Kurt Wismer posted a much-to-the-point blog a few days ago about the way that purveyors of scareware (fake/rogue anti-virus/security products) mimic the marketing practices of legitimate security providers. You may remember that a while ago, I commented here about a post by Rob Rosenberger that made some related points. If you’re a regular reader of
All this is potentially frightening and inconvenient (or worse) for a home user. And if it happens in a corporate environment, it can be very, very expensive to remedy. So while some of the public comments we see in the wake of such incidents may seem over the top, “FP rage” is certainly understandable.
Security researchers work together and share information in many ways and in many contexts that aren't constrained by company boundaries, but it's unusual for security researchers working for different vendors to join forces in a company blog. However, John Leyden of The Register contacted us both when he was writing an article on the controversy following
Sunbelt have responded to an article in Infosecurity about what I described way back in the early 90s (when putting together the alt.comp.virus FAQ) as the “thorny issue of malware naming”. Well, I’ve been banging the drum about educating users and pretty much everyone else away from the concept that malware naming is useful for quite
[Since the owner of the blog described below interpreted this blog as a personal attack and marketing BS, I’ve removed information that identifies his blog. Which is a pity, because his blogs on the topic actually include useful information. I’m not withdrawing the whole blog, because it isn’t marketing and it isn’t about our product: