Antivirus FUD obscures reality

Patrick Gray ZDNet Australia

Published: 29 Aug 2003 10:05 BST

• 
• 
• 
• 
• 

"Somehow we have to keep the balance between alerting the users to something that we think is going to be a problem, but on the other hand not to alert people to things that don't go anywhere," he said during a phone interview. "This is insanely hard."

"There's no way that someone can have a crystal ball," he added.

Dozortsev told ZDNet Australia that the company must be careful not to cry wolf. "We try to be very responsible in regard to all of our announcements. We try not to over-alert people."

One company that releases a lot of data relating to the spread of viruses online is MessageLabs. The data it releases is delicately criticised by both antivirus experts.

"They have my deep respect in terms of their commitment and their abilities," Dozortsev said. "They do the right thing by users and the industry. They are a large volume IP provider, and therefore they're positioned quite well to gather statistics... [but] sometimes their statistics may be a bit skewed."

Dozortsev and Chuawiwat both say the problem when dealing with statistics gathered from any mail-filtering company is they tend to attract a certain type of customer which is not necessarily a valid "Internet-wide" sample from which data can be mined.

Sometimes an "avalanche" phenomenon means that certain viruses may target certain types of groups more than others, so a virus that attacks the type of user that subscribes to MessageLabs service may not attack the typical corporate user.

"In the majority of cases, viruses and worms are challenged in certain ways," Dozortsev said. "It is almost always not very easy to say if a virus is going to go ahead or not."

• 
• 
• 
• 

• Share this article:
• Digg
• Slashdot
• Del.ici.ous
• Stumble
• Reddit

• Most Recent
• Most Popular
• Most Discussed