Companies war malicious code

A consortium of Internet security software makers today announced it has formed a new vendor group called the Malicious Mobile Code Consortium for companies that market software to guard computers against malicious Java applets and rogue ActiveX components.

The consortium, run by the for-profit International Computer Security Association (ICSA), will create benchmarks to test and certify mobile code products, conduct education and research, and serve as a clearinghouse.

"We believe that malicious mobile code represents an impending threat to secure computing," Chris Christiansen, program director at International Data Corporation, said in a statement. "We welcome ICSA's Malicious Mobile Code Consortium as a responsible industry response to a complex issue."

ICSA runs similar vendor-oriented forums for firewalls, virtual private networks, antivirus software, biometric devices, cryptography products, and Internet filtering software. It also runs consortia for industry segments, including the ANX procurement network for the auto industry and a similar effort for the financial sector.

Charter members include Advanced Computer Research, Computer Associates, Cybermedia, Digitivity, Dr Solomon's Software, eSafe Technologies, Finjan, Internet Security Systems, Quarterdeck, Security-7, Symantec, and Trend Micro.

Finjan, which helped launch the market in January 1996, also will continue its own Java Security Alliance, which gives members a free software development kit that works with any security product to boost standards-based, interoperable security devices.