I love to poke fun at tech vendors who continually
boast of their innovation, when in fact they're scared to death of
real innovation, if they could even recognize it. Today I poke fun
at the anti-malware industry: Kaspersky, Trend Micro, Symantec,
F-Secure, and the rest of the usual suspects. Their existence
depends on Microsoft Windows and the entire leaky MS application
stack never ever getting fixed. I would die of shock if any of them
ever grew a spine, demonstrated some real innovation in honesty,
and announced "To cure your malware problems, don't use MS
Windows." OK I probably wouldn't die, but I'm sure I would have to
sit down.
You're probably familiar with the buggy whip analogies-- when
automobiles became popular, they put the buggy whip makers out of
business. Microsoft makes horse-drawn carriages and the
anti-malware companies are the buggy whip makers. Naturally they
don't want to become extinct, so what do they do? Try to con Linux
users into buying their wares. Which is like persuading automobile
drivers that they still need buggy whips. This article is
typical:
Note the emphasis on vague scare tactics and the lack of any
actual data or information.
This Softpedia article also spreads Kaspersky fluff, which
makes me sad because I like Softpedia's Linux news and reviews a
lot. It references this
Kaspersky blog entry:
"At the moment we know of around 1000 cases of sites
infected with Trojan-Downloader.JS.Iframe.auy. There are also
several hundred servers infected with Trojan-Mailfinder.Perl.Hnc.a
and Trojan-Dropper.Linux.Prl.a, which are actively spreading spam.
The days of *nix systems not being targeted by malware writers are
long gone."
Uh huh. Again heavy on scare, light on details. How do these
*nix boxes become infected in the first place? What *nix boxes
where? Unlike Windows, Linux and Unix do not auto-execute any
random executable that happens to wander by. I did both Web
searches and searches on Symantec, F-Secure, and other vendors to
learn more about these big scary *nix threats, and they don't even
include them in their threat lists. A Web search turns up the blog
and some Russian sites. Searching Kaspersky's own threat list does
not find anything mentioned in the blog, except
variants on Trojan-Downloader.JS.Iframe.auy:
"Currently there is no description available for this
program."
And some folks actually wonder why I am so grouchy and
mistrustful. Though I prefer to think of it as skeptical and
unwilling to be conned.
I think real innovation in computer security would be
twofold:
1. Issue repeated, loud, clear warnings that Windows is unsafe at
any speed
2. Invest all those resources and talent that are uselessly
expended trying to sail the Windows sieve, and instead devote them
to designing strong, user-friendly, user-controlled security tools
that do not phone home and do not depend on Big Brother, but that
really put control in the user's hands.
Then go after developers-- fix all the horribly-coded Web sites
that suck up CPU cycles and repeat the same dumb security mistakes
over and over. Strengthen notoriously porous PHP and Javascripts.
Even better, let's go back to the good old days of not allowing
remote code to execute on user's machines.
Invest in fundamentals like smart coding, so that applications
don't need fixing. Something, anything other than clinging
desperately to the status quo, and resisting efforts to fix it.
Don't laugh, I can dream.
Things to Remember on Memorial Day
The US holiday Memorial Day was originally intended as a day to
honor women and men who gave their lives in military service. It
has evolved into a day of remembering family and friends who have
passed away as well. For those of you fine Linux Today readers who
observe the holiday, I wish you all good wishes. For everyone who
does not, you may have my good wishes too. Linux Today will carry
on with fresh news and howtos through the weekend. See you all next
Tuesday!