Clueless anti-virus products/vendors (was Re: Sober)

Robert Bonomi bonomi at mail.r-bonomi.com
Mon Dec 5 05:12:15 UTC 2005


> From owner-nanog at merit.edu  Sun Dec  4 22:34:54 2005
> Date: Mon, 05 Dec 2005 04:30:26 +0000 (GMT)
> From: "Christopher L. Morrow" <christopher.morrow at mci.com>
> Subject: Re: Clueless anti-virus products/vendors (was Re: Sober)
> To: "Steven M. Bellovin" <smb at cs.columbia.edu>
> Cc: "Church, Chuck" <cchurch at netcogov.com>, nanog at merit.edu
>
>
> On Sun, 4 Dec 2005, Steven M. Bellovin wrote:
>
> > In message <B6621ED4D0AD394BBA73CA657DFD8976869630 at MSPEXBE01.wamnet.inc>, "Chur
> > ch, Chuck" writes:
> > >
> > >What about all the viruses out there that don't forge addresses?
> > >Sending a warning message makes sense for these.  Unless someone has
> >
> > A-V companies are in the business of analyzing viruses.  They should
> > *know* how a particular virus behaves.
>
> This has also been said before, but... they are also in the business of
> SELLING their product. It seems that the 'default' (note I don't either:
> use av, nor scan emails for virii so I'm not sure what defaults to what...
> just use something other than outlook and you can care less about it) is
> possibly there for advertising effect more than anything else :(
>
> Hey, bob's company stopped this virus with $PRODUCT_12, why aren't we
> using that product $VP_O_IT ??

"Because they 'very thoughtfully' fowarded the entire message, INCLUDING
 THE VIRUS ITSELF, to us.  _Even_though_ the original message did not 
 originate here.

"Do you _really_ think we should start forwarding viruses to our customers,
 'just because' their address was forged into a message sent us?  Just how
 do you think our customers would respond to _that_?"


There _is_ an art-form to backing management into an untennable corner, when
they are bound and determined to do something 'wrong'.  It's simply a matter
of finding the "right" consequences of the action, to illustrate _why_ the
proposed thing is 'wrong'.   'Revenues', and 'customer satisfaction' are 
almost _universal_ "hot buttons" that can frequently be used to advantage.




More information about the NANOG mailing list