That competition is not from each other. No, the economic battle is between the anti-virus vendors and the malware creators their software is supposedly designed to stop.

The money made from malware is eclipsing the revenue of anti-virus vendors, a leading net security vendor claims. Raimund Genes, CTO of anti-malware at Trend Micro, cites FBI figures that IT security problems cost the economy $62bn last year against IDC estimates that the anti-malware market was worth $26bn in 2005.

Yes, I read the rest of the article, but now I am thinking…why did I bother.

ConsumerReports just completed a study which tested anti-virus softwares for their effectiveness. But instead of just using the known threats and existing signatures, they created thousands of virus variants of their own to see if protective measures did any good. Of course, you have to be a subscriber to their magazine to get the results, so I’d love to hear from someone as to who won the battle, but nevertheless I thought it was a great idea.

Not everyone did.

The watchdog group is now being slammed for their approach, and I say this should serve as a warning to everyone who trusts their boxed anti-virus kit. Graham Cluley of Sophos noted:

“When I read about what ConsumerReports has done I want to bash my head against a brick wall. With over 185,000 viruses in existence was it really necessary for this magazine to create 5,000 more? It’s irresponsible behavior, and will be frowned upon by the antivirus industry. Leave antivirus testing to the independent testing bodies with expertise in the field”

Alarms aren’t designed to set themselves and subsequently go off only on designated burglar days, but anti-virus is certainly designed to trigger against known threats. That is what ConsumerReports was trying to get at - could anti-virus protect against previously unknown viruses. They even used existing signatures, varying them just slightly (like malcreants do). And I found no mention of ConsumerReports releasing them into the open, as the quote infers.

Maybe Graham wants to bash his head against the wall because his product doesn’t really protect like it should, and now he and his entire industry have been called out?

***UPDATE***

No argument from Slashdotters.

Internetnews.com is talking anti-virus technologies, and who is playing the game. They state the obvious, right up front:

If ever there were a growth industry in technology, it’s the antivirus/anti-spyware market.

Yes, the obvious. If the problems persist, folks like Symantec, McAfee, Sophos, and even Microsoft have a lot of fun ahead of them.

If you recently upgraded to Norton Anti-Virus 10 like I did, and wound up with multiple cron jobs running your update and scan events, like I did, and couldn’t get any help from Symantec, like I couldn’t, here is the solution…

Uninstall NAV. Delete all your plists related to Symantec. In fact delete any file that sounds like it is from them, period. Reboot. Reinstall. Reboot (required). I am running right now - you should be too.

eWeek thinks the anti-virus software market is ripe for consolidation. They cite large players reporting impressive numbers, and small players getting squeezed.

Sounds to me like large players are going to be buying small players at nice discounts. Or small players just fade away. And what about Microsoft, who is hot on the heals of independents in the anti-spyware market - will they jump on anti-virus next?

When someone hears about a new virus in circulation, you always hear someone say “get a Mac” or “run Linux instead.” Yes, it is a bit irritating, and even I am guilty of doing it now and then.

I’ve questioned whether the non-Windows crowd simply knows something the other side doesn’t, and maybe, just maybe, the security software firms do to. The latest threats against the two UNIX-based platforms were weak, to say the most, but they made big headlines anyway. As Techdirt points out, why such a big deal if the lack of threats really is “security by obscurity” (in this case, due to low market share)? A prideful malcreant would love the bragging rights that would invariably come from bringing down every graphic designer and hardcore developers’ machine, wouldn’t they?

While the security firms offer software for these platforms, I believe the target audience uses them to keep from spreading viruses, not getting infected by them (that’s why I use Norton on my Mac). But we also know those firms have to maintain a delicate balance of fear mongering to sell their wares in the first place. Unfortunately, most of those products rely on knowing the virus to protect against it, and with few known viruses for Linux and OS X, it is simply hard to make the pitch.

I think the latest “predictions” regarding online threats by the fine and fair Department of Homeland Security are just their way of saying “We’re paying attention, and some legislator has a bill in waiting to pump up his/her profile prior to elections.”

Tops on the list of “predictions”….spear phishing (already happening), and brokerage account break-ins (don’t worry here, the brokerages are already pretty good at losing the data themselves).

The safety recommendations include the ultra-creative “turn on your firewall,” “install and update anti-virus and anti-spyware,” and “perform regular operating system updates.”

The insight, the forethought!

I was wondering when someone would provide a generic solution for the spyware. You are forced to install several anti-spyware packages because the firms that make them classify their targets based on which way the wind blows. I thought if someone put together a free package which was distributed anonymously over the net, the spyware companies would have nobody to get mad at. My wishes have not be granted, at least not with respect to spyware.

But on the anti-virus front, there are some free choices that might be worth trying. I am uncertain as to how and when (and by who) a free anti-virus package will keep definition files updated, but free is free after all. Maybe they become that generic solution for you commercial anti-virus’s shortcomings.

While I don’t buy into the idea that new Windows machines coming with firewalls turned on and trial-ware for viruses and spyware eliminations makes the world a much better place, at least someone is actually aware there are issues.

I try touting the need for anti-virus software, no matter what platform you are on (but especially Windows…wink wink) I was a loyal user of Norton Anti-Virus on the little Powerbook, even though Symantec tripped up now and then.

But I have several conflicting data points now, and am beginning to wonder. At first glance, Norton may seem like the best of the worst, and that is certainly better than the alternative. But the company can’t seem to make much money from being at the right place at the right time, and now we find that their anti-virus software may have some serious holes. Even if the exploits are the result of hackers bored with trashing Microsoft, it pays to be fair. I found alternatives to Microsoft’s OS, so why shouldn’t I look for alternatives to Norton.

Someone throw me a bone here.