Author
David Harley
David Harley
Senior Research Fellow

Education? Academic background in modern languages, social sciences, and computer science. A Fellow of the BCS Institute (formerly the British Computing Society), Chartered IT Professional, Certified Information Security Systems Professional, BS7799/ISO27001 Lead Auditor.

Highlights of your career? Office administration, programming, and IT support at Royal Free Hospital, then with Human Genome Project. System administration and support, then security analyst at Imperial Cancer Research Fund (now Cancer Research UK). Wrote/co-wrote/edited a number of Internet FAQs and my first articles on programming, security etc. I presented my first conference papers in 1997 (at Virus Bulletin and SANS), and soon after inherited the Mac Virus web site, which I still run as an independent security information resource. In 2001 I joined the UK’s National Health Service, where I ran the Threat Assessment Centre until 2006, acquired qualifications in computer security, security audit, and service management (ITIL), and was the go-to person nationally for issues related to malware. Viruses Revealed, published the same year by Osborne, wasn’t my first security book (I’ve written or contributed to about a dozen) but it was the first to make a real impact and was published in 2001: that, and the AVIEN Malware Defense Guide (Syngress), to which Andrew Lee also contributed, are probably the best known of my books.

Position and history at ESET? Senior Research Fellow at ESET N. America. I’ve worked with ESET since 2006, primarily as an author and blogger, editor, conference speaker, and commentator on a wide range of security issues. Essentially, they put up with me because I’ve been around so long.

What malware do you hate the most? Malware is just code. It’s malicious people I detest. While I’ve no love of the gangs behind phishing scams and banking Trojans, fake AV, 419s, support scams and so on, I can see that it’s easier to be honest in a relatively prosperous environment, if there is such a thing anymore, and that cybercrime can be driven by an economic imperative. But I have nothing but contempt for those sociopaths who cause harm to others for no reason except that they can.

Favorite activities? The guitar (I still play semi-professionally when time allows), songwriting, recording, listening to other people’s music. I love opera but don’t attempt to sing it. Photography, art, poetry, country walking – well, ambling is about as much as I can manage at my age – good food and wine, good television when I can find it...

What is your golden rule for cyberspace? Scepticism is a survival trait: don’t assume that anything you read online is gospel truth. Even this adage.

When did you get your first computer and what kind was it? Amstrad PCW in 1986. It ran a version of CP/M and came with an integral printer, word-processing software and versions of BASIC and Logo. I moved on to an 8086 when I got my first job in IT. What else would you expect a not-very-rich author to buy in 1986? :)

Favorite computer game/activity? Extra-curricular writing (blogging, verse, articles). Artwork and digital photography.

More Info

There’s Passwording and there’s Security

Kim Zetter’s article for Wired tells us that “SCADA System’s Hard-Coded Password Circulated Online for Years” – see the article at http://www.wired.com/threatlevel/2010/07/siemens-scada/#ixzz0uFbTTpM0 for a classic description of how a password can have little or no value as a security measure. Zetter quotes Lenny Zeltser of SANS as saying that ““…anti-virus tools’ ability to detect generic versions of

Fake AV support scams

I’ve been banging on various forums for a while about the misuse of the ESET brand (among others) by fake support centres cold-calling victims and telling them they have “a virus” and charging them hefty fees to fix the “problem.”

Yet more on Win32/Stuxnet

Our colleagues in Bratislava have issued a press release which focuses on the clustering of reports from the US and Iran, and also quotes Randy Abrams, whose follow-up blog also discusses the SCADA-related malware issue at length. The Internet Storm Center has, unusually, raised its Infocon level to yellow in order to raise awareness of

(Windows) Shellshocked, Or Why Win32/Stuxnet Sux…

…But that doesn’t mean that this particular attack is going to vanish any time soon, AV detection notwithstanding. Now that particular vulnerability is known, it’s certainly going to be exploited by other parties, at least until Microsoft produce an effective fix for it, and it will affect some end users long after that…

Aryeh’s Mousing Memoirs

“Written in the form of a personal retrospective, this paper compares the earliest days of PC computer viruses with today’s threats, as well as provides a glimpse into the origins of the computer anti-virus industry.”

Blog Makeover

You may have noticed that the blog has undergone some changes. While some may think that all the extra mugshots of yours truly are a bit over the top, I hope you approve of the somewhat livelier presentation. My thanks to everyone who worked on it. David Harley CITP FBCS CISSP ESET Senior Research Fellow

AMTSO in the Media: the Prequel

As I mentioned here yesterday, I launched a new AMTSO in the Media page on the AMTSO blog page yesterday. Since then, Pedro Bustamente has kindly sent me a whole bunch of links relating to events leading up to the launch of AMTSO in 2008, so I’ve created a separate sub-page incorporating those links out

A gentle reminder…

…that this blog is not the place to ask for help with product installation and maintenance (even our products). Please contact your supplier or check the Support and Contact pages on the main ESET web site (http://www.eset.com): we simply aren't generally the best people to give you product advice. And while we appreciate appreciative comments,

AMTSOspheric* Pressure

Who would have thought that an initiative aimed at increasing the accuracy and relevance of anti-malware testing would be quite so controversial? Well, it was to be expected that AMTSO (the Anti-Malware Testing Standards Organization) would generate a certain amount of controversy: clearly, the organization is not going to get everything right first time. And

Testing and Accountability

No-one believes that AMTSO has all the answers and can “fix” testing all by itself, but it has compiled and generated resources that have made good testing practice far more practicable and understandable. The way for testers (and others) to improve those resources is by talking to and working with AMTSO in a spirit of co-operation: the need for transparency is not going to go away.

I AMTSO confused….

…Somewhere in this welter of misinformation, well-meant but muddled thinking, and black propaganda, there are some issues that need clarifying… Watch this space for further information. And while you’re waiting, you might want to check the documentation and other resources at the AMTSO web site to see what the organization really proposes and what it is really trying to achieve…

Adobe, Make My Day Too….

Adobe, when I disable JavaScript, STOP SILENTLY RE-ENABLING IT WHEN YOU UPDATE….

Crimeware Across the Globe

…time to share it here: not only for its insights into the Latin American crimeware scene, but even more so as a neat summary of the way in which global crimeware is distributed regionally…

Tidy TDSS (TDL3) Paper

…Aleksandr Matrosov, Senior Virus Researcher, & Eugene Rodionov, Rootkit Analyst, … have allowed us to share a long and comprehensive report on the TLD3 rootkit…

Support Scam Info: Some More Links

Further to my last blog here, it seems that I've been missing some serious fake AV telephone scam action. Some links provided by my good friend Steve B. Nice one, Steve. :) ALERT: metsupport.com – yet another telephone based fraud (aka SupportOnClick revisited – again) http://hphosts.blogspot.com/2010/06/alert-metsupportcom-yet-another.html techonsupport.com, click4rescue.com, pcrescueworld.com: SupportOnClick revisited http://hphosts.blogspot.com/2009/12/techonsupportcom-click4rescuecom.html SupportOnClick: Phoned by

Marketing Misusing ESET’s Name

The individual concerned had received a phone call from someone claiming to be from Microsoft, and informing him that notification had been received concerning a virus infection on his PC, and offering to help him to install antivirus software. When asked what antivirus software was being offered, the caller claimed that it was ESET’s.

Skimming for Beginners

Regrettably, pretty much anything could happen to your credit card while it’s out of your sight. However, the “ATM Card Skimming and PIN capturing Awareness Guide”, while it can’t cover every possible permutation of illicit additives to your friendly local ATM, does at least offer some guidance as to what to look for.

Testing and how not to do it

Further to my "top ten of top tens" post, I was encouraged by some queries to revisit the “Top Ten Mistakes Made When Evaluating Anti-Malware Software” list quoted by Kevin Townsend here. As it was an AMTSO issue and most of the queries have related to an AMTSO blog post, I've returned to it (and

Blackhat SEO uses online games to distribute malware

Here's another post from our colleagues in Spain (http://www.eset.es): mistakes in interpretation are down to me (David Harley). We have frequently talked about and shown examples of threats that take advantage of Black-Hat SEO (Search Engine Optimization). This technique (BHSEO) is used by malware authors to position the malicious links in the top results when a potential

Fake MoviStar Emails Spread Malware

My colleague Josep Albors flagged this issue on the Ontinet blog a little earlier today. I’ve flagged it here as it’s likely that there are similar messages carrying the same malware circulating in languages other than Spanish.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.