Brandon Wiley writes about the possibility of a “super-worm” that would use sophisticated methods to infect a large fraction of Internet hosts, and to maintain and evolve the infection over time. This is scary stuff. I have two comments to add.
First, the worst case is probably even worse than Wiley suggests. His paper may only scratch the surface of what a really sophisticated bad guy could do.
Second, Wiley’s paper points out the double-edged nature of basic security technology. The methods we use to protect ourselves against attacks – encryption, redundancy, decentralization, code patching – are the same methods that Wiley’s bad guy would use to protect himself against our counterattacks. To counterattack, we would need to understand the flaws in these methods, and to know how to attack them. If we ban or stigmatize discussion of these flaws, we put ourselves at risk.