It sounds impossible, but Bodacion Technologies' Eric Uner claims to have discovered the holy grail of Internet security. Starting at a cool $17,000, businesses can buy Bodacion's "HYDRA" system to protect their Internet servers from every single virus, worm, or Trojan horse on earth. If you don't believe it, you could have tried to penetrate HYDRA to win Bodacion's $100,000 hacker prize. Tens of thousands of people signed up, but no one could, Uner says.
HYDRA's "secret sauce" is the constantly changing algorithms that prevent any type of electronic intruder from getting through. Based around the same "nano-kernel" operating system that Boeing uses to ensure safety in 747s, Uner says his code is verifiably bug-free. His goal is one day to be able to announce to an audience of IT professionals that he can "stop every virus on earth" without provoking laughter.
Q. What was the idea behind Bodacion?
A. We thought we would take the knowledge we gained from working on embedded systems like cellular phones, radios, pagers and other kinds of small devices, combine that with a development methodology, and try to solve our own problems. The whole thing was designed to make [technology] more reliable and keep people from getting paged at 3 o'clock in the morning. We would then make our own products.
The secret sauce in almost everything we do is these algorithms we developed. We call them "bodacions." The algorithms generate special numbers that have no connection to each other and no pattern. This is the holy grail of mathematics and very important to cryptography. We have used them in projects from remote programming, ISDN cameras, and in our government-approved cryptography for generating very random numbers.
Q. What is HYDRA?
A. HYDRA is a Web intrusion prevention system that uses constantly changing algorithms to protect servers. We named it HYDRA because it constantly adapts. The codes disappear as soon as the unit is powered off or probed or analyzed or disassembled.
HYDRA will stop viruses, worms, Trojan horses, all the network attacks from ever getting to Web servers. It doesn't need to be updated. Put it in your server closet, forget it's there. That's the concept.
HYDRA also has a lot of reliability because our operating system is very small and testable. It's just under 13,000 lines of code, compared to 1.5 million for Linux or 50 million for Windows.
HYDRA uses the same nano-kernel -- that's the term for operating systems in the embedded systems world -- that Boeing uses on its 700 series airplanes. It's actually certified to operate in an environment where any failure or error would cause loss of life. So when we tell people our system has no bugs, and they say bug-free code is impossible, I tell them there are hundreds of 747s in the air right now that can say otherwise.
Q. If HYDRA is so incredible at stopping every single problem, why isn't it on every server on the planet?
A. Because it works. A lot of people are not happy about HYDRA because it works and it's extremely simple. For example, we were at a government agency, and the woman there said, "I'm not going to use your product because if I use your product and I don't have any security problems at all, I can't explain my existence to my organization."
But that is a very narrow way to look at it. If she used HYDRA, she could enjoy an increased security posture, have very little work to do and apply herself toward things that are a little more interesting than hitting the update button every five minutes to get the latest vulnerability patch.
Q. What do you say to the people who say that your claims are just not believable?
A. We've briefed the Department of Defense, we've been to the White House, and the reaction is always the same. "This is going to change everything. This is going to revolutionize the way people think about cyber security. This is the most fantastic thing that I've ever seen." Then you get down to the technical people and they say, "It's true. This is the most fantastic thing I've ever seen. It works perfectly. Now get the hell out of here as quickly as you can and I'm going to pretend you never came."