HOME
TOPICS
ABOUT ME
M
AIL
No matter how much we pay for antivirus
protection, many viruses still get through.
|
|
technofile
Al Fasoldt's reviews and
commentaries, continuously available online since
1983
T e c h n o f i l e
SoBig Virus was a wake-up call, but will we finally get
the message?
Sept. 14, 2003
By Al Fasoldt
Copyright © 2003, Al Fasoldt
Copyright © 2003, The Post-Standard
The SoBig Virus was a wake-up call.
SoBig, which hit Windows computers
worldwide in late August, spread so fast and infected so
many computers in the first few hours that it caught many
Windows users by surprise.
Why? How could we have been left
napping? Most Windows users know about viruses, and only a
modern Rip Van Winkle could be unaware of the danger of
opening attachments you didn't ask for. What happened
to us?
I suspect there were three reasons SoBig
struck Windows users so hard:
1. We're starting to tune out the
incessant rhetoric about the dangers of computer
viruses. We hear it so often that we just plain ignore
it.
Unfortunately, this is a normal human
reaction. We're unable to live on the edge of danger
for such a long time, with viruses raining down on us year
after year, without some sort of natural defense mechanism.
The easiest defense when you're tired of hearing the
same bad news over and over again is to tune it out.
2. I'm convinced that many
Windows PC users rely on e-mail from friends or relatives
to warn them of new viruses. Such warnings -- if in
fact they do any good at all -- would have been far too
late to help avert infection from SoBig, which took over
1.5 million Windows PCs in an hour or two and then spread
to an uncountable number of other Windows computers
worldwide in the next few weeks.
The problem with this sort of
notification is not simply that it is too slow. It is
universally unauthoritative, and in many cases e-mail
warnings are simply wrong. Judging from the
"warnings" I get from well-intentioned friends
and readers, I'd guess that nearly all of them are
hoaxes. In fact, I can't recall a single virus
"warning" over the last few years that turned out
to be real.
3. The antivirus business has clearly
become just that -- a business. Most of us probably
feel, perhaps without being able to say it quite this
openly, that somebody must be making a lot of money off the
viruses that attack our computers, and it doesn't seem
right.
Let's be straight about this.
There's nothing inherently wrong with making money in
the fight against viruses. However, I insist there's
nothing inherently right about it, either. Computer viruses
probably should be studied and attacked the same way we
fight regular human viruses, by teamwork among private and
public agencies. Profit is not the primary motive we
ascribe to the National Institutes of Health; it should not
be the primary motive for eradicating the scourge of
computer infections, either.
Further, the current situation, in which
many antivirus vendors charge high subscription fees in an
attempt to hang onto their customers after their free trial
periods expire, seems to have created little more than a
hierarchy of distrust.
There's something even more
disturbing. No matter how much we pay for antivirus
protection, many viruses still get through.
Why? What's wrong with the
"good guys" that keeps them from devising ways of
protecting us completely?
Some critics of the business model used
by antivirus companies suggest that partial protection
guarantees continued sales because it portrays virus
writers as exceptionally clever programmers who can defeat
even the toughest antivirus pros. Under this scenario,
antivirus programmers have to keep trying harder and
harder, and this, of course, takes money.
In truth, many experts believe the
majority of viruses are written by teenagers or young
adults with far less programming savvy than a typical
software engineer at any major antivirus company. If this
is true, why are antivirus companies holding back?
I don't have an answer. I don't
know anybody else who has the answer, either. All I have
are questions, and they have left me worried and
discouraged.
|
|