Wednesday, November 30, 2005

TECH | Losing the virus war?

When a leading figure in the anti-virus business speaks honestly about the status of the war against computer viruses; it's worth listening!

Eugene Kaspersky, who heads the Russian anti-virus company Kaspersky Lab, has been honest enough to say that anti-virus (AV) vendors are having trouble keeping pace in the race with virus-writers.

For most of us, that statement rings true as we've been hit by virus-infested spam emails before our AV software automatically provides an update to block them. After all, the antidote can only be produced after the pandemic begins.

Still, it seems like things are getting out of hand. And Kaspersky goes on to paint a clear, even if somewhat depressing picture, when he says that virus authors take advantage of the fact that AV software depends on frequent virus-definition updates to spot the latest malware. By the time those products are updated to detect the latest threat, the virus writers have already released several newer versions that evade the latest AV signatures.

So, obviously, virus creators are beating the 'update cycle', and are actually hitting AV software with a juggernaut of mutated virus versions which leave AV companies confused.The result has been AV software that simply doesn't work!

How many times have you updated your AV software only to find out that it let a particular virus slip into your system, although the AV company claims to have updated its software to catch it?

Kaspersky talks about that too and explains that malicious programs propagate so quickly that AV companies have to release updates as quickly as possible to minimize the amount of time that users will potentially be at risk. Unfortunately, many AV companies are unable to do this - users often receive updates once they are already infected.

Moving onto the next painful fact, Kaspersky also says that AV software, even when updated, doesn't always cure a computer's infection.

He says that, very often, viruses and Trojans are written in a way which enables them to hide their presence in the system and/or to penetrate the system so deeply that deleting them is a complex task. Unfortunately, some AV programs are unable to delete malicious code and restore data which has been modified by the virus without causing further problems.

That's not good news at all! In fact, it casts a shadow of doubt on the confidence of users in AV software. I know I've faced all of the problems he's talked about, haven't you?

So, what's the solution? Kaspersky thinks it lies in more coordination among AV companies to share their knowledge and ensure that whoever spots a virus first or manages to cure it shares this information.It's not likely to happen, though, as AV software companies compete with one another in a cut-throat and high profit market. Maybe it's time they cooperated for the greater good.

Maybe us users have something to say in this regard; or maybe some active programmers in the open-source community can create AV software that is created and updated with that cooperative mentality, and with thousands of experts pitching in to solve every problem.

If and when that happens, AV companies will regret prioritizing short-term profits ahead of long-term stability of their business.


At 11:25 PM , Blogger Paul Adams said...

This comment has been removed by a blog administrator.

At 10:26 AM , Anonymous ebusiness software said...

Hi Zeid Nasser, I have been visiting sites for hours and I really like what you have done with your blog. Informative and interesting! In fact I found your site just after
I visited pos system
It's not exactly what I was looking for but it was nonetheless interesting to read.

At 6:50 AM , Anonymous Accounting software said...

Hey this blog is not about ecommerce software

I have been doing hours of research on "Accounting-Software" and it brought me to your blog on TECH | Losing the virus war?. Anyways, Zeid Nasser I was reading your blog and I think it is really cool. It’s really a pleasure reading your posts! Keep up the great work.

Keep blogging away :-)

At 7:53 AM , Blogger Emirates Mac said...

... or you could just get a Mac, where the virus-writers seem to be loosing the battle, or at least they're not attacking at the moment (and haven't been since MacOSX was launched some five years ago) :-)

That issue aside, the best way to combat viruses is educating users. So many (Windows) users don't have AV installed and don't keep it up to date. If they did, they wouldn't spread it to other users.


Post a Comment

Subscribe to Post Comments [Atom]

<< Home