IBM's Billy Goat Squashes Worms 170
fr0z writes "InformationWeek is running a story on "Billy Goat", a novel worm-squashing software developed by researchers in Zurich, Switzerland. IBM says it wants to turn Billy Goat into a product to help guard against computer-network attacks such as those that slowed Internet traffic earlier this month."
What's the point? (Score:5, Insightful)
P.S. any coincidence it is named "Billy"?
Interesting technique (Score:5, Insightful)
Well... (Score:2, Insightful)
Re:Billy Goat (Score:3, Insightful)
A better mousetrap, perhaps (Score:4, Insightful)
My second reaction is that the focus needs to be at the level of the ISPs. To expect all users to reliably protect themselves against attacks is just naive. Technology that could immediately detect attacks and prevent their propogation to individual users in the first place seems to me feasible and desirable.
Re:What's the point? (Score:3, Insightful)
In case you don't get the names... (Score:3, Insightful)
Sadly, people just know 'anal' these days. Gone are days of long ago when people said what they meant, and did not lean on the spindly crutch of catchphrases and colloquialisms.
I can now imagine that this sort of intrusion detection software will be known only as Billy Goat, just as so many use 'trojan' and 'virus' when such terms are far from inappropriate to describe a specific piece of software with destructive intent. Why, just this morning, an interview with the prosecutor of Blaster.B accused author Jeffrey Lee Parsons, yielded such terms as "cyber-hacker." Since when did "cyber" need to be prefixed? I'm waiting for someone in the legal profession to butcher that term, and vomit terms like Cyber-goat.
IBM was foolish to announce this so early. I just know they will get targeted by the crackers out there for it (note, that's criminal-hacker, not ebonic-slang/slur for white peson), and then the crackers will roast the billy goat over IBM's own firewall!
For those who aren't well-educated on nursery rhymes, go read up on Three Billy Goats Gruff. You will find the proper origin of the software name there, trade-related double-entendre's notwithstanding.
Re:inapproporiate title? (Score:2, Insightful)
Instead of buying something called "Billy Goat," you could also just download the free patch that fixed it a month before...
Let billygoat's platform of choice be Linux! (Score:3, Insightful)
If it turned out to be a great product that would be a wonderful bit of irony. Linux working to say a messed up windows world.
Re:Well... (Score:3, Insightful)
I'm sorry. I remember too much of the antitrust suit [lib.de.us] against IBM to fully trust them. I'll thank them for each thing they do to help advance free software, and the computer industry as a whole, but I reserve the right to examine each decision individually.
Missed it by THAT much! (Score:4, Insightful)
s l o w . d o w n
while keeping the rest of the network moving right along while emailing the admin about it.
Re:What's the point? (Score:4, Insightful)
End-users often don't see why they should secure their PC's. They figure they don't have anything important on them, so what's the big deal? Then they are used as launching points for DoS attacks, they spread worms, and so forth. But end users don't have the time or inclination to be security professionals.
ISPs could implement stronger router controls to block DoS attacks from zombied machines. They could implement automatic IDS-based router controls to block the spread of worms. And--egads--perhaps software companies could start focusing on security a bit more (with some added incentive from the legal liability they ought to have, in my opinion). In other words, end users should be taken as end users. We cannot expect that all or most will secure their machines to the extent that you or I may. So we find work arounds.
Re:inapproporiate title? (Score:5, Insightful)
I think the idea is that the product is going to be targetted at ISPs and people in similar situations.. you know, where the people controlling the network don't necessarily have control of the computers actually running on the network. What good is a patch if you can't get your users to install it cuz they're dumb?