Thanks, but we don't want your Cheese (worm)!
Cheese is certainly a "c00l" hack, but that definitely doesn't make it acceptable or responsible behavior. Visions of bots floating around in the ether waging mighty, but invisible, battles belong in books such as Neal Stephenson's "The Diamond Age," not on production Internet servers.
That's really the key point. Unauthorized code should not be running on other people's servers, no matter how much good it tries to do. Period. This is especially the case when code installs itself secretly on your servers with root privileges and then uses them as a launching point for transferring data to countless numbers of other servers on the Internet.
The Cheese worm even uses hostile code techniques of trying to hide its presence by changing its process name to "httpd" and placing its files into a "/tmp/.cheese" directory, where they're not likely to be easily stumbled upon. Does this sound like responsible coding to you?
A worm is still a worm, and any self-replicating code that uses backdoors to silently install itself on systems is bad by definition, no matter how it's used. Worm technology is not value-neutral. The silver lining doesn't make the dark cloud go away.
Moreover, this kind of technology has proved to be impossible to control in the past. Remember the famous Morris Internet Worm in November 1988? Process limits Morris put into that worm to keep it from overloading infected systems didn't work because of coding mistakes he made.
Finally, the Cheese worm doesn't even solve the real problem, which is a vulnerable version of BIND, also known as Berkeley Internet Name Domain. IT administrators infected with the Cheese worm will still have to rebuild servers from scratch-who knows what else has infected those systems?
The only real and correct way to deal with vulnerabilities is to fix them-preventing 1i0n, Cheese and their ilk.