Truth About Computer Security Hysteria
Gift of the viriiRob Rosenberger, Vmyths co-founder
Tuesday, 25 December 2001
SOME PEOPLE ASK why I don't give more credit where due. I'll use today's column to satisfy them.
I tend to focus on the negative aspects of the antivirus industry for two important reasons. First, too much BS needs my attention. Second, the industry goes to great lengths to applaud itself. But hey, I feel like giving a gift to the antivirus industry on Christmas Day. So, ta da! A column filled with positive comments.
I want everyone to know antivirus vendors remain vigilant. For example, I called the Sophos tech support line at 04:00 (their time) on Christmas morning. I got an immediate pick-up (as usual) and they wished me a merry Christmas. I then sent an email to MessageLabs at 04:10 (their time). Their support staff responded in seven minutes just to wish me a merry Christmas. To all the experts who work through the holidays to keep our PCs safe, I say "thank you."
I critique the industry's addictive update model, but I'd much rather see users get addicted than simply go without protection. When I give lectures, I give away a vendor's polo shirt to underscore my belief in antivirus technology. I'd like to thank Finjan, Network Associates, Central Command, and Symantec for supplying me with giveaway items over the years.
I use too many computer security products & services to describe here — and I use some of them in ways you might not understand. Still, I'd like to single out a few for unsolicited kudos (in no real order): MessageLabs MSP, Symantec Ghost, F-Secure SSH, Symantec pcAnywhere, Trend Micro Housecall, LinkSys SOHO routers, Central Command AVX, Tripp Lite UPSs, Microsoft Windows 2000, Microsoft WindowsUpdate, OpenBSD, and Hewlett-Packard CD-R drives. Each of these products plays an important role in my current antivirus project.
Now let's talk about Microsoft. Their security team gets deluged far too often with bad press and yet they keep on going. Sure, Redmond programmers pump out buggy code — who doesn't? (Sun and SendMail had their own bug du jour era, you know.) When someone finds a serious bug in a Microsoft product, a tiger team may work around the clock to produce a fix. And when those security patches come out, Microsoft sets a standard for easy updating. To all the folks in Redmond who make Windows safe for mass consumption, I say "thank you."
Now let's talk about the maintenance crews who fight viruses on the front line. Those guys spend a large part of their day cleaning up infected PCs in corporate offices, government agencies, and military units. They often get a bad rap because other employees only see them when a PC needs repair. They run around with their heads chopped off whenever antivirus software fails to stop a new virus. Vmyths readers sometimes razz the grunts for enforcing stupid decisions made by higher-ups. (This is especially true in the U.S. military.) To those of you who fight the viruses where you work, I say "thank you." You provide a much-needed service and you don't get enough credit. And you don't get paid enough.
Let's wrap up this column with five words for the antivirus industry: "keep fighting the real viruses." Vmyths will fight the hoaxes and the hype. I wish everyone the most holy of holiday seasons.
[Credit where due: I swiped the headline from O. Henry.]