The clash of motivations: different players in the field

Allikas: KakuWiki
Redaktsioon seisuga 24. juuli 2006, kell 16:58 kasutajalt Kakk (arutelu | kaastöö) (→‎The Big Brother)
Mine navigeerimisribaleMine otsikasti


  • "The unity and clash of the opposites" (Marx) - in security context, it means two adversary sides of security keepers/providers and breachers: yet the "security industry" cannot exist without breachers
  • The scales of security vs privacy - the main point is finding the balance between them.
  • Good security is the invisible one - applies everywhere, including the online world

Malware makers

Starting from around 2000, spyware (software that will forward information about the host computer and its user to third parties without the users' consent) has gradually replaced viruses as the prime threat to security and privacy in the Internet. Spyware has gradually intertwined with adware (advertisement software), many spyware specimens contain advertisement modules as a part of their "business model". In more modest cases, the 'spying' features focus only on recording the web pages that the user visits (however, these may also be forwarded to the software authors) and the data is used to display relevant advertisements - e.g. if someone regularly visits websites dedicated to hunting, s/he will get ads on outdoor goods, hunting rifles, maps etc.

Gradually, this relatively innocent spying made way to more serious business as some of today's spyware will target sensitive information stored in the host computer.

Ordinary Windows users are more than often in blissful ignorance, until the machine starts to slow down. There have been cases when people are buying new computers due to the old one 'becoming too slow'... It is common that incompetently managed computers have got literally thousands of instances of spyware installed, which will seriously hamper its performance.

The Big Brother

Wikipedia: Magic Lantern

WOO, C., SO, M. (2002) The Case for Magic Lantern: September 11 Highlights the Need for Increased surveillance. Harvard Journal of Law & Technology, Volume 15, Number 2, Spring 2002.

Security business

There is a joke about two doctors, father and son. Once a long-time patient of the father goes to the son, and in two months, gets rid of his problem. The son goes proudly to the father: "Dad, you treated Mr. Smith for seven years. I solved his problem in two months!". The father replies: "Son, I used his money to pay for your education."

Of course, security as business subject is not the product of the information age. From the early days of mankind, people have paid others to keep them safe. Kings had their guard, countries had their armies. In modern times, we have police and security firms. And probably already the earliest security specialists realised that a) security is about selling a safe feeling, and b) it is wise to keep potential threats at bay, not eliminate them - thus ensuring that there is work for tomorrow as well.

Even if we now speak about security of bits and bytes, the main things remain largely the same. The large companies offering a wide variety of computer security solutions benefit a lot from the chaotic situation in the Net. One might argue that the day when all malware and spam will be gone from the Net will be an unhappy one for McAfee, Sophos, Kaspersky, F-Secure... These firms would not like the day when everyone would use Mac or Linux either.

For discussion

  • Would you rather invest in a fully specialised anti-malware company or a company which has malware fighting as a smaller part of their business?


  • What's In a Name? - from the F-Secure Weblog; a very good example of rogue 'anti-spyware' programs which are in fact spyware themselves.