ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

The fox guarding the chicken coop

Published: 18 Jan 2005 10:50 GMT

How many viruses have you coded? What sort of projects did you pursue and why?
A lot. I don't know the exact number. But I always tried to come up with something new, never seen before. I coded viruses for platforms that were considered infect-resistant. I found some satisfaction in programming, just because I like logical and abstract thinking. This is not about any sort of "cyberterrorism".

Do you think that coding viruses has any ethical or moral implications?
Writing technically new and innovative viruses is like writing exploits for new programs. Coming up with new ideas advances the Internet, since it becomes more prepared against real attacks. I don't see anything wrong with saying, "Hey! This can be abused! There is a bug! You are not prepared for this!" without doing a single cent of real damage.

What has made you stop coding viruses? Do you still view the virus underground in the same way?
I am still the same. I am still interested in computer security, but now from the other side. I'm trying to fight viruses by finding better ways of detection. I am glad that I can use the skills I achieved by studying viruses in practice and real life.

Antivirus companies frequently say that no virus writer should ever have a job in security. What are your views of this opinion?
That is funny. Why? Just because a lot of skilled virus writers already have jobs in the antivirus industry. I don't want to cause any problems to my friends, so I won't give concrete examples. But believe me, this is just marketing theatre for customers -- the truth is a bit different.

In any event, who else should code antivirus programs? Who else has the experience and technical skills for fighting viruses? Some antivirus firms say that I have no moral right to do it, but... almost all ex-members and current members of 29A are employed in the antivirus and information technology security industry.

What sort of work do you do for Zoner? Has your virus-writing experience made your programming better?
I take care of ZAV (Zoner Antivirus) core -- this means all those low-level functions for scanning, unpacking, emulation, heuristics, ZAV database maintenance and new detection patterns.

Since elementary school, I have been interested in computer viruses, and I focused on computer security. So I think I am the right person to program antivirus.

Should virus writers and releasers be tolerated on today's Internet? Does your answer depend on how the Internet has changed or the virus-writing community?
I think that source code is just a form of expression, and this should be legal, since freedom of speech is protected. I never spread any of my viruses, and I always thought doing so to be a stupid act. All that I am interested is a programming -- nothing else.

The Internet is changing, and spammers and phishers should not be tolerated, of course. But people from 29A -- and others who are only studying, publishing and not releasing self-replicating programs -- are the last people that cause any real or virtual damage and should not be persecuted.