Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Bruce Schneier, chief security technology officer at BT Counterpane, says the new tool’s ability to seek out the virus remotely should be useful, since it will let people scan a huge number of machines very quickly. This is important, Schneier says, because the worm is such a nasty pest. “Conficker is an extremely well-written, extremely well-designed, extremely well-executed worm,” says Schneier. “It really is an impressive piece of work, and there’s someone really smart behind it.” But Schneier adds that it’s important for computer users and administrators to protect their machines against a variety of malware, not just a single threat.

“If you’ve been running a good environment, you shouldn’t be worried about this,” says Rich Mogull, founder of the security-consulting company Securosis, who helped connect the Honeynet researchers and Kaminsky with network-security vendors over the weekend. Mogull notes that Microsoft has already released several patches that block the vulnerability that Conficker uses to infect a machine. However, he says that companies worried about Conficker should start scanning for it right away, after checking to see if their network-security tools have been updated.

Kurt Rohloff, a scientist who studies Internet worms at the research and development company BBN Technologies, says that the tool could prove useful, though he doubts that there’s time to find and neutralize every computer infected with the worm. Rohloff says that the new scanner could be used to take preventive action by identifying infected hosts and removing them from the network, though he admits that this approach is “drastic, because you’re removing connectivity.”

Kaminsky notes that the tool is intended for organizations with large networks. For individuals, he says, the best approach is to make sure that the latest security updates are installed and up-to-date antivirus software is running. Since Conficker blocks a computer from accessing certain security websites, users could test for the worm by trying to visit those sites, Kaminsky says. Werner and Leder plan to release a paper within the next day, describing the technical details of their discovery.

4 comments. Share your thoughts »

Credit: Technology Review

Tagged: Computing, Web, security, Internet, networks, Internet worms

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me