College Classes On Malware Writing Still Piss Off Anti-Virus Firms

from the security-through-obscurity dept

Over five years ago, we wrote about a college that was starting to offer a new computer science class in writing computer viruses. And, of course, various anti-virus companies went ballistic, claiming how dangerous it was. Yet, as we pointed out at the time, anti-virus companies don't have the greatest track record in actually stopping viruses -- so it seemed only reasonable to teach people to better "think like the enemy." Anyway, it appears not much has changed. Theodp writes in to let us know about an article in Newsweek about a very similar course being taught at Sonoma State University by George Ledin, where students are tasked with creating their own malware.

Once again, various security companies are condemning the technique, even sinking so low as to compare Ledin to A.Q. Khan, the Pakistani scientist who sold nuclear technology to North Korea. They even insist they won't hire his students -- which seems particularly short-sighted. As Ledin points out, it appears that this is really more about the security companies wanting to keep the world more scared than they need to be of malware, so as to pretend that they're the only ones who can solve the "problem" -- when the truth is they're not very effective at it. He complains that anti-virus firms keep their code secret (thank you, DMCA). He points out that if they were willing to open it up, and let lots of folks work on improving it, it would get much, much better. All he's trying to do is help more people understand the enemy without first having to work at one of those companies that's been so ineffective in stopping malware -- in the hopes that maybe some of his students can actually come up with a better soltuion.

Filed Under: education, george ledin, malware, teaching, viruses

More Patent Battles Making Your Computer Less Secure

from the ain't-patents-great? dept

Last year, we pointed to some patent battles among security software companies, noting how the end result would undoubtedly be less secure computers. As these security firms argued over who thought up an idea "first" and who owed who what amounts of money, you can rest assured that those exploiting the security holes couldn't care any less about who came up with what exploit first. In the constant battle between security firms and malicious hackers, distracting the security firms and having resources devoted to arguing over patents (and paying each other royalties) seems designed to just make it that much easier for malicious hackers to stay that much further ahead, while making it more and more difficult for any security firm to actually provide anything close to comprehensive security. And, it's only going to get worse. Slashdot points us to an article about Microsoft's rather broad patent on proactive virus protection, despite the fact that others had proactive virus protection products on the market well before Microsoft filed for the patent. While Microsoft isn't yet doing anything with the patent, the fact that it got it now means that others have to be extra careful in tiptoeing around proactive virus protection -- and that's only going to make virus makers happy.

Filed Under: computer security, patents, viruses
Companies: microsoft

Japanese Officials Use Copyright Law To Arrest Computer Virus Writer

from the misuses-of-copyright dept

Over in Japan, a 24-year-old grad student was arrested this week for writing a computer virus. There's just one problem. There's apparently no law in Japan against writing viruses. So, instead, officials had to twist copyright law to use it to arrest the guy. That was possible because the virus itself used popular animation clips as a means of getting people to click on it. Those animation clips violated copyrights. Now, it's nice to see officials cracking down on virus writers, but it's a shame for them to twist copyright law for that purpose. If the problem is that the law doesn't make virus writing illegal, then change the law. Using copyright law for other purposes starts you down a pretty slippery slope. Yes, it's true that the guy was also violating copyrights, but it seems pretty clear from the report that the reason officials went after him was because of the virus. Update: It turns out this story is even more bizarre. TorrentFreak reports that three people were arrested, and the virus itself threatened to kill people for using file sharing systems.

Filed Under: copyright, japan, viruses

Latest Antivirus Error: McAfee Blocks A Bunch Of Popular Sites As Risky

from the sorry-about-that dept

A little over a week after Kaspersky's anti-virus software declared Windows Explorer was a virus, it appears that McAfee has had its own mistake, as an anti-virus update from the company started warning people to stay away from a bunch of popular sites, including ESPN, Friendster and Ars Technica. McAfee later admitted that it was a mistake on its end, but it seems that we're seeing these kinds of false positives on a fairly frequent basis these days. It's yet another sign that things need to change in how security software works -- but instead of real advances, it still seems like firms are bogged down with things like pointless patent battles.

Filed Under: security, viruses, websites
Companies: mcafee

Kaspersky Decides Windows Explorer Is A Virus

from the not-everyone-would-disagree dept

You can already hear the Apple and Linux fans snickering about this one, but security software firm Kaspersky accidentally classified Windows Explorer as a virus to be quarantined earlier this week. Explorer.exe, of course, is pretty crucial for doing just about anything in Windows, so it probably didn't go over so well with the folks impacted by it. Amusingly, as the article notes, Kaspersky made fun of Microsoft earlier this year when Microsoft's own anti-virus offering quarantined or deleted Microsoft Outlook files. And, of course, last year we also had a story about how Kaspersky's software flagged Microsoft's own anti-virus software as a virus as well. In other words... these anti-virus programs still have some kinks to work out.

Filed Under: quarantine, security, viruses, windows explorer
Companies: kaspersky, microsoft