Nearly Handheld Anti-virus Protection

from the yawn-but-I-guess-it’s-sort-of-important dept

Mcafee will soon start shipping its own version of a handheld virus protection program(so they say), amusingly enough it isn’t even really for handhelds it’s for the node connection points between a computer (or network) and a handheld. Call me when we get real handheld anti-virus programs, Ha!
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Ed II, 22 Aug 2000 @ 4:03pm

    Stupid

    AFAIK, there are no known viruses that propagate through handhelds, so this is pretty stupid. In fact, it seems to me that virus "protection" programs, in general, are completely worthless and a scam propagated on clueless corporate IT departments. Any time there's a major virus outbreak, McAfee/etc. always have to revise their scanners, and it will always be this way, with the scanners lagging the outbreak. Back in the days when data was exchanged via floppies, it was possible to stay ahead, but not any more.

    link to this | view in thread ]

  2. identicon
    wonko, 22 Aug 2000 @ 10:35pm

    Re: Stupid

    Perhaps I'm a little biased, because I work for McAfee.com, but you're not entirely right. One of the most recent virus outbreaks was the Life Stages virus. When Life Stages broke out, it had already been included in McAfee's antivirus DAT files for several weeks. The only reason it ran rampant was because people had neglected to update their DATs.

    Granted, virus companies (McAfee included) always jump at any chance to get mentioned in the press...it's good publicity! So of course, whenever there's a big outbreak, McAfee and Norton and all the others immediately send out press releases and release special emergency DAT upgrades. These 'extra DATs' as we call them at McAfee are released whether or not our current DATs already have the virus's signature. This is because when people grab the extra DAT, they come to our website, and while they're on our website in a paranoid mood they're very likely to buy other software.

    The fact is, most viruses are reported to AVERT Labs (NAI's virus research laboratory) long before they actually make it into the wild. This gives AVERT time to create a virus signature and toss it over to the McAfee guys who silently throw all the new signatures into the weekly DAT releases. If you're running VirusScan with the latest DATs, chances are you're nearly invincible. Even better, if you're running ActiveShield from McAfee.com, you'll always be using the latest DATs because it automatically upgrades itself.

    Here's another secret for you, though: All antivirus programs suck. Some just suck less than others. McAfee's VirusScan engine sucks less than the competition. That's the only reason anyone should use it. The last actual good virus scanner on the market was F-Prot, and I don't know what's happened to them.

    link to this | view in thread ]

  3. identicon
    wonko, 22 Aug 2000 @ 10:50pm

    Why a 'real' handheld antivirus program will never

    McAfee's PDA virus protection works on the principle that in order for a virus to infect your PDA, it must first go through a desktop machine. This is true. So McAfee's PDA virus protection software sits on your desktop machine and scans the connection between your desktop and your PDA. This is currently the most effective and reliable way to provide PDA virus protection.

    So...why can't we have a virus protection program that actually runs on the PDA? Because virus protection programs require huge DAT files full of known virus signatures in order to be effective. These DAT files are way too huge to fit in the meager 4 or 8 megs of RAM on your PDA. Thus, a PDA-based virus scanner would be completely ineffective. Without DAT files, virus scanners are worthless.

    link to this | view in thread ]

  4. identicon
    Ryan, 23 Aug 2000 @ 4:08am

    Really?

    Hi Other Ryan (AKA Wonko)

    I tend to agree that most virus progams tend to suck and are pretty big but I was wondering if you guys are doing any research into modeling anti-virus programs on the human immune system?

    I read about a while ago but seems to have disappeared since then, I have a feeling that these programs would be less huge than current antivirus programs (maybe even small enough for PDA's) and of course much more flexible (just in case people start making viruses for handhelds).

    link to this | view in thread ]

  5. identicon
    wonko, 23 Aug 2000 @ 11:38am

    Re: Really?

    If we were working on that, I couldn't tell you....but as far as I know we're not working on anything like that. :)

    Then again, I work for McAfee.com, which is a separate company from NAI. NAI owns the McAfee brand, although NAI does not own McAfee.com (despite the fact that, for some odd reason, my paychecks come from NAI). It's all terribly confusing. Anyway, if you go to McAfee.com you'll see the stuff I work on...it's basically web-based versions of all the NAI apps. We take their code, modify it to work as an online app, and sell it to customers on a yearly subscription basis. So all I do really is web work...the actual R&D and VirusScan engine hacking goes on in NAI's offices in Santa Clara.

    The only problem I can see with a virus program that works like the human immune system is that when the immune system encounters a new virus, you've already been infected by the time antibodies are produced. So let's say you're running McAfee ImmunoProt 5.0, and someone emails you a VBScript virus. Since McAfee ImmunoProt doesn't use DAT files, it can't just scan everything looking for malicious code...it has to sit there and wait for malicious code to actually do something malicious. Then, once bad stuff starts happening, ImmunoProt says "Aha! I bet this is a virus!" and halts the code execution. But then you're stuck. Once again, since there are no DAT files with virus signatures or information, ImmunoProt doesn't know how to clean the virus from the infected files. Your only option is to delete anything that's been infected. No fun.

    I'll have to think about this some more. There are various ways to write a virus scanner without using DAT files (anyone remember Microsoft's old DOS-based scanner?), but none of them are as good (yet) as DAT-based scanning. It sure would be nice not to have to keep downloading a huge update every week!

    link to this | view in thread ]

  6. identicon
    Ryan, 23 Aug 2000 @ 12:49pm

    hmm...

    It sounds like your giving this immuno model based program some thought, good stuff! I wonder whether a VC would fund a company like that?

    link to this | view in thread ]

  7. icon
    Mike (profile), 23 Aug 2000 @ 12:58pm

    Re: hmm...

    *cough* If someone funds an idea that comes out of here, think of giving me some equity for "facilitating" the discussion. :) Maybe that could be a business model for Techdirt since everyone keeps insisting I need one (for the record: Techdirt is not trying to make money. It's just for fun. Why doesn't anyone understand that?).

    link to this | view in thread ]

  8. identicon
    Ryan, 23 Aug 2000 @ 1:52pm

    Re: hmm...

    Sounds good to me ;)

    link to this | view in thread ]

  9. identicon
    Nick, 18 Feb 2010 @ 12:31pm

    I don't think there is a real need for these programs yet, even 10 years later. The antivirus companies do put them out, but it is more to keep the files from being stolen if the device is nabbed than anything else. Maybe we shoul revisit this in ten more years?

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.