Op-Ed: Anti-virus software ‘losing’ against malware — or is it?

The theory is now that malware is being produced at such a rate that antivirus software simply can’t keep up. The numbers look nice, but the actual story doesn’t look anything like so straightforward.
According to German lab AV-TEST:
Today we're seeing about 55,000 new unique malware samples per day,” says Andreas Marx, chief executive officer of German security test lab AV-TEST, an organisation that assesses the effectiveness of dozens of anti-virus product against its database of threats. That's 2292 new pieces of malware per hour, 38 per minute or more than one new virus every two seconds, says Marx, making it impractical for anti-virus vendors to issue new malware signature updates. Today the total malware count is just shy of 80 million, according to AV-TEST

 The funding for all this brilliance, of course, comes from organized crime, and, naturally, in many cases malware is derived or directly stolen from the world’s ever-useful government cyber espionage leftovers, a sort of second hand sponsorship initiative from the duly elected and unelected idiots who never get anything right. Some skeptics, however, don’t entirely buy the story and think it’s much oversimplified. They also suspect it’s another scare campaign to get people to buy more security a “demand creation” effort by marketers. Trust is in short supply in this environment, and with good reason. A few interesting points in this murky, not to say often thunderously dishonest situation: 1. The new malware includes some “clever” self re-encryption to make malware unrecognizable and other party tricks which are essentially “respelling the dirty words” known to antivirus software. This is number crunching stuff, automated shuffling, really. Some combinations might be unrecognizable, others not.

Generate enough combinations, and see what works, and you get a natural boom in the amount of malware being created. For Dummies, yes. 2. “Hackers” usually aren’t actual program writers. They’re “entrepreneurs”. They buy the malware. 3. Real code writers can construct virus traps to fool malware into thinking it’s invading a system. This is like the “quarantine” on your AV software, but trickier, and usually not known to the malware makers. 4. Some AV software is spectacularly unimpressive. I had a Norton version some years ago. I got hit by 8 Trojans, and Norton didn’t spot it. My free Spyware Doctor AV, however, caught all of them, and I even recognized a few of them. I don’t know if the Norton was playing background or not, but I definitely didn’t and don’t think I got much value out of it. 5. You don’t actually need any kind of software to hack into a website. It’s quite easy, if you know how. Obviously, I’m not about to explain how, but I’ve seen it done and I know it works. It’s very quick and very efficient. 6. The FBI and other agencies are missing one point very badly. Anonymous and other activists aren’t the problem and never have been. They don’t destroy sites or companies. Others do. The focus needs to be on the threats that don’t announce themselves, not the ones that do. 7. The public, those forever-paying-for-whatever-slop-people-are-prepared- to- sell-them fools, have absolutely no way of hitting back at malware. If there was any risk to malware users, the threat would be greatly diminished. If you could simply fire a virus back where it came from, reconfigured, it’d cause more trouble than it would be worth to send. It’s doable. 8. If you could use viruses to generate vectors to locate their sources, it’d be another avenue of counterattack against malware. No sign of much inspiration or leadership in these areas, which is more of a threat than the malware. So, we see a pattern which is becoming tediously familiar in all major social and public interest issues, and malware does now qualify as a social issue, as well as a law enforcement issue:  
There’s a problem. 
There’s multiple ways of fixing the problem. 

Nobody does a damn thing, but much bleating about How Bad It Is continues interminably. 
A question or so- Is anyone doing any actual thinking about this?
Or is it another global industry in the making, another “insoluble” problem which is insoluble because people make a fortune out of not solving it?

A billion years ago, when men were men, women were women, and people believed anyone had any idea what they were doing or why they were doing it, these questions wouldn’t have been asked. Now, they’re the inevitable first questions. So what are the answers? Malware isn’t invincible. Never has been, never will be. Rip out some of its code, and it’s crippled. It has to access certain points. Its moves are ultimately predictable. And it’s winning? This is like Gomer Pyle in a coma beating Deep Blue at chess. It’s not credible. It’s also not excusable.

 Suggestion for good coders- Your competition in anti-malware is complacent, over-analytically pompous and fond of complex, layered garbage costing billions to achieve very little. Come up with some cheap, simple code and drive them nuts, (and preferably back to selling used cars) while giving the world back the most fantastic communications medium in history. …And somebody try and teach lawmakers and politicians the LEGO version of global malware issues and the fact that it’s costing their masters billions, too. Should produce a good comedy routine, if nothing else.


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.