Truth About Computer Security Hysteria
mi2g's ''new'' worst nightmare, ''hate sites''
Letters to the Editor
Friday, 17 December 2004
[Editor's note: this letter came in response to this column.]
I HAVE TO admire mi2g's ingenuity. Having built their business on fearmongering and imaginative damage estimates, they appear to be making a major change of direction. Their November press release, "How real is the threat of cyber terrorism?" was a complete volte-face. Now they have cleverly combined a "new" worst nightmare, "hate sites," with an attack on their persistent critic, Vmyths.
Why did mi2g suddenly conclude hate sites were such a threat? There has been sporadic news coverage of *sucks.com and ihate*.com sites for years. Is there new evidence of this problem becoming more serious, or is mi2g simply searching for a new bogeyman to fearmonger against?
However, I find mi2g's willingness to lump together anyone who dares criticise a corporate brand with racist and violent extremists is frightening. And can't they see the irony of criticising the Internet for providing to the critics, "unprecedented opportunity to market themselves — unhindered — at very low cost, 24 hours a day, seven days a week," when the corporations they are criticising are using exactly the same opportunity. Freedom of speech works both ways.
I have never felt that Vmyths has tried to garner negative sentiments against the anti-virus software and security industry. In my opinion it is intelligently furthering the debate about how we should address these problems through the medium of humour. Vmyths is in no way a "hate" site — it criticises specific instances, and it allows a right of reply (publishing mi2g's criticism in full is just the latest example of that). The targets are not just specific companies, but also include any governments or "experts" who say something worthy of criticism. Many pieces are actually supportive of the anti-virus industry, such as the False Authority Syndrome, and Why Don't Anti-Virus Firms Get Infected?.
Some of mi2g's accusations can be dismissed because they are deliberately unverifiable. Apparently Vmyths has, "never written against certain computing vendors" — if mi2g wants that accusation taken seriously, they will have to name the vendors, and give examples of when Vmyths' published aims should have led them to write against those vendors.
However, there is a serious accusation that Vmyths was offered for sale to mi2g. Any light that Vmyths, or Mr. Matai, can throw on this would be appreciated.
The mi2g article is also available on their website — I wonder what they mean by "restricted list"?
"I have never felt that Vmyths has tried to garner negative sentiments against the anti-virus software and security industry. In my opinion it is intelligently furthering the debate about how we should address these problems through the medium of humour."
Yui Kee Computing Ltd.
Allan Dyer works for an Anti-Virus and Information Security company in Hong Kong, China. He has appeared on stage in the Albert Hall, performed genetic engineering experiments, put his own blood into his research, and worked where smallpox was stored. More recently, he modified government websites and spoke at conferences around the world. Gunfire is often heard outside his office, and tanks are seen nearby. He continues to improve his more exciting (but still accurate) bio. He has not given viruses to the Chinese government, is not employed by an anti-virus developer and has not been named in criticism by Vmyths.
Allan Dyer noted a "serious accusation" (see above) and he asked for "any light that Vmyths ... can throw on this." Editor Rob Rosenberger responds:
mi2g accused Vmyths cofounder Eric Robichaud of "extortion," saying he offered to "stop" a negative campaign if they agreed to buy our website for a large sum.
To meet the definition of "extortion," Robichaud must be able to "stop" my criticism after the sale. He in fact cannot control what anyone at Vmyths writes. The contracts that created Vmyths give me full editorial control.
Those contracts also forbid ads for antivirus products & services — but my lawyer forgot about a possible sale. Robichaud can pawn Vmyths to anyone he wants. Even if he kept me in the loop re: his sales pitches, I couldn't really do anything about it. I've kicked myself for such a simple oversight and I accept full responsibility for it.
This is now the fifth time I've written about Robichaud's attempts to sell Vmyths. Look for "Robichaud" here on 2/4/03, here on both 1/12/04 and 2/23/04, and here on 7/26/04. I learned after the fact of his attempts to sell out to Symantec, Trend Micro, MessageLabs, Sophos, and Microsoft. No doubt Robichaud approached mi2g and McAfee and a few others. Nor would it surprise me if he told mi2g "you can shut down the site and you'll own Rob's email address." Robichaud knows how to pitch a sale to a potential client.
Opportunistic? Yes. "Extortion"? No. This is yet another example where mi2g used the wrong word for sensational effect. Robichaud can't force anyone's silence after he sells Vmyths.
But this leads to an obvious question. "Could Robichaud sell just the copyrighted material you've written about mi2g?" The answer is "no" because it would violate the editorial control clause. Robichaud can only sell Vmyths as a whole unit — and that's exactly what mi2g said he tried to do.
For the record: I hired a different lawyer to create a not-for-profit "Center for Computer Security Criticism" with input from our editor-at-large George C. Smith and columnist Lew Koch. Robichaud is not involved in it. CCSC can buy Vmyths at a discount price because I'm donating my entire stake in it. If the sale happens, mi2g won't need to worry about "extortion" — they'll need to worry about a book deal I've been purposely sitting on.
mi2g wants you to think they are a victim and we are unethical. Our dossier on mi2g dates back to 1999 and it shows exactly the opposite. Vmyths is widely acclaimed for its criticism, whereas mi2g is widely dismissed as a laughingstock. For the record: if mi2g buys Vmyths, I'll donate 100% of my proceeds to CCSC. I said "I won't touch [their] tainted money" and I mean it.