Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

The Anti-Virus Industry Scam

Feb 17, 2004 1:38AM PST

by Richard Forno - InfoWarrior.org - Monday, 16 February 2004.

One has to wonder how the anti-virus industry sleeps well at night. On one hand, it purports to serve the world by defending our computers and networks from any number of electronic critters and malicious code. On the other hand, sometimes its "cure" is worse than the problem its companies and products allegedly treat. Add to that a decades-old concern over business, market share, and publicity, and you have all the ingredients for a confused industry, product, and service. This situation regularly benefits the antivirus software industry and victimizes its customers.

Let's start with malicious code outbreaks in general. Unlike hurricanes and tsunamis, there is no standard way of naming malicious code -- and thus is the greatest problem facing the antivirus industry. Gone are the days when simple names like "Jerusalem", "Michaelangelo" and "Stoned" were accepted and used by all antivirus vendors and their products. Today, what one company calls "Worm_Minmail.R" another calls "W32.Novarg" -- someone else calls it "MyDoom.A@m" and another may classify the same thing as "W32/MyDoom." What is needed is a return to industry-wide nomenclature for malicious code that can be used by all vendors in describing their products and making the reporting, analysis, and resolution of such outbreaks easier and more productive for customers and researchers alike.

Read more: http://www.net-security.org/article.php?id=640

Discussion is locked

- Collapse -
Re:The Anti-Virus Industry Scam
Feb 17, 2004 9:40PM PST

I had penned a comment to this, in Word so that I could check my dubious grammar, with the intention of pasting this reply in to this message box. However, the 'Preview Message' button does not seem to work. Is there a limit to the number of lines that can be posted in a reply?

- Collapse -
Re:The Anti-Virus Industry Scam
Feb 18, 2004 11:50AM PST
- Collapse -
Re:Re:The Anti-Virus Industry Scam
Feb 25, 2004 1:16AM PST

Hi Marianna,

Any joy on this one being figured out as yet?

Kind Regards

- Collapse -
Re:The Anti-Virus Industry Scam
Feb 25, 2004 1:24AM PST
- Collapse -
Re:Re:The Anti-Virus Industry Scam
Feb 25, 2004 4:21AM PST

Marianna,

Many thanks for pointing me at those previous posts in your last reply.

The solution? Opera 7.23!!

At last I am able to post my reply!!!!

Thanks again.


Mr. Forno raises some interesting points in this article. Whilst I do not necessarily concur with them all, he is bang on with his comments regarding the naming conventions, or lack of them, which undoubtedly compound the problems when trying to trace and eradicate the ever-growing number of cyber-threats.

Unfortunately, in a free-market economy it is impossible to legislate for the situation where AV companies race to discover, reverse-engineer, name and ultimately provide a solution for each individual occurrence of the threats which seem to have reached epidemic proportions. This 'race' appears to have had the detrimental effect that is described by Mr. Forno in his article.

So, what is the solution? Well, this is not an easy question to answer, and indeed could actually be resolved by any one of many different possible actions. However, they all boil down to the same simple pre-requisite: communication. For the AV suppliers to stop the constant creation of multiple names for what is exactly the same threat will require the different vendors to share their findings with one another, a step which unfortunately does not fit to comfortably in today?s aggressively competitive market place. This suggestion is however further complicated by the fact that this communication would have to cross not only corporate borders, but international and cultural ones as well which is where further issues arise. It is simpler to enforce compliance when the companies involved are all governed by a single nation?s laws and regulations. This governance becomes much more difficult to impose when the companies involved are spread worldwide rather than nationwide. This worldwide spread, whilst excellent for the consumer in that the competition that it creates pushes prices down, creates completely new issues when it comes to trying to bring the vendors together 'round a table' so to speak. Notwithstanding the difficulties expressed above, imagine what an incredibly powerful force could be created if the brightest minds from the leading AV suppliers were allowed to talk freely and openly about newly emerging threats. In this connected world that we live today which provides the mediums which are being exploited so readily, why not use this same medium to promote these discussions?

But why ask for the crumbs, why not go for the whole cake and take the same stance with regard to ISP?s, ensuring that they are required to provide a service which includes anti-spam, virus scanning at source and spyware filtering?

This is where it is essential to have a world-wide 'watchdog' who's responsibility it is to ensure that ALL suppliers of computer security software and hardware comply with documented procedures which are there to, among other things, bring standardisation to all matters of threat management and containment. Whilst it would be impossible to demand that all vendors buy in to this, if the organisation were to carry sufficient authority as to be able to award a 'compliance certificate' for its members, then this would hopefully become a pre-requisite for corporate and private purchasers of the products.

Pie in the sky? Quite possibly, but as the number of threats multiplies at a frightening rate and the cost to industry and individuals grows for each subsequent attack, it may take a bold move like this to at least delay the day where computer networks and the Internet grind to a final halt under the immense quantities of bilge that are being maliciously produced.