Feeds

Anti-virus evals waste precious resources

Like the paper they're printed on, for example

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Opinion

In 1991, essayist Paul Fussell wrote, "The current United States can be defined as an immense accumulation of not terribly acute or attentive people obliged to operate a uniquely complex technology, which, all other things being equal, always wins."

This was BAD, Fussell said. And it was not just an ordinary "bad," like a dead skunk crushed on the highway or the flu, but BAD in capital letters because it is always portrayed as something worthwhile or grand, even when it is quite often not even close to such states.

For something to qualify as BAD requires that one swallow the sham (or at least keep silent about it) that a deplorable or annoying state of affairs, product, or thing is acceptable or, worse, even very good.

Everything that touches computer viruses becomes BAD.

Take, for example, the June issue of Consumer Reports magazine. Devoted to good unbiased product reviews of cars, daily sundries, home appliances and consumer electronics, it tackled anti-virus software. Right off, CR stumbled into computer virus BADness it did not completely understand.

Readers of CR are accustomed to product variety in its reviews. They accept legitimately that there is some level of competition among auto-makers, sellers of diet-programs, or vendors of DVD players and, therefore, that there is some opportunity for choice.

However, Consumer Reports insists there is not much choice in anti-virus software in the U.S. consumer market.

To achieve an acceptable reader comfort level requires brand names that are recognizable to the average homeowner -- perhaps something that can soothingly be observed taking up shelf space in a chain store. In the case of Consumer Reports, the magazine wrote that it tested four products which were "widely available" -- Norton, McAfee, PC-Cillin and Vexira. (Norton and McAfee predictably wound up the winners, their boxes on display.)

However, even within the narrowed confines of the anti-virus market, this was slim pickings. "Widely available," as a qualifier, simply has no meaning in this area, particularly when one is asking readers to subscribe to the idea of regularly "updating" a technology through the Internet. On the Web every product in anti-virus land is just one step away.

But with only a few very minor and obscure exceptions, it has nearly always been this way when anti-virus software is recommended in mainstream publications in America. A rather short list is produced with the only editorially sound product choice being "the Nortafee anti-virus." Realistically, no time need be wasted in making the decision.

Sermons and Factoids

Elaborate testing has always been a moot point because of this long-standing condition in the American marketplace. The results of rigorous comparative scanning of vast and carefully categorized virus libraries by every product no matter how obscure one personally thinks them to be has never held much currency at the American consumer and corporate levels.

For anti-virus software testing not to be BAD requires an honest admission to readers that this is the way things have always been and that there is little or no choice in product if purchasing decisions are based on what is read in mainstream publications.

This becomes even more painfully obvious when applied to corporate USA, given the current average level of savvy and thinking on the subject. Much better would be to realize, perhaps cynically, that product testing is simply a waste of time.

Equally BAD is the baggage that generally accompanies published consumer recommendations. You know them. There is the slogan that anti-virus software is essential to every good citizen connected to the Net. There's the statement to the effect that the tens of thousands of viruses stocked in anti-virus labs somehow demonstrates a grave problems everywhere. And last, always the admonition to remember to update like a good little boy or girl.

All are examples of mincing talk on the virus subject that numbingly repeats the same obvious and often stupid pieties over and over. The style and content presumes that all who use computers are one of two types: Those who must be gently or optimistically coddled with bits of "Holy Cow!" information and then scolded into protecting themselves from the virus menace, or those who suffer from a strange variation on Alzheimer's disease in which they can remember nothing about computing technology past the time it takes to read about it on the printed page.

For the published debate not to be BAD would require frequent and vexing blunt talk (not restricted to a few token specialty publications) about how anti-virus technology and the updating limitation, by definition, guarantees that there will always be computer virus surprises in the mail.

Escaping the BADness mandates, too, a recognition that the "immense accumulation" of Paul Fussell's inattentive Americans who choose to operate technology will continue to receive unexpected thrashings by way of virus from it.

It calls for the wisdom to realize that as an entrenched state of affairs, this cannot be remedied by testing, better product feature integration, updating, hectoring, advice columns, government fiat, study groups, newsletters, warning lists, consortia, more software, professors of computer science, or me or you. It's delusional to be in denial about it.

© 2002 SecurityFocus.com, all rights reserved.

Remote control for virtualized desktops

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Meet OneRNG: a fully-open entropy generator for a paranoid age
Kiwis to seek random investors for crowd-funded randomiser
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.