Posts Tagged ‘computer security’

Antivirus and the Increasing Threats from Malware

computer-antivirusI’ve seen many of these complaints from Mac Sophos users about the awful falls alarm problems. It certainly is a bitter pill for them to swallow that after years of no real threat to speak of, in the month where some holes finally do start to come into the light that they are damaged far more by their protection than they would have been by the threat it was guarding against. False alarms are sadly a fact of life with the current breed of virus scanner. Some scanners are worse than others (and Sophos is far from the worse), and some scanners are so bad that people tell jokes about them.

I’ve seen people threaten to sue, and I too have seen people wanting to walk away from “pay for” antivirus and support open source products. The Open Source scanners certainly should be supported, but as much as I myself like and use Clam, it simply isn’t designed to do the same things that Sophos can do.

At the end of the day, it is all about cost. Someone’s time repairing a machine that’s been attacked by either a worm or a runaway virus scanner can be a considerable cost. Is the cost of the insurance greater or lesser than the cost of the risk for you?

Keep in mind that if your computer becomes infected with malware that attempts to spread itself to others then part of the cost is your reputation. I can minimize the cost of a security issue to my business by working all night to recover from it, but I can’t wind back the hands of time and regain the trust of people whose computers have become wrecked because of my foolishness.

So what to do? I won’t rewrite stuff I basically agree with from the articles I’ve linked to as there is no point in that so I’ll just leave you with a couple of questions:

  • Are Mac users too fussy about AV, or are Windows users too accepting of shoddy products?
  • What if I told you that a possible method for improving issues with false alarms and detecting “new” viruses means changing the way you think about virus scanning?
  • Virus Scanners could be looked on as insurance. If the risk of fire was increasing where you live, and the insurance companies put up the cost of fire insurance accordingly, you might not like it. But would you want to go without insurance?

History Lesson: Way back in the mists of time, Dr Alan Solomon, Yes – THAT Dr Solomon! Of Dr Solomon’s Anti Virus Fame. Anyway, he wrote an interesting little article that talks about the perfect Anti Virus program. Always detects Viruses and never gives a false alarm. Personally, I wouldn’t want to rely on it but it does illustrate the point.

More History: It’s nice to catch up with David Harley and Paul Schmehl again. They both used to be Alt.Comp.Virus regulars ‘back in the day’ and are two people who I follow – even if I didn’t always agree with them!

Remote Security Evaluation of Computer Systems

computer-security-evaluationI was reading a real interesting article on the SANS website right now. Seems they are rightly concerned about an email they’ve received about a University professor who is forcing their students to either break the law or fail part of their course! I’m not going to reproduce the whole email or their comments here, but I’m going to extract bits about it. The project entails the student to perform a security evaluation of computer systems owned by other companies. The student is suppose to conduct the evaluation over the Internet using any available tools in the public domain.

Whoa. Sounds interesting, I wonder if the professor concerned is aware of the various laws against unauthorized access to computer networks. The students are suppose to imagine that they are contracted by a company to perform a security  evaluation.

“Imagine yourself” to be contracted to perform the survey? Why would he need to tell people to do that unless he was all too aware that you are required to have authorization before undertaking this kind of work?

The email goes to to require the students to provide full records of when and how the systems were “evaluated”, what tools were used, “samples” of data collected and a handy cut out and keep chart of what systems had which vulnerabilities. Oh boy, be an awful shame if the wrong kind of people got hold of this information.

Never mind. I’m sure this is just a pro-forma project write up and the students will be permitted to audit their own organization in order to ensure that they can obtain the authorization they need to do this job, right?

So let me see if I have this one down clearly: We won’t intervene in this class content (in other words, we approve of this assignment), but we will take disciplinary action against anyone who hacks our own systems.

Frankly, what we have here is a professor and a university that seem anxious to disgrace themselves. I’m no lawyer, obviously, but I would suggest that they leave themselves not only open to ridicule but lawsuits from companies who are targeted by students, and/or the students themselves who are placed in the unenviable position of either messing up part of their course or breaking a law that could see them jailed if they’re caught.