Author’s Note
The following message is from David Timber, the creator of the Proone Worm Project.
The Name: Proone
I named this project “Proone” because the first idea as to what to do with this worm was “pruning” bad devices off this big tree called the Internet.What Are “Bad Devices”?
The bad devices I refer to here are:Neglected Devices
Obsolete devices running unpatched software that have been abandoned by manufacturers or users
Poorly Designed Devices
Devices with built-in security vulnerabilities like predictable default logins and unlocked maintenance backdoors
The Original Idea
My original idea was a “search and destroy” operation against these devices for a good cause. The concept was to identify and eliminate these vulnerable devices to prevent them from being exploited by malicious actors.Why It Was Abandoned
During the development, I came to realise that this is a bad idea and that I lack the balls to pull this off. Therefore I hereby abandon the idea by publishing my work online.The decision to abandon operational deployment and instead publish the work demonstrates ethical consideration and responsible disclosure of security research.
Reflections on the Project
Call this whatever you want:- Reinventing the wheel
- Copycat
- Waste of time
What This Project Represents
Technical Learning
Technical Learning
Understanding low-level systems programming, network protocols, embedded systems, and malware architecture provided invaluable hands-on experience.
Security Research
Security Research
Exploring how IoT vulnerabilities work in practice and understanding the mechanisms behind modern botnets contributes to defensive security knowledge.
Ethical Considerations
Ethical Considerations
Grappling with the ethical implications of powerful security tools and making the decision to publish rather than deploy demonstrates maturity in handling dual-use research.
Artistic Expression
Artistic Expression
Viewing security research as an “art project” - a creative exploration of technical possibilities and boundaries within a theoretical framework.
A Personal Journey
This project represents a personal journey of exploration and learning. It demonstrates:- Technical Capability: The ability to design and implement complex distributed systems
- Critical Thinking: Recognizing when an idea should remain theoretical
- Responsibility: Choosing to share knowledge rather than weaponize it
- Growth: Learning from the process itself, regardless of deployment
Understanding Context
Proone was conceived in late 2019/early 2020, during a period when IoT security vulnerabilities were increasingly exploited for large-scale DDoS attacks. The Mirai botnet (2016) had demonstrated the vulnerability of the IoT ecosystem, and this project represents an attempt to understand and document these vulnerabilities in depth.
Moving Forward
By publishing this work, the knowledge becomes available for:- Security Researchers: Understanding modern worm architecture and IoT exploitation techniques
- Device Manufacturers: Recognizing vulnerabilities in their products
- Network Administrators: Learning about threats to protect against
- Students: Studying real-world malware design for educational purposes
Academic Context
For those interested in the broader context of IoT security and botnet research, the original README references these academic resources:Legal Analysis
Academic paper on legal aspects of IoT security and botnets
Technical Thesis
University of Oslo thesis on related security research
Final Note from the Author: This project exists as a testament to what can be learned through deep technical exploration, and as a reminder that with technical capability comes responsibility. The decision to publish rather than deploy is intentional and deliberate.