Is the University of Cambridge Computing Laboratory superstitious? Report number 666 (on computer malware) was published on 6/6/6 and is entitled Pact with the Devil [abstract, pdf, announcement].
This was clearly contrived. The Laboratory normally publishes a couple of reports every month. Report number 665 was published in April 2006, and then several reports were apparently held back so that the malware report could be assigned an auspicious number and date.
(Three further reports were published immediately after the malware report. Perhaps the numbers and dates are assigned by some bureaucratic computer system; but we may presume that the computer scientists at Cambridge would know how to cheat the system if they had chosen to do so. Perhaps it matters to some people whether this really was the 666th report, and not the 669th report with the code numbers swapped.)
Superstition is an interesting phenomenon. The computer scientists can claim an interesting defence: they are not irrational themselves, merely exploiting the irrationality of other people. Contriving an auspicious number is a trick to get themselves some publicity for the report. (Hey, it's got me to post a blog about it, and I'm not admitting to being superstitious either.)
The report itself talks about malware that coopts users to help with propagation - exploiting their greed, malice and short-sightedness.
It can be observed that a biological virus may alter the host's behaviour - for example, causing them to cough germs over other people. I understand that some people infected with a biological virus become so angry and alienated that they deliberately set out to infect other people. Obviously a biological virus that can cause this kind of behaviour is likely to be more successful at propagating itself.
The authors of the paper discuss various mechanisms and incentive structures that a crafty computer virus could use to bribe and blackmail users, causing them to assist with propagation. It's a scary thought. But the authors end with an even scarier thought - we may no longer be able to draw a hard line between malware and other propagated software. Until we have proper controls, "running other peoples software will remain an activity to be undertaken with caution".
del.icio.us tags: POSIWID
Technorati tags: POSIWID security superstition