September 02, 2008
Giant Feral Babies Attack Manhattan!!!
So, it's the day after Labor Day (ever wonder why they call it Labor Day when nobody's laboring? Ironic, no?) Anyway, I was getting back into the swing of work this morning and reading through the security news, blogs, mailing lists, emails, etc. and started collecting my thoughts about what to discuss today. Now, I had originally planned on discussing and entry in Donald's new blog, but then I saw the McAfee whitepaper about malware in online gaming via Security News Portal and I figured I can't let them "go there" without opining at least a little bit on it.
Anyway, let me preface what I'm about to say by stating first that I think that the fact that McAfee is concerned about the virtual world idea deserves a kudos. I've pointed out a number of times that these online games are "ripe pickins" for the astute criminal. And they are now - and will continue to be in the future - a place where malware authors (and other shady characters) are likely to concentrate efforts. So, "go go McAfee" for looking under this particular rock to see what you can find.
The one cautionary thing that I'd say about this topic though, is to not get caught in the trap of "giant baby" reasoning. Here's what I mean by that. Say you're an alien biologist in the far future and you arrive on planet earth far after the human race is extinct. You find some human DNA and decide you're going to clone up a few newborns to examine what human life was like. You pop a few newborns out of your "Clonimagic 2000" and you wait to see how the infant develops.
You watch over the first 3 months and see the infant increase in weight by 50%. You watch the next three months and see it increase again by 50%. You try this with a whole batch of infants and they all do the same thing. Since the average newborn doubles in weight during the first six months after birth, if you look at a million babies you'll always see the same thing: rapid, uncontrollable expansion in size. Now, knowing nothing about babies, would it not be reasonable to extrapolate based on the data that the newborn would reach a size just over a ton before they turn four? Absolutely not...
But we know something empirically that our alien biologist does not. Which is that the growth curve for a newborn is sharpest right after birth. So, while a newborn might double in size the first six months, it doesn't do so forever. The same thing is true for example of malware (and other security issues) in virtual communities - there might be a sharp uptick in malware and security incidents targeting these communities during the infancy of these phenomena, but - over time - the growth curve will steady out. Meaning that it's right to look to these communities as a potential source of issues, but don't assume that what we see today will continue indefinitely. We're going to have to wait and see how things pan out over the long term.
Posted by Ed at September 2, 2008 10:17 AM | TrackBack