The Internet security field has always been an arms race, and I think it is safe to say that theory has nearly always lead practice. Sniffing was alluded to in the original Ethernet design paper, for example. Various friends and I have sat in hottubs speculating when various Bad Things would appear in the wild, generally many years before they did. (Security people are paid to think bad thoughts.) No, I am not willing to supply you with a list, certainly absent a hot tub and a level of personal trust.

A number of the ideas they are kicking around have been around for a while. Tom Duff wrote a shell virus over ten years ago.

Meaner viruses/worms replicating software is certainly on the way, but I think the statement:

   If such a worm were competently developed released
   into the world, the fate of the Internet would be in
   the hands of those who controlled it.

Is way too strong. Here is why:

1) exponential growth is very hard to control. Slow, stealth replication is very difficult. There are lessons in telomeres and cancer, mixomitosis, telescript, and the Morris worm. Robert Morris knew this, and got it wrong. I am not convinced that his worm would have remain undetected long even without the replication bug.

2) One of the Internet's great strengths is that there are teams of experts always ready to tackle a difficult problem. Even back in 1988, the worm was decoded and analyzed by at least three different groups. The SYN packet attacks at Panix in 1996(?) caused the creation of an instant mailing list of industry greybeards that sifted through many solutions and chose and quickly installed good mitigation algorithms. The recent DDOS attacks have caused a similar response, though it is unclear how well some of these new mitigations will work or be deployed.

A truly nasty worm will get similar treatment.

3) The proposed worms have a number of achilles heals. Several were mentioned by other off-liners here. Stealth spread will be impeded by the mix of attacked systems. There are solutions to polymorphic viruses.

---

All this said, I have no doubt that we will see uglier portable programs. There are a number of easy, widely-connected spaces available for propagation. Thanks to exponential growth, the global cost of the cleanup will be huge.