Truth About Computer Security Hysteria
When society realizes these five things...
Friday, 28 May 2004
LET'S BEGIN WITH a crucial observation. "You're addicted to antivirus updates." You inject them into your computer just like a drug. It gives you a feeling of euphoria just like a drug. But it soon wears off just like a drug.
Your addiction to antivirus updates will grow until you can't afford it anymore. Then you'll need to make a key corporate decision — and frankly, I don't trust addicts to make good choices.
Ah, but there's the rub! You will let an addict make those decisions for you...
So you inject another update into your computer just like a drug...
As I mentioned a few weeks ago, Sophos now urges you to check for updates 8,760 times per year. That's once an hour, every hour, every day. Per computer. And as I mentioned, it still won't be enough. Someday, the experts will implore you to check for updates every minute — up to 525,600 antivirus patches per year, per computer.
History tells us your addiction will grow until you can't afford it anymore. Then you'll be forced to make a key corporate decision — and frankly, I don't trust addicts to make good choices. Ah, but there's the rub! You will let an addict make decisions for you when the time comes.
Our antivirus woes won't improve unless & until society realizes these five things:
- Society must recognize its addiction to antivirus updates. It's so addictive that it has even intrigued the tobacco industry. Antivirus firms recognized your addiction ca.1996 and they switched to an "Addictive Update Model" ca.1997-98. Believe it: Microsoft recently purchased an antivirus firm because they want to exploit the Addictive Update Model.
- Society must realize every addiction is bad. It doesn't matter if you grow addicted to something useful like prescription painkillers or antivirus software. Addictions are bad simply because you're not in control. In this case, the antivirus industry is in control.
- Society must realize non-addictive antivirus alternatives exist. In fact, some of the alternatives existed before today's addictive "scanning" technology came along. The media stopped reviewing other technologies ca.1991 because it's easiest (and cheapest) to review virus scanners. A cheap/lazy media contributes greatly to a monoculture of addictive antivirus technology.
- Society must realize alternative antivirus technologies offer superior performance. Renowned virus expert Nick Fitzgerald, for example, has lectured for years on "Why You Should Stop Using Scanners." You're not just addicted — you're addicted to an inferior technology! Fitzgerald & I aren't the only experts who know this.
- Society must realize other addicts will use peer pressure to keep us addicted. It sounds stupid, but some of those addicts will insist "the cure is worse than the disease." Ironically, the addicts themselves make the key corporate decisions — and they can order your firm to remain addicted to inferior technology.
Addicts in the U.S. Department of Defense continue to spend millions of dollars on research to find better ways to maintain their addiction ... but USAF CIO John Gilligan finally stands on the verge of asking them "why don't antivirus firms fall victim to viruses?" You should ask yourself the same question.
If & when you realize you're an addict, of course.