Comments on: Fake Anti-Malware: Blurring the Boundaries http://www.welivesecurity.com/2009/10/24/fake-anti-malware-blurring-the-boundaries/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: David Harley http://www.welivesecurity.com/2009/10/24/fake-anti-malware-blurring-the-boundaries/#comment-1923 Thu, 29 Oct 2009 15:13:58 +0000 http://www.eset.com/threat-center/blog/?p=1931#comment-1923 Hi, Rob.

A FAS sidenote: as it happens, I did once carry an antivirus floppy around: I somehow got into this industry via a circuitous route involving systems administration, informatics and user support.

We’ve been in agreement over many issues over the years, even if we haven’t discussed them… And virus hysteria (maybe we should start calling it malware hysteria now) is generally one of them. So it doesn’t surprise me that we’re generally in agreement here.

As to your point about the the “get some AV” battlecry is concerned… I think for most people, it’s easier and safer to use AV, even if it’s only an extra layer of protection. In fact, it -has- to be an extra layer: AV is not usually a sufficient defence in itself, and hasn’t been for many years. You -can- use other protective strategies to the point where the returns from using AV are vanishingly small: however, most people don’t, so I’m not about to say that AV is unnecessary, even if someone offers me a job as a tennis pro. (Unlikely scenario…)

Anyone else reading this thread: back in the dark ages, Rob wrote a paper (http://vmyths.com/mm/fas/fas.pdf) on False Authority Syndrome, which I’ve cited many times here and elsewhere, and will again: some of the detail may have dated, but the principles haven’t changed a bit. If you haven’t read it – and I recommend that you do – it may make the FAS reference above a bit less obscure. :)

]]>
By: Rob Rosenberger http://www.welivesecurity.com/2009/10/24/fake-anti-malware-blurring-the-boundaries/#comment-1922 Thu, 29 Oct 2009 00:50:52 +0000 http://www.eset.com/threat-center/blog/?p=1931#comment-1922 David, I agree with your assessment of me! I hope that doesn’t sound odd. Great column.

First let’s get the obvious out of the way. I made my name by fighting virus hysteria, thus my perception has always been colored by this notion. And although I can appreciate a free antivirus, I feel VERY strongly that AV vendors should get paid a day’s wage. No arguments there, my friend!

Specifically, I want to make it clear that I agree with you: “a similarity in pricing and addiction to signature updates” didn’t in itself create “the success of fake AV syndrome.”

I try to make a distinction between the “antivirus industry” versus the entire “computer security industrial complex,” which includes all those employees who review, buy, and deploy products for their firms. These are the people who may have been anointed as a “virus expert” because they once carried around a floppy disk with antivirus software on it.

We agree the antivirus industry created a lot of hysteria — but more to the point, I think we agree it was the overwhelming “industrial complex” that regurgitated & amplified the hysteria. So “when it comes to fake-AV scams,” I said in my column, “the computer security industrial complex isn’t part of the solution, it’s actually part of the problem.” I don’t mean to single out the AV vendors here.

We agree, too, that the victims’ confusion “derives from the ways that fake AV products try to blur the boundaries between fake and real.” It’s a time-honored trick used by scammers & false prophets. Enough said.

However, I don’t know if you agree with me when I say “the battle cry ‘get yourself some antivirus software’ has become so mantra, that all of society sternly refuses to question its validity.” So please let me clarify my statement. Yes yes yes, AV vendors shout it for marketing reasons — but the overwhelming “industrial complex” has turned this battle cry into a mantra that cannot be questioned. (Lest you be deemed a heretic.) I don’t single out the AV vendors here, either.

So again, I agree with your assessment of me and I hope I’ve shown why it shouldn’t strike you as odd. My very best to you!

Rob

]]>