Open source a natural for anti-virus software?
Consider: a large population of users who can report virii. Many people with the same "itch" (to be free of virii). A subsegment of both communities with the aptitude and interest in killing these virii.
Should be a perfect market for open source, right? Architecture of participation and all that....ClamAV seems to make the argument that it is.
The answer may not be so straightforward, according to Chris Pirillo:
Don't you find it a bit odd that some of these companies sell protective tools that slow our systems down, but also sell products that will allegedly speed our systems up?
What if the leading anti-virus, anti-spyware, anti-malware products were open source rather than commercial in nature?
He then quotes Peter Schwankl who argues (incomprehensibly to my mind) that open source would make virus problems worse, not better, because the virii would become more, well, virulent, whereas the antivirus programs would become too hard to crack....If you're lost as to how open source would create either problem, you're not alone.
We live in a world where there are bad people who want to write virii. We will always live in this world. While we live in this world, I think we're better off taking a community approach to antivirus: a community to report problems and a community to fix problems. That's what open source provides.
Antivirus is a classic example of where open source should thrive. The key to doing so, however, is lowering the barriers to contribution of virus alerts and definitions (and fixes), not raising them.
Amit
http://www.amit-deshpande.com/
viral_b_panchal@yahoo.com
viral_b_panchal@hotmail.com
viral_b_panchal@indiatimes.com
viral_panchal2007@yahoo.com
viral.b.panchal.london@gmail.com
info@viralpanchal.com
"
an open source community wouldn?t have the dedicated resources that a company does to produce consistent, worthwhile, and stable-running AV software
"
Haven't we heard that line before?
[http://Second - what if the guy responsible for releasing new signatures has a problem at work or with girlfriend/wife/cat that day? I'm not persuaded that there would be sufficient motivation to see it's covered. So we are exposed. Third - there is an increased risk that a VXer masquerading as a legit contributor could add code for his/her own purposes.|http://Second - what if the guy responsible for releasing new signatures has a problem at work or with girlfriend/wife/cat that day? I'm not persuaded that there would be sufficient motivation to see it's covered. So we are exposed. Third - there is an increased risk that a VXer masquerading as a legit contributor could add code for his/her own purposes.]
What if the guy working at a corporate anti-virus vendor has a bad day? Since their code and processes are a black box to us, we'd never know.
The point of OSS is that their are many (sometimes hundreds) of eyeballs looking at code committals. Any deceptive practice by one individual will likely not pass the smell test.
[http://What if the guy working at a corporate anti-virus vendor has a bad day? Since their code and processes are a black box to us, we'd never know.|http://What if the guy working at a corporate anti-virus vendor has a bad day? Since their code and processes are a black box to us, we'd never know.] First: any top-tier a/v provider will have rotas and plans to cover situations like this, they can afford to, and they can't afford not to, and they didn't become top-tier by screwing that kind of thing up. My argument is not concerned with resources, it's the management of those resources, which IMHO is necessarily too diffuse in an open source community. Second: If an OS a/v vendor's processes are open, that is again giving too much information to VXers, allowing them for example to pick their moment to launch a more effective attack because fred and barbara are away for the weekend.
[http://deceptive practice by one individual will likely not pass the smell test.|http://deceptive practice by one individual will likely not pass the smell test.] Yes ok I accept that.
Still ... it just feels wrong to me to open this stuff up, like saying it's ok to leave your car unlocked because it has an immobiliser.
[First: any top-tier a/v provider will have rotas and plans to cover situations like this, they can afford to, and they can't afford not to, and they didn't become top-tier by screwing that kind of thing up.]
If they're so awesome, why do we still have an ongoing virus problem, and why are their products becoming infinitely bloated? I can tell you from personal experience, from years of training and consulting in corporate environments... I've dealt with an awful lot of pinhead developers and IT managers at very large corporations. Just because they're "big and successful" doesn't mean they exactly have decent coding practices. (Often, good marketing + inertia wins over good tech).
[Second: If an OS a/v vendor's processes are open, that is again giving too much information to VXers, allowing them for example to pick their moment to launch a more effective attack because fred and barbara are away for the weekend.]
Then why is Linux so much more secure than Windows? (Note: I am a Windows user and not a Linux shill)
[http://Still ... it just feels wrong to me to open this stuff up, like saying it's ok to leave your car unlocked because it has an immobiliser.|http://Still ... it just feels wrong to me to open this stuff up, like saying it's ok to leave your car unlocked because it has an immobiliser.]
A better analogy, I'd argue, is saying your car is much safer with a neighborhood watch program than with the local police watching it. I'd bet on the neighbors, as they have a vested interest in keeping the neighborhood clean.