thanks to the unlined pocket Moleskine my family got me for my birthday, I now possess what can only be referred to as
  The Greatest

  SKETCHBOOK

  Ever In The History Of Time

  which basically means I win.

I managed to take a whole roll of film, which is good, considering I frequently manage to wish I had a camera while holding one. Probably more updates after I get that developed, but considering I still haven’t posted the pics from my San Francisco trip in February, one shouldn’t hold one’s breath.

There exist exactly 100 copies of HONOR, the first comic book anthology from The Fake Middle Names Collective. They are in a box. I helped make a comic book! Life goal #22 gets a BIG FAT CHECK!

We were supposed to print it this morning and leave by 1, and it’s been kind of a torture test on the printer and humans involved, but it’s done. And now Maria, Monica, Will and I roll for Alton, nine hours late but moving fast.

CALIFORNIA HO!