Decentralized Resilience

I’ve written at some length about the importance of resilience in flŭd’s design, and how complete decentralization is a key component of that resiliency. One of flŭd’s hallmark goals is to back up data in such a way that it would be virtually impossible to lose it — even if a very powerful adversary (including an oppressive government regime or an extensive natural disaster) disables large portions of the flŭd network.

Most software is not designed to have this type of resiliency, and the excuse is simple: most software does not face adversarial forces. Or, at least, its designers think that it won’t (an assumption that many times leads to disaster).

There is one class of software, however, which meets adversity as part of its raison d’être: malware. Now, of course, flŭ­d’s purposes are at the polar opposite of software such as the storm botnet, but I can’t help admire, at least from the standpoint of technology, some of the self-preservation techniques employed by malware such as Nugache in avoiding eradication. It seems that many anti-malware researchers share my reluctant admiration. From

Dittrich, one of the top botnet researchers in the world, has been tracking botnets for close to a decade and has seen it all. But this new piece of malware, which came to be known as Nugache, was a game-changer. With no [centralized command-and-control] server to target, bots capable of sending encrypted packets and the possibility of any peer on the network suddenly becoming the de facto leader of the botnet, Nugache, Dittrich knew, would be virtually impossible to stop.

Comments are closed.