The Register® — Biting the hand that feeds IT

Feeds

Commtouch gulps down Icelandic anti-virus pioneer FRISK

The fresh minty taste of white-label security solutions

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

FRISK, one of the early pioneers in anti-virus technology, has been acquired by Commtouch. Terms of the deal, announced Wednesday, were undisclosed.

Icelandic-based FRISK developed the first versions of its flagship F-Prot anti-virus software in 1989, and claims it was the first firm to develop heuristic (generic) detection of malware, a key technology that appears in all modern security scanner software. These days FRISK sells to the OEM, corporate, and consumer markets.

Commtouch develops cloud-based products for security companies and service providers. "The acquisition allows Commtouch to utilise FRISK's staff and IP to dramatically accelerate its launch of white label antivirus solutions for the OEM market," a statement by Commtouch explains. "It will also enable Commtouch to provide more services and applications, as well as enhance the company's SaaS [Security as a Service] capabilities."

FRISK's founder, Friðrik Skúlason, will join Commtouch as vice president of anti-virus technologies. ®

Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider

Live virus samples?

"On sending early live virus samples discovered where I worked, I had to learn how to use asymmetric cryptography so no-one else could become infected along the transmission route..

On systems where OPEN does not equal RUN such steps would be unnecessary and AV software has been known to be ineffective for a long time, even of the 'heuristic` kind. link link

1
0

@dgharmon: Re: Live virus samples?

Thanks for the links, but computing security has to work with the systems we've got while attempting to develop the ones we'd like. As these links state, the fact is that too often OPEN can lead to RUN through buffer overflow vulnerabilities. Regardless of the state of systems imperfection - there's also the issue that some nosy fool won't be able to try running something copied out of a buffer somewhere if encrypted, and I'd rather be part of the solution than part of the problem. I may also consider antivirus a weak part of a larger solution . But my server systems built based on a cryptographically-assured software supply chain also happen to transmit wanted stuff through email list hosting sent between people I have no control over, so I'd rather my email list management program is less likely to replicate their viruses as a normal part of its email replication function. So I scan for email viruses regardless of the fact my system is very unlikely to execute them.

If one of my email users sends a virus to many others, my other likely to be infected email users won't readily comprehend the distinction which you and I may understand between:

a. a system which replicates viruses because it's infected by them and

b. one which replicates viruses because it doesn't know the viruses are unwanted communications content when it's designed to replicate wanted messages.

So even though I choose neither to run virus-prone software or untrusted executables myself, I still have to scan for the digital diseases of those who use less secured approaches compared to mine.

Then there's the risk of an email being redirected or misaddressed. So I'd rather send a malware sample encrypted against the published public key of an antivirus company - and nowadays other email admins are likely to prevent the unencrypted virus sample getting through using the technique I've applied. But for a year or so in the very early nineties, I still hadn't yet fully realised that scanning for bad software would so rapidly become so ineffective as a total security approach. It's a small layer in my security for reasons explained above. And I'd prefer it to be less important than it is. But I have to deal with systems which exist as well as those I can influence and control.

0
0

To follow their instructions

On sending early live virus samples discovered where I worked, I had to learn how to use asymmetric cryptography so no-one else could become infected along the transmission route. A skill well worth learning, so it turned out. Even then in the early nineties there were 2 kinds of virus, the kind the scanners could detect and those they couldn't. But the latter sort of virus were relatively easy to prove what they were using a hex editor.

0
0

More from The Register

Thanks, NSA: Amazon sales of Orwell's 1984 rise 9,500%
Citizens of Oceania bone up on the new reality
 breaking news
BBC lied to Parliament about doomed £100m IT monster, thunder MPs
Axed DMI ballooned and burst while watchdogs sang Kumbaya
Microsoft to open Windows Stores inside 600 Best Buy locations
Product showcases 'must be seen to be believed'
 breaking news
Author Iain (M) Banks falls to cancer at 59
Misses the release of his final work
 breaking news
What did the Lehman Brothers implosion look like to a techie?
Insider tells all about the Gnab Gib at Lehmans
It's official: 'tweet' an English word – not just in the avian sense
If the Oxford English Dictionary says it is so, then it is so
 breaking news
The only Waze is Google: Ad giant tipped to gobble map app 'for $1.3bn'
Pac-Man-satnav-ish upstart in bidding war with Apple, Facebook
 breaking news
1-in-10 e-tomes 'are self-published'... most are 'rubbish' says book ed
Publishing man scoffs at go-it-alone writers, ursines still fouling in forests
 breaking news