Overhype

by Mike Masnick




The Antivirus Software Protection Racket

from the not-doing-much-good dept

I don't think any anti-virus software has ever actually "protected" me against anything. Every once in a while I get an alert that it's found a virus, but it always comes in the form of an attachment in spam that I never would have opened anyway. I've complained before how must antivirus software companies are guilty of overhyping new virus outbreaks as they try to sell more software, but this article takes things a step further. It points out that the antivirus software makers really form a large "protection racket". They're still trying to stop viruses the same way they did a decade ago when viruses were passed around on floppy disks, and the virus company could respond in time. Now, however, with outbreaks that occur extraordinarily quickly over the internet, the old model doesn't work. In fact, the old model now depends on actual customers of the antivirus companies to inform them when the antivirus software doesn't work. That's how they discover new viruses, and create the systems to protect against it. They're basically waiting for someone who has paid them good money to have their systems wrecked - and to then tell them about it, so they can create a solution that is much too late.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    David, 28 Nov 2002 @ 1:46am

    No Subject Given

    Interesting - I don't use AV software at all. Just don't open attachments and keep up with news of any outbreaks. Occasionally, I'll use Symantec or Panda's online virus checker to scan the computer. But this gets me to thinking, wouldn't a method similar to the way Cloudmark fights spam (every email received is checked against a central online index of spam)? So rather than having something sit on your computer that needs updating every week or so (and is clunky and slow), each email gets checked against an online database of virii that is updated instantly whenever a new virus appears.

    reply to this | link to this | view in chronology ]

    • identicon
      LittleW0lf, 28 Nov 2002 @ 11:51am

      Re: No Subject Given

      But this gets me to thinking, wouldn't a method similar to the way Cloudmark fights spam (every email received is checked against a central online index of spam)? So rather than having something sit on your computer that needs updating every week or so (and is clunky and slow), each email gets checked against an online database of virii that is updated instantly whenever a new virus appears.

      Many companies are doing this...even some major ISPs. However this doesn't protect you from every virus, just the majority of them sent through the mail.

      Where it fails? PGP or SMIME encrypted messages do not get scanned. So you could receive a virus from someone you know who accidently infected themselves and sent you the virus through an encrypted message. I've seen it happen before, very rare but possible.

      reply to this | link to this | view in chronology ]

  • identicon
    LittleW0lf, 28 Nov 2002 @ 11:43am

    AV Industry a Protection Racket...

    In fact, the old model now depends on actual customers of the antivirus companies to inform them when the antivirus software doesn't work.

    Doesn't every modern software company? How are the (anti-)virus companies any different from Microsoft, Oracle, etc. when it comes to actually testing their software for its effectiveness before releasing it on their customers?

    Actually, the AV industry works quite heavily with the virus creators out there too, as they have done since the beginning. After all, that is how McAfee can claim protection of 300,000 viruses, when in fact there have been far less than that which have made it to the wild. Most virus writers don't release their code, but instead send it to the various anti-virus companies as a form of oneupmanship, and the anti-virus companies tend to reward that activity.

    The more viruses McAfee or Symantec can claim they stop, the better they look against their competitors, so the more they fight with each other to get the code the virus writers are sending them. The various companies will try to cut each other out of receiving the code as well. Yet the viruses that normally get released are from those who have not formed this relationship. I've even heard folks on the inside talk about this as if it was some sort of game...the viruses that get released only further their goals as more customers will buy their software after being hit with a virus.

    Viruses do exist out there, and I believe everyone running a vulnerable operating system should have a virus scanner installed, if only to protect them from stupidity (maybe not their own, but from the idiot in the office which may occasionally use their machine while they are at lunch...)

    reply to this | link to this | view in chronology ]

  • identicon
    Agent Orange, 28 Nov 2002 @ 6:41pm

    Antivirus protection racket

    Well, actually most new viruses are discovered through research - seeking them out. A lot of them are sent by authors who wish to do something "clever" and gain some "fame" directly to researchers. Some aren't. Depends on how much time you have to do the research - not on how much time you can spend creating them. Most antivirus folks are very good - but there aren't many of them left. Mostly the AV market became a commodity in the States and that killed off the capabilities of the real AV companies. It is extremely difficult to break into this market from overseas, and most companies lack the ability to do so. Only one ever stood a chance and that was Dr Solomon's. Of ocurse I am not prejudiced in any way there. 8-)

    reply to this | link to this | view in chronology ]

    • identicon
      LittleW0lf, 28 Nov 2002 @ 9:56pm

      Re: Antivirus protection racket

      A lot of them are sent by authors who wish to do something "clever" and gain some "fame" directly to researchers. Some aren't.

      Exactly... Then again, I'd have no idea how this happens (http://members.cox.net/ltlw0lf/.) Luckily, my employer pays for some of my research.

      Mostly the AV market became a commodity in the States and that killed off the capabilities of the real AV companies. It is extremely difficult to break into this market from overseas, and most companies lack the ability to do so.

      It may be a commodity, but there is still a big fight between the few large companies to grab the folks out there looking for a better anti-virus software. I've heard customers debating back and forth about whether they will put on one or another.

      reply to this | link to this | view in chronology ]

  • identicon
    Matthew, 29 Nov 2002 @ 9:52am

    Sounds like you aren't an industry user

    Try to look at it from the perspective of the corporation, university or large govt. entity. The loss of business caused by viruses is real. The potential for damage or data theft by viruses and trojans is real. Don't just read an article and then base your post on some general personal experience - go talk to someone who protects hundreds of thousands of machines. See what they think. You may change your mind.

    reply to this | link to this | view in chronology ]

    • identicon
      LittleW0lf, 30 Nov 2002 @ 11:40pm

      Re: Sounds like you aren't an industry user

      Try to look at it from the perspective of the corporation, university or large govt. entity. The loss of business caused by viruses is real. The potential for damage or data theft by viruses and trojans is real.

      I am a security professional for a government agency with over 15,000 computers. I think I am qualified to call myself an industry user (ok, so I don't protect "hundreds of thousands," but who does?)

      Yes, there is damage, and we persuade our users to *use* virus scanners. Most of our users are good at following the normal rules (don't run executables received from email, don't run warez on your work machines, no spyware, install the latest patches,) but we quite frequently have folks who get infected. However, as Dennis wrote, the virus companies are pushing crappy fixes on their users to test... I see it all the time, as we are usually one of the first to see a virus on the network, and our users often see viruses long before the anti-virus companies do.

      Never rely on one product, virus-scanner or otherwise, to protect you. Always install patches, and consider dropping virus-prone software and switching to software which is less virus-prone (which might involve switching you operating system and application software.) Can everyone do this, no...but if you are concerned about viruses, it is a good way to limit your exposure to them.

      reply to this | link to this | view in chronology ]

  • identicon
    David Connelly, 23 Nov 2004 @ 10:01am

    Antivirus scam customer report back

    I’m not a conspiracy theorist but more just an educated, critical thinking, skeptic. RE: the entire “Virus / Antivirus” song and dance let me be so bold to say (without any objective proof whatsoever) that it is my hypothesis that not only are the Antivirus software makers merely enjoying financial success. Knowing corporate economics as I do (BS Economics) I firmly believe that they are behind the implementation of the viruses themselves. Historical studies will show similar blatant scams by companies in the past. Huge collusion operations going on by supposedly competing companies (ala our current insurance industry).

    All the while our government sits by idly and when the latest virus outbreak hits the net, their reaction and advice to the consumer? “Keep your antivirus software current” as if it’s already a no-brainer given that we have AV software. This stinks of indications that the Gov. themselves are taking part in some way and sitting on the sidelines of deniability until forced to react. Much like the tobacco industry. For decades the evidence was clear that tobacco harmed the consumer. This was never really the problem. The problem lay in that the consumer was lied to about it. And the government could plausibly deny any regulation of the industry based on the “legitimate” studies and conclusions by the tobacco industry that there was no conclusive evidence of such claims. All the while in one form or another the tobacco industry gave mind-blowing kickbacks to our Gov leaders.

    I make this claim about AV companies based solely on the fact that it makes economic sense with relatively little risk. And if anyone out there believes for one second that “Corporate America” has some set of scruples, born in their minds from attending church or watching numerous episodes of The Andy Griffith Show, that would prevent them from crossing such a line then I have a few pieces of the Brooklyn Bridge to sell you. Like it or not, in the Capitalist mindset, the human factor is tossed out. We are expendable, love does not make the world go ‘round and there is no middle ground here. It’s a vicious game, being played by elite experts, geniuses even, in order to part you from your energy (money). A place where the concept of “Caveat Emptor” is alive and well. As in war, ethics and compassion have no place here and those who believe it is, are naïve to the point of being a danger to themselves (and others if they vote).

    D.C.
    Send feedback to Gntlmnwnedge@yahoo.com

    reply to this | link to this | view in chronology ]

  • identicon
    Antivirus, 27 Jan 2010 @ 1:04pm

    I think the antivirus companies are more noble than you seem to believe. They of course benefit from the constant influx of viruses and malware, but it is in their best interest to use new and better techniques for detecting and removing these threats. What do they have to gain by selling an inferior product?

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.