Slashdot Mirror
Can the Malware Industry be Trusted?
Joe Barr writes "Is the entire anti-virus / malware industry as rotten as it appears? I started digging into it as a result of the recent lame, unsubstantiated assertions of viral threats to Linux by Kaspersky Lab, but the practice doesn't seem to start or end with them. Who knows, maybe it's pandemic in that entire segment of the IT industry."
An industry blowing problems up to be bigger than they seem in order to sell more product? Conspiracy!
The only real crime here is that we've let ourselves be suckered by them for as long as we have.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
Surely they mean the anti-malware industry?
Slashdot Burying Stories About Slashdot Media Owned
If this guy doesn't know that Symantec == Norton, I don't think I have any use for his opinions on malware companies.
Specialization is for insects. -Heinlein
If you assume that every person is motivated by money alone, then you are forced to conclude that anti-malware companies have the greatest incentive to produce malware.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Agree or disagree with the points of this article (I mostly agree), there is an elephant in the middle of the room everyone ignores.
From the article (emphasis mine):
"Only the stupidest dolts in the universe?" Aside from being a little insulting, it's just not true. Many intelligent people believe these reports simply because, as the article points out elsewhere, because it is repeated the lie becomes truth.
People trust "media" to the extent they don't have expertise in some subject matter. What other result would you expect? There are too many topics, too many reports, and too many things demanding attention, general consumers and lay people, appropiately (though naively), rely on integrity of reporting bodies to filter that part of their world not their specialty(ies).
Reporting organizations (e.g., CERT) have an ethical responsibility to normalize and make canonical data issued for general consumption.
Unfortunately the technology world today is Microsoft's sandbox, and seemingly if anyone wants to play, be it media, competition, and lately even government, Microsoft seems to be able to control the rules. Sigh, again.
Every year, US-Cert produces huge fireworks in the security trade press with their annual summary of misinformation about security flaws. [...] The summary gives a total for flaws found in Windows and another total for flaws found in Unix and Linux. Last year, those totals were 812 for Windows and 2,312 for Unix/Linux.
Oh ****! Quick, someone tell me how to upgrade to this "Windows" thing!
Microsoft has established itself as a standard so much so that even a 'unbiased' consumer organization such as Consumer Reports basically only acknowledges MS when reviewing computers and making recommendations. Apple is a player but not top tier. It's no wonder AV companies pander to MS and spread FUD. Logically, one would think that a business that exists to correct flaws in another product would lead consumers to shy away form that product but no, because MS is a standard.
Not really...after all, these firms have absolutely no interest in eliminating the problem, but only in treating the symptoms. That's why they continually endorse an OS that is legendary for its security holes, while spreading FUD about more secure alternatives like *nix and MacOS, which have a chance of actually fixing the underlying problem.
____
~ |rip/\/\aster /\/\onkey
The whole thing is a protection racket. The more they can make you afraid of the consequenses and aware of the "threat" the more you are willing to pay for protection. The whole thing is based on a vulnerable infrastructre.
If there was a solid infrastructre that was trusted the whole industry would disappear. The industry is based on the Microsoft Operating system and its designed vulnerabilities. The industry would not exist without the flaws in the Microsoft Operating systems and workflow. If Microsoft fixed its stuff, or if people migrated to a solid infrastucture the industry would disappear. I am sure the industry as a whole is looking at Linux as a big threat, it could destroy their whole reason for existing.
As a whole the Linux client is not a market for this industry. They need to make Linux/OSS users feel the threat so we will by their product.
Agreed, the industry is full of FUD, along with other substances.
Noticed a copy of AntiVirus for Mac OSX @ CompUSA last week. $59! Three questions:
1) Who buys this stuff?
2) Why so much?
3) Why?
To my knowledge there is only one virus in the wild for OSX and it never really made an impact. I understand that AV for Mac scans for the billions of Windows viruses, but considering that the Mac is extraordinarily unlikely to become infected, it's similarly unlikely a Mac will pass on a virus. I know it's part of being a good net citizen, but ultimately scanning email is your own responsibility. I don't scan for Linux or mainframe viruses, or iPaq scripts. Why should I scan for Windows viruses?
Or am I missing something?
idiots, dolts, crap. There is a lot of name calling in there. He sounds like a teenager complaining about her friends. I don't claim to be the most articulate person around, but this guy shouldn't be writing articles. People judge you by the words you use. I got so distracted by his name calling I had to post before finishing the article, and I'm wondering if I'll be able to reach the end or take his side given the tone.
- The malware industry cannot be trusted to report when things are improving or a better alternative to their bread and butter os exists.
- Doctors poor at telling hypochondriac when there is nothing wrong with them.
- Car companies not reliable source of information about bicycles and public transit.
- Lawyers cannot be trusted to create legislation that doesn't criminalize everything.
- Politicians appear to be lying or misleading to get elected.
- Wolves unwilling to notify sheep in advance of attack.
You are checking your backups, aren't you?
Every year, US-Cert produces huge fireworks in the security trade press with their annual summary of misinformation about security flaws. The idiots in the press repeat the lie verbatim and the lie becomes real. What is the lie? That Unix/Linux is less secure than Windows. Granted, only the stupidest dolts in the universe -- and the trade press -- are going to buy that crap, but they put it out there anyway.
I got to that point in the article and remembered the red ink on a paper I wrote in grad school, wherein the professor said, "too pejorative to be taken as an objective analysis of the topic."
In all things academic or reporting, if you do not really have it, then at least fake objectivity....
"All great things are simple & expressed in a single word: freedom, justice, honor, duty, mercy, hope." --Churchill
The anti-malware software industry is like the insurance industry. They want to provide their paying customers with benefit, but the last thing they ever want to do is encourage consumer behavior, law, or product changes that actually eliminate the problem, thus putting themselves out of business.
I will create a sig when innovation restarts in the U.S.
Can the anti-malware industry be trusted? Can microsoft be trusted? Can the IT industry be trusted?
One thing that all of this overlooks, is that it doesn't take malice for hysteria to spread.
premise: people fear what they don't understand.
premise: most people don't understand computers.
I have a friend who fancied himself a home-taught computer expert. Armed with TweakXP, a few anti-virus tools, and a small handful of other gadgets, he was always offering to "optimize" and "fix" his friends' computers.
And lo! and behold, every single computer that was ever brought to him had "a major virus" or "a serious trojan" problem on it. Of course, there is so much media hype about viruses (and people's bad browsing habits) that this was fairly believable. However, the mere consistency of his diagnoses started making me suspicious....
Sure enough, after a few in-depth conversations, it turns out that he was using bad virus-detection software: some unknown little program that he assumed was "better than all the rest" because it "always found more" (it didn't occur to him that most of them were false positives); and moreover, it turns out he didn't even have a clear understanding of what a "virus" is.
But let me tell you: he had a stream of people in and out of his apartment that were absolutely convinced that ANY time there was EVER a problem with their machine, it MUST have been because of a virus.