Author
David Harley
David Harley
Senior Research Fellow

Education? Academic background in modern languages, social sciences, and computer science.

Highlights of your career? I was a late starter (1986) as an IT professional, beginning at the Royal Free Hospital, then with the Human Genome Project (1989), then at Imperial Cancer Research Fund (1991-2001), where I wrote/co-wrote/edited a number of Internet FAQs and my first articles on programming and security. I presented my first conference papers in 1997 (at Virus Bulletin and SANS). In 2001 Osborne published Viruses Revealed (co-written with Robert Slade and Urs Gattiker): VR and the later AVIEN Malware Defense Guide (Syngress) – to which Andrew Lee also contributed – are probably the best known of my books. When I rejoined the UK’s National Health Service in 2006, I ran the Threat Assessment Centre and was the go-to person nationally for malware issues. I left to work as a freelance author and consultant in 2006, which is also when I began to work with ESET.

Position and history at ESET? Senior Research Fellow at ESET N. America. Primarily, I’m an author and blogger, editor, conference speaker, and commentator on a wide range of security issues. Like the rest of the industry, they put up with me because I’ve been around so long.

What malware do you hate the most? Malware is just code. It’s malicious people I detest. While I’ve no love of scammers, I can see that it’s easier to be honest in a relatively prosperous environment – if there is such a thing anymore – and that cybercrime can be driven by an economic imperative. But I have nothing but contempt for those sociopaths who cause harm to others for no reason except that they can.

Favorite activities? The guitar (I still gig and record when time allows), other people’s music. I love opera but don’t attempt to sing it. Photography, art, poetry, country walking – well, ambling is about as much as I can manage at my age – good food and wine, good television when I can find it...

What is your golden rule for cyberspace? Scepticism is a survival trait: don’t assume that anything you read online is gospel truth, even this adage.

When did you get your first computer and what kind was it? Amstrad PCW (primarily a word-processor) in 1986. What else would you expect a not-very-rich author to buy in 1986? :)

Favorite computer game/activity? Extra-curricular writing (blogging, verse and lyrics, articles). Digital photography and miscellaneous artwork.

More Info

Virus Bulletin and AVAR: a conference paper is for life

ESET conference papers from the 2014 Virus Bulletin and AVAR conferences are now available.

AVAR Down Under – Security Researchers at Work

ESET will be well represented in papers presented at the AVAR conference in November, but that’s not the only interesting content on the agenda.

Support Scammers: Hoping to Reign in Spain?

More about the support scammer trend towards finding victims in Spain who aren’t fluent English speakers.

Bootkits, Windigo, and Virus Bulletin

ESET research on Operation Windigo received an award at Virus Bulletin 2014. Our research on bootkits was also well received, and is now available publicly.

Support Scams: Expect the Scammish Inquisition*

An update on support scams: but are the scammers looking for fresh fields and posturings new?

4Chan: destructive hoaxes and the Internet of Not Things

The media have associated a number of destructive hoaxes with 4chan: people need some historical perspective on how the site actually works.

Virus Bulletin presentations update

Updated information on ESET presentations at Virus Bulletin 2014.

Virus Bulletin, AVAR conferences: a tasty Conference Pair*

Autumn: the season of mists and mellow fruitfulness, not to mention a couple of excellent security conferences. Virus Bulletin and AVAR make a very tasty Conference Pair.

Anyone want to know my Social Security Number?

Your home may be your castle, but on social networks, your friends are your perimeter. Will they enclose and protect your personal data?

Shaggy Dogma: Passwords and Social Over-Engineering

Given the ‘nightmare’ that is password management, is Microsoft right to say that it’s sometimes OK to re-use the same memorable password on several sites?

Support Scam: Old Racket Still in Service

One of the support scam sites used to mislead victims may be down, but the scam definitely isn’t about to go away.

Chip & PIN & Signature, Magstripes and EMV Go-Faster Stripes

The US is still perceived as a hotspot for card fraud: what difference will the ongoing roll-out of Chip & Signature EMV make?

World Cup scams: an early kick-off

Amazingly, it was way back in 2011 that I came across my very first World Cup 2014 scam. Surely that merits a prize, or at least a pay-rise?

Support Scam Using (MS-)DOS* Attack

The never-ending Windows support scam often misrepresents obsolete MS-DOS utilities. But three simple rules will bypass most of that social engineering.

Virus Bulletin review: 2 eBooks offering security guidance

An article for Virus Bulletin by David Harley reviews two eBooks offering security advice to consumers.

XP-diency: beyond the end of the line

Can’t yet upgrade from XP? Recommendations are being made by Gartner and others for staying (relatively) safe.

Privacy, Social Media, and the Younger Generation

When parents post photographs and information about their children to social media, what are the privacy implications for those children when they’re grown? What happens on the internet tends to stay on the internet, and not necessarily in a good way.

The Internet of Things isn’t a malware-laced game of cyber-Cluedo… yet

Will the future be a murderous game of ‘smart device’ Cluedo, where Colonel Mustard meets his death at the hands of a Wi-Fi pacemaker, and Miss Scarlett is consumed in a Smart Home-ignited blaze. Not likely, says David Harley – where’s the profit motive?

Better Mac Testing: Static versus Dynamic Testing

Dynamic or on-access Mac testing of AV products is problematical with samples for which Apple has implemented signature detection.

Better Mac Testing? How OS security can make AV testing harder

As Mac malware increases in prevalence, testing security software that supplements OS X internal security gets more important and more difficult.

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.