Feeds

Symantec under attack over security patents

Latest virus update debate

  • alert
  • submit to reddit

High performance access to file storage

Symantec has stirred up a controversy in the anti-virus community by filing two patents which cover its method for updating anti-virus software and definitions incrementally.

The patents, filed last year but only publicised this week, concern technology which allows users to download only those incremental virus definitions that are new since their last update, thereby saving time and resources.

Symantec said the patents refer to its "micro-definition architecture" system which is integrated into Norton AntiVirus 2001, Norton AntiVirus 2000 and Norton AntiVirus 5.0, as well as Symantec's corporate anti-virus products. Microdefinitions enable LiveUpdate, Symantec's schedulable and automatic update mechanism, to run up to four times faster.

This makes a lot of sense and indeed technology that works in a similar way is included is technology form McAfee and Trend, to name but two other anti-virus vendors.

It's also worth noting that the ability to download files that allow incremental patching of existing running software has been available for many years on Unix and Linux systems - and what Symantec is doing seems only to be "fine-tweaking" this.

In a statement, Symantec said the patents could also be applied to technology involved in the "update general computer readable files, which may include data files, program files, database files, graphics files, or audio files".

Dan Schrader, former chief security analyst at Trend Micro, said the patents are very broadly drawn and he suggested they had been filled in continuance of legal battle between Symantec and McAfee that has been dragging on for almost ten years.

"These are broad sweeping claims but its possible the patents would affect the incremental updates that are used by other vendors," said Shrader. "Patents are normally very broad and through litigation they are whittled down, really this just a continuation of the bad blood between McAfee and Symantec."

Graham Cluley, senior technology consultant at Sophos, said: "I don't believe this will hold water - you can do incremental updates in various ways. The patents don't come to much."

Symantec admits that software updating is old hat but claims that it is patenting technology which takes a different approach to the problem.

For anybody interested in taking a closer look at the patents look up US patent US6052531 for multi-tiered incremental software updating technology and patent US6167407 for backtracked incremental updating. ®

External Links

Symantec's press release on the patents
Symantec's patent

Related stories

Anti-virus becoming less important than content control
Encryption vs anti-virus
Users haven't learned any lessons from the Love Bug
Search engine veteran poo-poos AltaVista patent claims

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.