Sign up to our newsletter
The latest security news direct to your inbox
I don’t really want to leave ESET, but IBM needs me.
Several years ago Microsoft had a serious problem with viruses in its software. I was given the task of making it go away.
It started with retail software. My job was to make sure none of the retail software Microsoft released was infected. Then came OEM, and Select, and TechNet, MSDN, Marketing and Product Support Services. As each group made a mistake, they were mandated to send all of their software through my labs at Microsoft to ensure what they wanted to release was free of viruses. Vulnerabilities and bugs were not my department, just viruses.
What were my qualifications for the job? Well, I was interested in antivirus, and have a brain. I’m not sure how much the brain helped, but to me the process was a no-brainer.
So, why does IBM need me? At a major security event in Australia called AusCert, IBM distributed free USB drives with…. drum roll please… you guessed it… a virus on them.
This isn’t egg on the face… this is the whole chicken on their face
IBM really could learn a lot from Microsoft. To start with, there are the processes I designed that keep Microsoft from releasing infected software. Yeah, one got by me in seven years, but it was buried so deep inside a compiled help file that nobody ever got infected without taking extreme measures to make sure they did. The next thing IBM can learn is how to level with the public. For instance, IBM still won’t even say what the malware is.
I spoke at AusCert, but I didn’t need a USB drive, so I didn’t get one from IBM.
The sad thing about this is that there are really only two ways that a company ships a product with a virus on it… either they meant to or they didn’t know what they were shipping. End of story. Did IBM mean to? Of course not. That leaves “We don’t actually know what is on our marketing material.”
This isn’t the first time IBM has had such an issue. Back in 2002 IBM had a USB drive that had a rare boot sector virus on it.
Those who actually disabled autorun, as I have been advocating for years, were not infected. In fact, according to IBM most antivirus products detect the malware. I guess that means IBM did not do due diligence… OK, I know that means IBM didn’t do due diligence. If I was the drive manufacturer I could have put child porn, Nazi hate propaganda, or anything else on the drive. IBM had no clue what they were giving away.
Sigh… I don’t want to leave ESET, but if IBM calls me to help fix their problem, I guess I would have to go. Somebody needs to protect IBM’s customers, and since they sold their antivirus product to Symantec a few years back, it looks like they need some in-house expertise back
Director of Technical Education
Author ESET Research, ESET