yogi (OP)
Legendary
Offline
Activity: 947
Merit: 1042
Hamster ate my bitcoin
|
|
March 15, 2012, 02:14:49 PM |
|
I am floating an idea here to asses its merit. Its unrelated to bitcoin but is p2p.
The idea is called Antibodies (p2p antivirus).
An antibody in this context is a package of data containing information, name/author/... , and most importantly a script.
The antibody client connects to a p2p network that share's its antibodies with other nodes.
Antibodies are prioritized and run in the background. They have only got read access to the memory/filesystem of local system. They can also send a message to the user such as "Warning, this system is infected with a virus!".
And if you have the skills you can publish your own antibody.
Obviously there would be the potential for spammy antibodies but the network would have a degree of resiliency to this as you can choose to mark an antibody as 'BAD' and this information is shared across the network.
|
|
|
|
moocow1452
Sr. Member
Offline
Activity: 240
Merit: 250
Don't mind me.
|
|
March 15, 2012, 02:22:00 PM |
|
Seems like it works on paper, but you'd probably create a bigger monster if someone found a way to spike the network.
|
|
|
|
Remember remember the 5th of November
Legendary
Offline
Activity: 1862
Merit: 1011
Reverse engineer from time to time
|
|
March 15, 2012, 02:39:40 PM |
|
I like the sound of this. Anti-virus companies take time to update virus definitions, but a p2p one, we could potentially mark a file as a virus, that could be new, though we need some proof-of-virus algorithm.
|
BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
March 15, 2012, 02:44:22 PM |
|
I like the sound of this. Anti-virus companies take time to update virus definitions, but a p2p one, we could potentially mark a file as a virus, that could be new, though we need some proof-of-virus algorithm.
Yeah, that's a good point about "proof-of-virus". Legitimate programs are flagged as viri all the time, even bitcoin. But the overall idea is kinda cool, and just the sort of task that could work in a crowd sourcing environment.
|
|
|
|
benjamindees
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
March 15, 2012, 05:05:51 PM |
|
Maybe you could track the antibodies in a block-chain. Design it so that only those who have access to the virus in question can hash it and vote on whether the antibody is valid or a false positive. Mining the block chain and voting on antibodies then replaces your anti-virus subscription.
|
Civil Liberty Through Complex Mathematics
|
|
|
yogi (OP)
Legendary
Offline
Activity: 947
Merit: 1042
Hamster ate my bitcoin
|
|
March 15, 2012, 05:44:46 PM |
|
Finding a good way to determine good from bad antibodies is definitely the crux of the problem here.
|
|
|
|
CA Coins
Donator
Sr. Member
Offline
Activity: 305
Merit: 250
|
|
March 15, 2012, 06:27:46 PM |
|
Nice idea, but I see several issues. Like you mentioned, differentiating between good/bad is tough. Even our own immune system has issues with it, hence the multitude of auto-immune diseases. Also, I doubt many people are going to let a p2p software scan their system even if it is just read-only.
|
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
March 15, 2012, 06:32:43 PM |
|
Nice idea, but I see several issues. Like you mentioned, differentiating between good/bad is tough. Even our own immune system has issues with it, hence the multitude of auto-immune diseases. Also, I doubt many people are going to let a p2p software scan their system even if it is just read-only.
Hmmm. true. Perhaps the scan can be preformed with only the results viewable on the network?
|
|
|
|
CA Coins
Donator
Sr. Member
Offline
Activity: 305
Merit: 250
|
|
March 15, 2012, 06:47:18 PM |
|
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
|
|
|
|
moocow1452
Sr. Member
Offline
Activity: 240
Merit: 250
Don't mind me.
|
|
March 15, 2012, 06:48:10 PM |
|
Could it be an issue if you have a list of open ports and ip addresses that the Antibodies would be hooked up to, and one buffer overflow later, you got yourself a premade botnet ready to roll?
|
|
|
|
yogi (OP)
Legendary
Offline
Activity: 947
Merit: 1042
Hamster ate my bitcoin
|
|
March 15, 2012, 06:58:08 PM |
|
Could it be an issue if you have a list of open ports and ip addresses that the Antibodies would be hooked up to, and one buffer overflow later, you got yourself a premade botnet ready to roll?
No, antibodies run inside a script engine that only has safe read bindings. It can only look and tell user what it see's.
|
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
March 15, 2012, 07:04:50 PM |
|
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers.
|
|
|
|
yogi (OP)
Legendary
Offline
Activity: 947
Merit: 1042
Hamster ate my bitcoin
|
|
March 15, 2012, 07:28:57 PM |
|
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers. Peers only exchange antibodies not system info.
|
|
|
|
naypalm
Legendary
Offline
Activity: 1272
Merit: 1012
howdy
|
|
March 15, 2012, 10:42:31 PM |
|
That would be one big ass block file for all the viruses out there. Really good idea though.
|
|
|
|
Phinnaeus Gage
Legendary
Offline
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
|
|
March 16, 2012, 12:18:00 AM |
|
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers. Same here (see bold above), but allow me to suggest branding this idea with something better than antibodies. ~Bruno~
|
|
|
|
moocow1452
Sr. Member
Offline
Activity: 240
Merit: 250
Don't mind me.
|
|
March 16, 2012, 12:49:19 AM |
|
p2pwn?
|
|
|
|
|