TECH | Losing the virus war?

When a leading figure in the anti-virus business speaks honestly about the status of the war against computer viruses; it's worth listening!

Eugene Kaspersky, who heads the Russian anti-virus company Kaspersky Lab, has been honest enough to say that anti-virus (AV) vendors are having trouble keeping pace in the race with virus-writers.

For most of us, that statement rings true as we've been hit by virus-infested spam emails before our AV software automatically provides an update to block them. After all, the antidote can only be produced after the pandemic begins.

Still, it seems like things are getting out of hand. And Kaspersky goes on to paint a clear, even if somewhat depressing picture, when he says that virus authors take advantage of the fact that AV software depends on frequent virus-definition updates to spot the latest malware. By the time those products are updated to detect the latest threat, the virus writers have already released several newer versions that evade the latest AV signatures.

So, obviously, virus creators are beating the 'update cycle', and are actually hitting AV software with a juggernaut of mutated virus versions which leave AV companies confused.The result has been AV software that simply doesn't work!

How many times have you updated your AV software only to find out that it let a particular virus slip into your system, although the AV company claims to have updated its software to catch it?

Kaspersky talks about that too and explains that malicious programs propagate so quickly that AV companies have to release updates as quickly as possible to minimize the amount of time that users will potentially be at risk. Unfortunately, many AV companies are unable to do this - users often receive updates once they are already infected.

Moving onto the next painful fact, Kaspersky also says that AV software, even when updated, doesn't always cure a computer's infection.

He says that, very often, viruses and Trojans are written in a way which enables them to hide their presence in the system and/or to penetrate the system so deeply that deleting them is a complex task. Unfortunately, some AV programs are unable to delete malicious code and restore data which has been modified by the virus without causing further problems.

That's not good news at all! In fact, it casts a shadow of doubt on the confidence of users in AV software. I know I've faced all of the problems he's talked about, haven't you?

So, what's the solution? Kaspersky thinks it lies in more coordination among AV companies to share their knowledge and ensure that whoever spots a virus first or manages to cure it shares this information.It's not likely to happen, though, as AV software companies compete with one another in a cut-throat and high profit market. Maybe it's time they cooperated for the greater good.

Maybe us users have something to say in this regard; or maybe some active programmers in the open-source community can create AV software that is created and updated with that cooperative mentality, and with thousands of experts pitching in to solve every problem.

If and when that happens, AV companies will regret prioritizing short-term profits ahead of long-term stability of their business.

zanasser@gmail.com