December 9th, 2003, 04:15 PM
Heh it'be easy for AV companies to get more money lol...like if they make a virus and they send it out...since they made it..they are the only ones with a antivirus for it...that is on the begining. But it might be hard for 'em to cover it up
December 9th, 2003, 05:41 PM
Yah, that would be hard to cover up. Lol
December 9th, 2003, 05:53 PM
I know a couple of virii writers and they think of themselves as whitehats. They do research in to vulnerabilities (in this case propagation of unwanted code), write a POC of it to test it and then send that to the AV companies to let them know how it can be done and give the AV companies time to write a definition file. They say they do this to help the AV companies incase someone else out there is doing the same type of research but with nefarious ideas behind it.
Now I don't know if I completely buy this, but that's the line that has been given to me by some people that actually write the virus codes... they also say that nothing they have ever written has made it in the wild. /shrug
Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.
December 9th, 2003, 05:56 PM
I'd say this is likely, especially in light of the University of Calgary's Virus Writing Course. This might become more prevelant. When you think about it, how is it not that different from white hats finding errors in a particular OS or application and writing a POC and sending it to the software manufacturer to fix?
Now I don't know if I completely buy this, but that's the line that has been given to me by some people that actually write the virus codes.
December 9th, 2003, 09:40 PM
I work for an AV company and we definately dont write any viruses. We do however get targeted by a lot of virus writers. What they some how dont realise is that every file that comes through our mail gateway gets stripped off and goes straight into the virus lab to be analysed.
We will normally see viruses before the majority of users for these reasons:
1. Virus writers target AV companies
2. Some virus writers, write proof of concept viruses and therefore send to AV companies to make them aware (like whitehat hackers)
3. Users that are turned on and find something strange on there system, will normally call there AV supporter and send in a sample of the file
4. We also (starngely enough) have a very strong group of individuals who troll the newsgroups for new viruses (normally trojans) and send them into us
5. Lastly, all of the AV companies share all the viruses that they have. The process involves sending a catalogue of all viruses found that month to each other AV company. This changes when a particularily nasty little buggar surfaces, and this is of course sent to all AV companies as soon as analysis starts on it.
The vast majority of viruses are windows based. Near enough all of them are 'in the zoo', and not 'in the wild'. We detect over 86,000 viruses, about 200 ish are in the wild.
December 9th, 2003, 09:41 PM
lets face it making a virus for win is easier than linux though why make them at all?only people who benefit in the long term are antivirus agencys and security agencys(giving people o job)!!!!
December 10th, 2003, 08:34 AM
Yeah that is true.
But virus writers tend to have some kind of grudge against society and what to get their own back.
Lots of people hate microsoft, and so we get lots and lots of viruses aimed at the windows platforms.
Because viruses have existed, there will never now be a time when AV companies do not exist. Corporate customers will now always be paranoid about viruses, even we stopped seeing any new ones being written.
December 10th, 2003, 09:04 AM
Let's not forget the exploration issues. While a virus can be purely destructive without any interesting code in it, some people really push things forward and get some dangerous tools out there. In all honesty, I'd rather have such things happening, than some 'ingenious' blackhat taking down the county powergrid with some virus. In a sense, while exploits usually refer to remote systems, I guess we can think of virii as exploits of local systems, in order to [but not only] crumble that system.
ghostofanonion, while I can understand sometimes MS haters tend to be very biased in their comments about the company [we all are biased some way, but I'm dealing with the quality of their arguments here], the issue here is, indeed, that the company has repeatedly released software just waiting to be exploited in malicious ways. It looks more like a test-OS for future H/C rather than a serious OS. The very fact it is more common should determine the software giant to secure everything better. I read somewhere - unfortunately don't have the link anymore - that if source code to Windows was released, some stuff could be found in there that may posses a threat to national security if it would be known. And, btw, it was a MicroSoft official that declared that [interestingly enough, shouldn't the NSA be investigating if something like this is out in the open? Are commercial rights more important than individual freedoms?]
December 10th, 2003, 09:52 AM
If an AV Company was discovered as writing virii and releasing them on purpous for economical reasons the company would go bust very fast this fact would destroy their reputation, clients wouldn't by their AV product anymore ...
cl: An AV company would risk more by writing virii than what the could get back
December 10th, 2003, 03:01 PM
Sorry I had forgotten about novell, in fact the post on this site is the first time I've heard about it since I played with 3.2 on my ol P75.. I was sure it was dead.. but.. My Bad