Some say the only people who have any use for hype about viruses are the anti-virus (AV) vendors and other security peddlers. So long as your AV installation is up to date and you have backup technologies (such as a firewall), you have nothing to fear, they claim.
But should one hide the statistics? The other side of the coin is those who say that to relax about the extent of the viral havoc is to live in a dream world. According to these commentators, the problem is far, far worse than you imagined.
We`re in the middle of the worst and most confusing malware scare ever.
Carel Alberts, Journalist, ITWeb
The implied disagreement between iDefense and Sophos (we spoke to them separately) is a case in point. These companies approach the problem in ways that are more or less congruent with the above standoff, and their public utterances on the topic couldn`t be more different from each other.
iDefense`s position is that we`re in dire trouble, and it`s mounting. Sophos practically dismisses such scare mongering, saying we`re basically all right as long as we keep up to date with genuine software.
Who is right?
We`re in the middle of the worst and most confusing malware scare ever, which seems to lend credibility to iDefense`s statement. But at the same time, there is incredible sloth in implementing safeguards (one in 40 WiFi networks in Sandton are likely to be unprotected), which seems to mean we haven`t done nearly enough to exhaust our options, and that it`s hardly time to panic yet.
In short, both are right, which makes me believe that the real question here is: who is doing the right thing in the circumstances?
The question is important to users, who have to decide on fundamental issues: what technology will safeguard my information? Do I invest in VLANs or other ways of separating business and untrusted communications? Do I can e-communication altogether?
A closer examination of the two companies` respective positions can be very insightful in determining the answers, and it must be remembered that the user`s reaction will determine the fate of these and other companies.
Similar, but different
The other interesting thing about the argument is that both really say the same thing: you should protect your network adequately. And both organisations are trying to sell an offering as a consequence - a very natural instinct.
But whereas iDefense chooses to play up the immensity of the danger, which no doubt exists, and in the process fuels fear, uncertainty and doubt, offering little to quell fears, Sophos invests a little more than paranoid factoids into its media comms. (I use the word factoid to mean interesting snippet, not spurious assertion.)
If I had to choose a winner here, I`d say Sophos is it.
Its strategy is less likely to scare the user, uselessly, out of his wits; more likely to sell product and gain the esteem of its markets; and is generally healthier in the sense that it reflects more soberly on user education and empowerment.
Have you hugged your PC today?
Can anyone without a properly configured firewall and updated AV, and who is cognisant of the value of alphanumeric passwords, rightly claim that Internet banking is insecure, even if spyware gets their money? Can we expect to get anything out of the bank, dependent though it is on good press, if our stolen money was not properly protected? And can we honestly speak of a global security crisis, even with insecure software, if we secure one in 40 wireless networks? The answer to all these questions is obviously "no".
I think it`s fair to say that once we`ve exhausted all the reasonable security avenues, and the problem persists, we can then raise the alarm about an unstoppable, global security crisis.
Related story:
Viruses: Keep your wits about you, says Sophos
Share
