Archive for April 10, 2009


I really wish there was something we could do about Conficker as a Technology community.    There’s a spread of between 3 million and 12 million computers in the world according to CNN.  Seems insignificant given the size of the entire Internet.  I’d like to pose a question to the community.  What tools would we need in order to mitigate the risks of Conficker or any worm for that matter?

Do the normal rules of engagement apply here?  When I was in the telecommunications industry, we tackled problems like this systematically:

  1. Identify the risk.
  2. Identify the number of infections.
  3. Allocate all parties and resources necessary to resolve.
  4. Run hourly checks to ensure every compromised system is attended to.
  5. “Lessons Learned” with all parties involved once 100% resolution is attained.

Seems like documentation and tracking are the key.  At my former company, we used massive spreadsheets and sent updates to those assigned to verify resolution and remove the record.  What would scale on the Internet, considering it is between 3 million and 12 million records?

Another question:  Should this all be centralized is a consortium?  I have mixed feelings with this.  In a corporate office it certainly was convenient to have strict policies and standards.  Consistent problems bring consistent solutions, as the saying goes.  I also consider myself a free market and free Internet kind of technologist.

Perhaps just a crowd-sourced site (I know, I know) focused on the resolution of all the Confickers of the world, providing information, links, etc. would be on the right course.  Make it a condition that all the information is Creative Commons and low and behold, maybe we’d have a winner.

Here is CNN’s information regarding recent activity on Conficker.  What troubles me about it is the apparent loss of hope in a resolution.  Kind of makes me sad to think that Sunday breakfast table conversation might end up starting with Dad opening a newspaper and asking  “I wonder what Conficker is up to today?”  Very disturbing.

Conficker wakes up, updates via P2P, drops payload –

We need to do something about this before it starts to reflect badly on the tech community.