I was nuking a few dozen pieces of Sobig.F dung that had made it through the mail filter, recognizing a few of the names that had been forged in the “From” and “To” fields, not recognizing more, and it occurred to me that each instance of this virus contains an assertion about three people: that one of them knows the other two. There’s a business plan lurking in here.
The Assertion · The email I get from Sobig.F is of two types: the first is to me, ostensibly from a stolen address, actually from someone’s infected computer, occasionally you can work out who by looking at headers. The second is a failure notice from someone’s mail system saying that I sent tham an illegal/virus-laden/undeliverable email.
Both of these reflect the fact that person A (the Infectee) has two other people’s addresses on their computer: B (the Forged-From) and C (the To). Whether you end up on the From or To line is an accident, so it really just says that the infectee has these two email addresses.
I gather that Sobig.F is pretty aggressive in looking through your files to find email addresses, but let’s imagine that it only looked in the Infectee’s address book. Then the Sobig.F assertion would be quite a bit simpler: “Person A sends mail to Persons B and C.”
So if you were to gather up a few million instances of Sobig.F-generated email (something that any ISP could do trivially, and the NSA may be doing at this moment), you could produce a pretty interesting map of who knows whom.
The Business Plan · Imagine that you’re sitting in a venture capitalist’s office on Sand Hill Road in Menlo Park. To make this easier, imagine that it’s 1999. Here’s the pitch:
It’s not what you know, it’s who you know. Galactic New Media XML P2P Semantic Web Services Cash Flow Incorporated Dot Com is in the business of helping people contact people. We apply the latest in PVT (Pervasive Viral Technology) and rely on the incredibly advanced FOAF (Friend of a Friend) knowledge representation framework to leverage trends not on the radar yet and we’ll be cash-flow positive by Q3, and Po Bronson’s writing us up in Wired!
What you’d do is hire some really smart Windows hacks, not script kiddies, and construct a high-quality Outlook virus that announces itself: “Hi, I’m a virus, but I won’t send email to anyone else without asking you and I’ll help you find the people you need to find; this is the thing that Po Bronson wrote up in Wired. Please open my attachment.”
All the attachment does is email the contents of your address book back to Headquarters, and send you a friendly note saying “If you want to contact anyone in the world, come to our website, and if you want this whole thing to work better, forward the virus to a few friends, or click here and we’ll do it for you.” Then the virus settles down and does nothing but silently mail your address book updates to HQ.
After a while the HQ website has a lot of people’s address books. Suppose that you, Joe Blow, want to contact, for example, me, they look and see whose address book has both you and me in it. Suppose it turns out that Norm Walsh does. Then, without telling you, the system sends a quiet email to Norm Walsh saying “Joe Blow wants an introduction to Tim Bray, here’s why, is it OK to put him in touch with you?”
This is with only one degree of separation; if the system were willing to try to work its way through two or three degrees, it ought to be able to hook almost anyone up with almost anyone.
How Does it Make Money? · Hey, this is 1999, remember, who cares? But the idea isn’t that crazy. In fact, Antarctica retains the services of a guy in New York whose value-add is that he’s pretty smart and that he knows everybody; the only human being I’ve heard of who had to transfer from Palm to PocketPC because he blew the Palm address book to hell.
The world has always had people who made money by knowing the right people and making the right introductions; I’ve made a couple of bucks that way myself over the years. Why not automate it?