Will Patent Battles Make Your Computer Less Secure?
from the hurray-for-patents dept
Just as a new study is coming out suggesting that anti-virus software is getting worse at actually protecting your computer comes some other news that there's a brewing patent battle in the anti-virus world, with one firm, Trend Micro, going after a bunch of other companies for daring to use similar techniques in trying to protect computer equipment. If ever there were a perfect example of patents being used to hold back progress, this would be it. Computer security is incredibly important -- but it's a rapidly changing field, as both the "good guys" and the "bad guys" need to be constantly adjusting. Preventing firms from being able to use one method (and to improve on it, change it, build on it, etc.) simply gives the malware writers a huge leg up. They have no such qualms about building off of others' work, and this will simply lead to malware getting further and further ahead of security software, as security companies are held up in their ability to continue to adapt.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: computer security, patents, security
Companies: trend micro
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Great Idea Drew
[ link to this | view in chronology ]
AV software is unimportant to security
AV software companies exist almost entirely because of the pathetic weakness of Microsoft products. (For example, to a very good first approximation, there is no such thing as an email virus; they are only Outlook viruses, and that is because despite its enormous financial and human resources, Microsoft has completely, utterly failed to write even a modestly-secure email client.)
I don't use AV -- I don't have to, because I take the far superior approach of not using operating systems and applications that are vulnerable to malware written by children. So if the parasites at the AV companies want to hobble each others' efforts by engaging in a foolish patent war, so be it. This will have no impact whatsoever on the security measures used by qualified professionals.
[ link to this | view in chronology ]
Re: AV software is unimportant to security
[ link to this | view in chronology ]
Re: Re: AV software is unimportant to security
I think there are more hackers than crackers so we'll be pretty to tough to beat if crackers want to start manufacturing computer viruses for the Linux OS.
[ link to this | view in chronology ]
Re: AV software is unimportant
Of course, this has already happened and the results have not turned out to be what you've predicted. Moreover, as all competent security people know, there is no correlation between popularity and susceptibility.
If there are "rose-colored glasses" being worn, then they're perched on the noses of those who rely on AV technology -- which is guaranteed to fail when it will be needed most. For an excellent article which touches on this point, find Marcus Ranum's "The Six Dumbest Ideas in Computer Security", and read thoroughly.
[ link to this | view in chronology ]
Re: AV software is unimportant to security
I've forgotten none of them, actually. I simply recognize that (and this is one reason why I referenced Ranum's excellent article) defenses which rely on frequent signatures updates (or their equivalent) are inherently flawed. AV products aren't the only things that fall into this category, they're just one of the more prevalent.
Real security does not come from band-aids like AV. Real security comes from OS and application software that is written to be secure, which is subjected to peer review, which is thoroughly audited for weaknesses, and which utilizes concepts such as default-deny, least-privilege, etc. Now, granted, sometimes it happens that even though all those things are done, there's still a problem. We are, after all, still learning. But it should be obvious to everyone who's watched the last 20-30 years of computer security unfold that this approach actually has a fighting chance of working, whereas use of band-aids (like AV) is a path to certain failure.
Ranum's article, by the way, is here.
[ link to this | view in chronology ]
Re: Re: AV software is unimportant to security
[ link to this | view in chronology ]
Re: Re: Re: AV software is unimportant to security
That doesn't work anymore. Used to be if you stayed away from porn and warez sites, you were safe. The bad guys have responded with...
- compromising trusted domains, like the official websites of the Superbowl teams almost a year ago
- compromising the adservers that serve ads to a lot of mainstream trusted domains
- cache-poisoning (Microsoft Windows based) DNS servers, so that *EVEN IF YOU PROPERLY TYPE IN THE NAME OF A "SAFE" SITE*, you still end up being re-directed to an evil site.
[ link to this | view in chronology ]
Re: AV software is unimportant to security
You've got to be kiddding, Matt. There's plenty of malware that relies on propagation vectors other than HTTP to gain entry to systems. A pointed example would be the Slammer (aka Sapphire) MSSQL-exploiting worm. Internet != web.
Moreover, "educating the user", as Ranum points out in the article that I've now repeatedly referenced, is clearly a total failure and should be abandoned as a strategy. As he says, "if it was going to work, it would have worked by now". It doesn't. It won't.
[ link to this | view in chronology ]
Re: Re: AV software is unimportant to security by
As for non-Microsoft platforms, they do have vulnerabilities to hacking, but not viruses. Viruses are a Microsoft feature. Linux does not need AV software, but does need the firewall and other built-in security features.
[ link to this | view in chronology ]
Popularity does indirectly correlate to susceptibi
We also know that as the popularity of an OS increases so does the amount of malware that targets it.
Much of the reason many OSs are considered ‘safe’ is that no one bothers to investigate / create attack methods for them.
If these ‘secure’ OSs had the same market share (== probability of finding a target fro your malware) as Windows then they would have many more security vulnerabilities exposed.
Why spend time creating malware that attacks
[ link to this | view in chronology ]
Popularity does indirectly correlate to susceptibi
We also know that as the popularity of an OS increases so does the amount of malware that targets it.
Much of the reason many OSs are considered ‘safe’ is that no one bothers to investigate / create attack methods for them.
If these ‘secure’ OSs had the same market share (== probability of finding a target fro your malware) as Windows then they would have many more security vulnerabilities exposed.
Why spend time creating malware that attacks
[ link to this | view in chronology ]