April 1st: Your Questions Answered

We're not really set up to use the ThreatBlog as a full strength Questions and Answers resource, but we got so many questions after my blog yesterday about April 1st hoaxes that I feel obliged to try to answer some of them.

1. There is no truth in the rumour that the eCity of San Diego is changing its name to ESET. Nor is ESET planning to rename itself after anywhere in Kansas. Not that we have anything against Kansas, of course. In fact, I think Randy has a third cousin there somewhere.
2.  We don't believe that the vowel outage at Gmail is anything to do with the Cascade virus. In any case, we believe the leak has been fixed. However, if any of your emails are still suffering from IVS (Irritable Vowel Syndrome), you can obtain replacements either singly or in multi-packs from Sesame Street Retail, Inc. Consonants are also available, most of them imported from Bosnia: however there is a global shortage of Ps. If you need one urgently, the likeliest source is Trend Micro, which accumulated a backlog of them back in 2003.
3. Yes, of course the Register's story about Google scanning everyone in the world in order to put them onto the web in digitized form is a hoax. The quote "Google cares about privacy" should have told you that.
4. I like the article by Allan Dyer on Protecting Your Identity Online, too, but on the whole we think our own paper at http://www.eset.com/resources/white-papers/EsetWP-KeepingSecrets20090814.pdf is an even better guide to good password practice.
5.  Dammit, Neil, that admission about the antivirus companies writing all the viruses was supposed to be off the record. Yes, I am in the process of rewriting the AMTSO principles.

Principle 1: No antivirus company with a name beginning with E and ending with T will ever fail a comparative test.

Principle 2: No antivirus company without at least one banjo-playing researcher can be  represented in AMTSO

Principle 3: Vendors who participate in Virus Bulletin testing may not be referred to as testees (thank you, John H)

Principle 4: This principle intentionally left blank

Principle 5: All anti-malware comparative testers are required to change their forenames to Andreas.

Principle 6: There is no... principle 6.

That's as far as I've got so far.

And finally, thank you for your enquiry, Mrs. Trellis of North Wales, but we regret that our Mornington Crescent support service has been discontinued.

[Tip of the hat to Aryeh for the Bosnia reference. See also here or a little more reflection on security-related April 1st hoaxes for 2010.]

David Harley CISSP FBCS CITP
Research Fellow & Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter:
http://twitter.com/esetresearch; http://twitter.com/ESETblog
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

Also blogging at:
http://smallbluegreenblog.wordpress.com/
http://avien.net/blog
http://blogs.securiteam.com
http://blog.isc2.org/
http://macvirus.com/