With reports that a “New Worm Chats with Users on AIM” link and even goes so far as to respond “lol no its not its a virus” when questioned it’s not too far of a leap to imagine personalized viruses.
Don’t imagine the personalized viruses tailored to your DNA that many sci-fi novels talk about, but instead think the evolution of Spear-Phishing.
This kind of an attack could use the information it gathers about you (contact names, frequency of contact, online purchase history, emails, IM history etc) to masquerade as a “trusted” contact to everyone you know. If it wasn’t too intrusive, then it would be difficult to even notice if your system had been infected.
Imagine that instead of trying to steal your credit card numbers, or other information that has a lot of attention focused on security this “personalized” virus simply pretended to be you occasionally.
It could IM/email your contacts, and suggest products or services. If it only chose things that you would recommend, or have purchased (think of Amazon’s suggestion engine), to the type of people who would be interested (search for keywords in email/IM interactions), and could do it in your ‘voice’ (copy phrasing from IM/email) it would be very effective. Perhaps it would even place VOIP calls, and remix your voice for maximum effectiveness.
Whatever the mechanism, the fact remains that eventually one of your friends would say ‘Thanks for the heads up on that (stock pick, book, software package, membership website etc)’ and it would come out that you didn’t actually tell them about it.
The question is – would you mind?
Think of it this way – If someone had a website with EXACTLY the news that you were interested in, and nothing else you would be very happy to read it. It wouldn’t matter that the site was a splog newsmaster site, or the product of a great news team. Either way you are happy with the end result.
By the same token, you really would like to let all of your friends know about the products and services that you think would improve their lives. It would be even better if you were able to do so without taking any effort on your part, and it just “worked in the background”.
By making itself unobtrusive, and even helpful you would have very little incentive to track down and remove the bot. From there it’s just a short step to reminding you about appointments, screening phone calls etc. After all if it’s doing a good enough job, you might even want it to help you to manage your relationships a little. Imagine being able to delegate those obligatory chats to your Fetch* .
As I have discussed before the revolution in personalized content may well evolve from search engine spammers. That is just one niche in the digital ecosystem. In order for digital life to evolve there needs to be competition and consequences. With anti-virus, anti-spyware and other types of competitive software in the mix only the fittest will survive.
I can’t wait to see what comes out from this.
* Fetch = autonomous adaptive software agent or knowledge based agent.