ZDNet UK / News and Analysis / Workspace IT / Desktop Hardware

Bugs at Internet speed?

By Robert Lemos, 6 November 2000 10:38

Topics

Antivirus, Symantec, IBM, McAfee, digital immune system, rumor, Viruses, Enterprise

NEWS To err is human. To spread the error across the Internet ... leave that up to new automated update systems. So say critics of two plans by antivirus vendors to automatically deliver updates to desktop PCs. The systems for delivering antivirus updates are IBM's Digital Immune System, to be deployed by Symantec, and Network Associates' Rumor. They will respond to virus attacks by pumping the latest digital cures down to hundreds of thousands of PCs. In a few years, that number could be in the millions. But are these automated antivirus offerings a panacea or the makings of a disaster? "If they did everything perfectly, there wouldn't be a problem," said Fred Cohen, a security consultant, researcher, and author of the first paper on computer viruses in 1984. A single error, however, could transform the system from helpful to harmful, he said. "If the update gets corrupted, you are essentially sending out to everyone as legitimate updates." That's not so unlikely as it sounds. On Wednesday, an Oklahoma coal and natural resource venture reported that an update from McAfee.com had disabled 250 of the firm's machines for most of the day. In early October, updated definitions for Symantec's Norton Anti-Virus conflicted with Network ICE Corp.'s BlackICE firewall, shutting it down and leaving affected systems open to exploit. McAfee and Symantec are not alone. Almost every antivirus maker has erred with its updates in the past. One reportedly missed detecting the QAZ Trojan in early October. Another dropped several old definitions from its lists, resulting in viruses thought to be a decade dead popping back up on computers worldwide. With the new technologies, isolated incidents could become worldwide problems. Today, program and virus-definition updates are posted to servers on the Internet, and wait there until clients download the data. In some cases, the process is automated, but good system administrators will test the updates, said Rob Rosenberger, antivirus industry watcher and editor of Virus Myths. "In a large organisation, you need to know that the updates work with the software that's on the PCs," he said. "If you automatically update your executables, it may one day break your system." Yet companies are the ones clamouring for a solution that delivers fixes as fast as possible. "In their mind, faster is better," said Rosenberger. That's understandable. During the Melissa outbreak, antivirus software makers responded in many cases within 12 hours to the new macro virus. For panicked customers, however, that wasn't fast enough. The number of unique visitors on McAfee's Web site spiked from an average of 350,000 a day to more than eight million, said Victor Kouznetsov, vice president of engineering and chief technology officer for Network Associates' MyCIO.com business unit. "Virus writers are always one step ahead," he said. "We need a system to help... them." Well, fast is here. The Digital Immune System and Rumor are the antivirus industry's answer to outbreaks of digital diseases such as Melissa and LoveLetter. The Digital Immune System -- based loosely on an analogy of the body's reaction to disease -- pushes solutions down to individual customers as they become available. Rumor, the technology announced last week by MyCIO.com, uses a more sociological analogy -- the passing of a juicy rumour between friends -- to deliver definitions by the currently vogue method of peer-to-peer networking. Both systems will result in the latest definitions being distributed quickly to customers. That means less time for PCs to be vulnerable. Yet, if an error creeps into either the definitions or update code -- or if the software conflicts with other applications -- it also means less time for companies and antivirus firms to react to the mistake. Take me to Pt II/ Errors not unheard of Take me to ZDNet Enterprise To have your say online click on the TalkBack button and go to the ZDNet News forum. Let the editors know what you think in the Mailroom. And read what others have said.

Related stories

Jane Wakefield: Have you caught the love bug?

McAfee virus definition crashes Windows

Enhancing tech inside Intel's photonics lab

ARM exec predicts 50 tablet PCs on the way

HP files suit over Asian patent infringement

Post your comment

In order to post a comment you need to be registered and logged in

Log in or create your ZDNet UK account below

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Membership FAQ

ZDNet UK Live

dava4444

Hi any news on the comment bot? knocking me back from my own blog is a bit cheeky lol *Mulder to Scully* "I think it has an agenda.." I know, I...

41 minutes ago by dava4444 on ZDNet UK: faster, smarter, still IT all the way
benny boy

if you look at the Brentwood exchange on samknows it servers 21,000 residential propertiesm, Lowestoft serves 31,000! Come on BT sort yourselves...

1 hour ago by benny boy on BT fibre broadband coming to 69 more towns
pbreddit

[programming] H.264 - a sting in the tail http://reddit.com/bfu4q [zdnet.co.uk]

reddit

H.264 - a sting in the tail [programming] 13 points, submitted by zigzag [zdnet.co.uk] http://reddit.com/bfu4q

cybfor

Malware infects second Vodafone HTC phone: [zdnet.co.uk] A second Android-based HTC Magic from Vodafone has been... http://dlvr.it/KhKx

miyabi81

Chatter preview http://www.zdnet.co.uk/news/application-development/2010/03/17/salesforce-opens-up-chatter-developer-preview-40088348/

cybfor

US gov t considers undercover social networking: [zdnet.co.uk] The Obama administration has considered sending... http://dlvr.it/Kh3L

sudipta_vodafone

Please give me chance in the vodafone essar Ltd as back office executive

8 hours ago by sudipta_vodafone on Vodafone culls 375 'mainly back-office' jobs
sudipta_vodafone

I want to get a back office job in vodafone direct payroll

8 hours ago by sudipta_vodafone on Vodafone culls 375 'mainly back-office' jobs
Xwindowsjunkie

I also find it harder to use. It used to scale properly in Firefox. Text would size up and down without dragging all the right edge debris with it....

12 hours ago by Xwindowsjunkie on ZDNet UK: faster, smarter, still IT all the way
dava4444

that comment bot is a nutter, it just referred me to the moderator on my own blog. shocked look. please help thank you Dava I'm afriad to...

15 hours ago by dava4444 on Welcome to the new ZDNet UK community!
dava4444

Hi Rupert! Don't think I could fill the above shoes... but if your ever looking for a consumer rights Tech blogger..tip me the wink lol peace Dava

16 hours ago by dava4444 on Fancy working for ZDNet UK?
dava4444

Hi Rupert My photo is gone from my profile and I just got told i was a spammer by the comment bot. the navigation is gone for my profile. :O on...

16 hours ago by dava4444 on Welcome to the new ZDNet UK community!
ator1940

With windows it is always more bloat, and a lot of that seems to be duplicated in various places. I've noticed that you will have freed space on...

22 hours ago by ator1940 on Can you believe it - 2765 kB will be freed?
BuzzMyStat

Buzz My Stat : New search for http://www.zdnet.co.uk Take a look: http://www.buzzmystat.com/site/zdnet.co.uk

Karen Friar

Hi Jamie, I'm sorry your comment got caught in the spam filter. We use an industry standard blacklist for this. I suspect that the comment may...

1 day ago by Karen Friar on Spam? Filter Changed?
J.A. Watson

Pop - Neither have I. Ever, under any circumstances. I'm much more accustomed to Windows slowly, but inexorably, consuming more and more disk...

1 day ago by J.A. Watson on Can you believe it - 2765 kB will be freed?
John Molloy

Apple are currently pushing to get tv content on the iPad by April 3rd. This could possibly be seen as a spoiler for that announcement I suppose....

2 days ago by John Molloy
Andrew Donoghue

Hey - presume you mean something that builds on Apple's existing TV device? Apple have already had a couple of runs at building Apple TV and it's...

2 days ago by Andrew Donoghue on Google's TV timing may reveal more to come
BVE2011

Google, Sony, Intel may build TV project www.zdnet.co.uk/news/emerging-tech/2010/03/18/google-sony-intel-may-build-tv-project-40088359/

Latest in Desktop Hardware

Enhancing tech inside Intel's photonics lab

ARM exec predicts 50 tablet PCs on the way

HP files suit over Asian patent infringement

Featured white papers

Achieving PCI Compliance for:Privileged Password Management & Remote Vendor Access

For multi-store outlets, including retail, banking, grocery, gas, hospitality, convenience stores and others, reducing (or avoiding) the cost of in-store system support and maintenance while maintaining compliance with PCI and other requirements has become a strategic challenge.

Download now

Web 2.0 Security Threats: How to Protect Your Enterprise Network

Speaker: Dr. Chenxi Wang, Principal Analyst, Security and Risk Management, Forrester Research, Inc. As Enterprises are increasingly connected to the Internet and as hard organizational boundaries are fast disappearing, security professionals are facing fresh challenges in Enterprise computing.

Download now

MindManager - Tutorial for New Users - Short

This tutorial is for new MindManager users and teaches you how to get started, by creating maps, reading maps and organizing your information.

Download now

Inside ZDNet UK

Broadband Speed Test

How fast is your broadband?

Welcome to the new ZDNet UK

Welcome to the new ZDNet UK

White Papers

Free technology white papers

Downloads

Browse our free downloads

Jobs

Search for a new job

Hot Topics

ZDNet UK hot topics

Join ZDNet UK

Join ZDNet UK