Rory Reid
Rory's earliest memory is of taking the back off his radio to see what was inside. His mum wasn't happy. Nowadays he breaks other people's stuff for a living: the latest laptops and even high-tech automobiles crumble and die at his hands.
Wednesday 12 December 2007, 11:49am
Open-source anti-virus -- the silent killer
People recommend I use open-source software all the time. The Nate Lanxons of this world extol the virtues of Ubuntu and OpenOffice as if these apps were their own offspring. They tell me the programs are free, easily available and in many cases just as effective as their commercial counterparts.
For the most part, I agree -- except where security is concerned. The idea of entrusting the safety and integrity of my data to a piece of software cobbled together by spotty teenagers and smelly men who prioritise facial hair over bodily hygiene is extremely insulting to me. I'd rather hire a rabid pit-bull as a babysitter.
In my opinion, the open-source model simply doesn't work for something as fast-moving and potentially catastrophic as malware. Whereas commercial vendors such as Trend Micro and Symantec have hordes of software engineers in different time zones writing new signature files within minutes of a new virus appearing, Mr Open Source Developer is more likely to put it off until he's finished eating his doughnut and picking his nose. By that time, you're more infected than a teenager in an STI walk-in clinic.
Sure, Linux users aren't that likely to get viruses in the first place, but many Linux file and mail servers pump venom to the Windows boxes they service -- like carriers of a digital disease. And don't talk to me about heuristic scanning, because that's about as effective as a life raft made of cheesecake.
Linux versions of commercial anti-virus applications do exist, but I'm guessing nobody really uses them. Linux users are so deeply oblivious to the dangers of the common virus, and so averse to the concept of actually paying for software, that many simply won't bother.
Think of this as a wake-up call. If you're running Windows and decide to use open-source anti-virus programs such as Clam AntiVirus or ClamWin, you're an idiot. Plain and simple. If the predictions of some anti-virus companies (yes, they're biased, but I did say 'if' -- here's an argument against) come to fruition and Linux becomes targeted by virus makers en masse, the open-source community may not be there to save you. They'll be too busy coding themselves a virtual girifriend.
Comments on this post
I totally Agree with your Comment, although i work for a bit of a money grabbing company part time. Many people ask me what is more effective againt viruses, why do i have to keep on spending money on antivirus programs when i can use free ones. My answer is pretty simple, the reason you have to pay for it is becasue there are hundreds of developers working around the clock to make sure you dont get viruses. All those free antivirus programs aren't made by people with lots of money and do this for fun, they are just tight fisted and when they can be bother will try and send out updates to your PC.
Posted by James Hogg on Thu 13 December, 2007 11:07 AM
Offensive? Inappropriate? Report this comment
Mmmm... cheesecake...
Posted by Rich on Fri 14 December, 2007 12:30 PM
Offensive? Inappropriate? Report this comment
Hahaha! Please... How can anyone take this seriously?
Posted by Pete on Sun 30 December, 2007 11:43 PM
Offensive? Inappropriate? Report this comment
Some of the most expensive and respected security appliances base their anti-virus protection on open source applications.
Posted by tim jones on Thu 3 January, 2008 5:06 PM
Offensive? Inappropriate? Report this comment
Why not make critical arguments rather than use obscure or stereotypical metaphors. Oh well, it's your blog.
Posted by Anonymous on Thu 10 January, 2008 5:59 PM
Offensive? Inappropriate? Report this comment
I'm all for open source and freeness but when it comes to security I agree I can't afford to experiment and take a risk on someone's goodwill in sending updates. Saying that however - do you know what Anti-virus software Virus writers and hackers usually use? None! They are not dumb enough to be duped into opening an email called "i love you" from a total stranger or go to "paypal.fake.com" etc. So if we are tech savvy enough we shouldn't need to rely on our anti-virus everytime we go online and make an ass of ourselves by downloading "britney's unseen video" or whatever nonsense people get duped into downloading. I still have a commercial anti-virus app but only because I was in the beta and then they practically gave me a years subscription when the beta ended.
Posted by David on Thu 17 January, 2008 9:13 AM
Offensive? Inappropriate? Report this comment
"Linux versions of commercial anti-virus applications do exist, but I'm guessing nobody really uses them." Indeed, why let ignorance be a bar to commenting on something? FYI, the last place I worked used Sophos on a Linux mail gateway. Where I work now we host mail across 30 domains for customers on a pair of Linux MXes running Trend.
Posted by alex dekker on Fri 18 January, 2008 4:28 PM
Offensive? Inappropriate? Report this comment
"abstinence" from dodgy-looking sites is no way to stay safe. Your computer is open to attack the MINUTE it's connected to the Internet. If you're running windows You NEED an Internet security package.
Posted by Rory Reid (CNET.co.uk) on Thu 24 January, 2008 1:12 PM
Offensive? Inappropriate? Report this comment
Get a clue dude. Maybe talk to some real security experts. You will find that your opinion on open-source security is not in favor.
Posted by Thor on Sat 2 February, 2008 9:14 PM
Offensive? Inappropriate? Report this comment
"chastising hapless consumers for swallowing the industry's lies" Quite... Did you get paid by M$ to write this?
Posted by Anonymous on Sun 27 April, 2008 11:49 AM
Offensive? Inappropriate? Report this comment
Spot On Rory! - If you're in business (the real world); pay for it. For those who are somewhere else, stick with your open source; you got nothing of any significance on your computers to loose anyway:-)
Posted by John H on Mon 28 April, 2008 11:03 AM
Offensive? Inappropriate? Report this comment
Ya-ya-ya, you're almost right, there's no comparative between a "pro-bono" and a well-paid person (there's a lot of anger inside of you) ... but, it's impossible a huge company develops a Linux anti virus just to not support it ... I mean, Linux users do exist (loooots) and represents a considerable part of a company's earns.
Posted by Fernando on Tue 27 May, 2008 2:45 AM
Offensive? Inappropriate? Report this comment
There are plenty of free non open source anti virus providers. That and if pc format guys say dont visit dubious sites dont get viruses then ill believe them because they have much more expensive equipment and computers to guard.
Posted by John on Wed 16 July, 2008 11:25 PM
Offensive? Inappropriate? Report this comment
I find it amusing that you can tag comments as offensive or inappropriate, but not the article itself. Whatever the validity of the author's predictions, the delivery is unnecessarily caustic. Cheap shots, each and every one.
Posted by Matt on Mon 25 August, 2008 6:11 PM
Offensive? Inappropriate? Report this comment
why do you insist on categorising all the members of the open source community with such stupid meaningless stereotypes? should i be suggesting that you are more likely to steal cars because you're black? no... grow up
Posted by mike on Thu 4 September, 2008 2:33 PM
Offensive? Inappropriate? Report this comment
You folks are all stuck inside the box with the lid glued shut. Those of us that can think outside the box can tell you the problem lies in the OS. Apple/Mac didn't need a virus scanner for years while Microjunk was being eaten alive by every snot-nosed punk that thought it was cool to break things that belong to someone else. And no, I am not an apple fan although their OS is far surerior to the Microgarbage I run on my Inhell processor based box. And if the conspiracy theorists have any credibility, then a lot of the viruses are being made by the "engineers" writing the anti-virus software programs. After all, it is easy for them to create their own job security. BTW Rory, the Open Source community may have its fair share of doughnut eating nose-pickers but why would you put more trust in the thieves that are creating the need for their own product.
Posted by Stephenopolus on Tue 9 September, 2008 5:02 PM
Offensive? Inappropriate? Report this comment
Uh oh, bad, bad, bad... You don´t really understand it so i´ll explain this to you graphically, you see, in my normal computer (laptop) i use ubuntu/debian, i have iptables well configured and, as extra-security i have installed clamav... It haven´t detected any virus yet so i´m happy :) But, my dad's computer is a bit different, it runs windows XP and (the most damagin thing) my 10 years old sister uses it. So you can already see what´s coming, i administer the computer software and all the security stuff. I have installed there comodo firewall (free version) and clamwin, and my father installed norton because he still thinks that it´s usefull (instead of using kaspersky or nod32 which are better). So far clamwin have detected 10 trojans and some other malware and Norton still haven´t found any of them. Oh yeah, you can say: clamwin is just generating false reports. Well, last night i used it and detected one malware, then i went to kaspersky site and made the online scan, just to confirm it. Guess what, kaspersky detected it too, while norton was just saying that there wasn't any viruses. So, you now know what´s the true, clamwin rules, and norton sucks. Clamwin doesn´t rules as much as kaspersky which says you about patches and all that, but still rules >.<, maybe as much as nod32 (or a little less).
Posted by debianusr on Wed 17 September, 2008 7:09 AM
Offensive? Inappropriate? Report this comment
This is the most unprofessional article I have ever seen written on CNET. I found this article on Google while researching whether the open-source model is ideal for antivirus. I believe in the open-source model (for evidence, see Unix). I did not get one bit of worthwhile information from this article. No specifics, just immature generalizations and pathetic attempts at witless humor. This may be a blog, but being on CNET it should still have at least a certain degree of professionalism and practical value. This is little more than an angry diatribe. I get the impression that the author of this article is beyond shame to have written this in the first place. So I believe the people who should truly be ashamed is CNET, for hiring this idiot in the first place. I'm now going to continue my Google search, having wasted the last 10 minutes of my time on this sorry excuse for an article.
Posted by Kris on Wed 17 September, 2008 10:55 AM
Offensive? Inappropriate? Report this comment
The person who wrote this article calls himself a computer expert. Maybe more a geek wanna be I'd say! Let me guess....probably owns a games PC and can't wait for the latest graphics card to come out. Proprietary software is inovative in many ocasions, but it has a major disadvantage. It is not flexible!!!! Some big brains work behind both proprietary and open source software, but the real difference is done by the numbers in this case!!! The amound of brains behind open source software is unlimited, and that makes massive difference!!! I'm not talking about useless burned brain-cells who cannot think....these people have a functional brain who can think in computer code!!! In my experience there is nothing like a well developed open source application, and I use a lot of them instead of paid software. Now as this article base its arguent in anti-virus...I will have to agree that there are some good software you have to pay for. Open source software usually is created when there is need....and by having the AGV free-edition the need is satisfied. And people do not forget the spyware......all the effective anti-spyware software is open source!!!
Posted by George on Tue 23 September, 2008 7:57 PM
Offensive? Inappropriate? Report this comment
"Linux users are so deeply oblivious to the dangers of the common virus, and so averse to the concept of actually paying for software, that many simply won't bother." Nonsense, Linux users are far more computer savvy than Windows users. Linux users are also far more educated about computer security as well. Ask almost any typical Windows user what a digital signature is and how to check if a file is digitally signed (or if it's been tampered with) and they will have no clue (or what it means to view/compare/scan a file from outside the OS, ie: with a Kanotix disk). A linux user is far more likely to know. Heck, I can ask just about any computer security question to a Linux vs Windows user (ie: what are ports and how does a firewall block them) and the Linux user is far more likely to know. This computer (and many others) has WinXP with no memory resident antivirus and I've been using Win9X a long time ago for a very long time with no memory resident antivirus. Many techs I've talked to don't have antivirus programs (ie: my MIS teacher and Steve Gibson doesn't use them either) and we simply don't get viruses. I've also used linux with no memory resident antivirus and I never got viruses. The main thing is to keep your operating system patched and updated (be it windows or linux), keep your software patched and updated, be careful what you download and what websites you visit and make sure you are behind hardware firewalls (ie: router and modem). Heck, a Linux user is far more likely to know when his system is acting strange (ie: slow or buggy/crash happy), know when it's time re - format and re - install and have backups so that they don't have to worry about losing data. Don't give me this nonsense that Linux users know nothing about this stuff, they are far more educated about it than Windows users and it's because of their education that they don't need antiviruses so much. Sure, I do have Clamwin on this computer (more of a formality because I hardly ever user it, but just in case I need to scan something) and I do agree that, for a typical Windows user, a commercial antivirus is better (especially if it's for business purposes), but don't tell me that linux users are more ignorant about this stuff than Windows users.
Posted by Bettawrekonize on Thu 25 September, 2008 5:18 PM
Offensive? Inappropriate? Report this comment
Interesting ... Linux (open source) servers practically run the Internet. Kinda risky for an "open source" product, don't you think??? Imagine an Internet primarily based on Windows servers ...
Posted by tcare on Thu 16 October, 2008 7:35 PM
Offensive? Inappropriate? Report this comment
Well, I was actually looking for a good open source virus software when I saw this...and I will continue to search for open source virus software for a Mac. This author has used very very poorly by the way, stereotypes of a normal computer "nerd". I wonder how much he got paid by a propietary company to say this crap? A lot of opensource developers do have jobs as software, computer, or electrical engineers. And yes some are high schoolers or college students. Though they normally end up as engineers. When people start do something themselves they normally start to do it better than companies with deadlines, because in the opensource world, its done when its done. Not done when it mostly woks. Plus open source hackers usually tell you what the issues(if any) exist within their program and tell you how to work around them. There are also varius mailing lists (especially for large projects) that you can subscribe to and see actually what is going on with the project, that is if you understand it (doubt this article's author could actually understand anything, as he probably is just a dumb journalist)
Posted by CompE major at CWRU on Fri 17 October, 2008 12:55 AM
Offensive? Inappropriate? Report this comment
Hey CNET - If I start trolling around saying stupid crap and generally being prejudiced against a group of people can I have a job, too?
Posted by TyphoidHippo on Thu 23 October, 2008 3:28 AM
Offensive? Inappropriate? Report this comment
Sorry. In my opinion, the Open Source is here to stay. Free applications are getting better and are widely used. As you can see, Apache and PHP are better than Windows/ASP for example. If open source antivirus aren't the best, they can offer a good solution for people who can't afford more expensive software.
Posted by Ed on Thu 23 October, 2008 9:04 PM
Offensive? Inappropriate? Report this comment
This guy doesn't do his reading assignment.
Posted by Perkin on Sun 16 November, 2008 3:35 AM
Offensive? Inappropriate? Report this comment
This post is purposefully inflammatory and deragotry. Really? Nose picking jokes? This post's author also pretends to not be aware of the ways that the gnu-linux operating systems are simply superior in security to Winows. Most importantly, the Linux OSes manage to not run programs at administrator levels without annoying UAC.
Posted by elmox on Sun 23 November, 2008 5:30 PM
Offensive? Inappropriate? Report this comment
This is the most unprofessional article I have seen on CNET. Very bad.
Posted by Roy on Sat 29 November, 2008 5:09 AM
Offensive? Inappropriate? Report this comment
I was searching for Open Source Antivirus to research them when I came across this ridiculous blog post. The excrement spewed from Rory Reid just took 5 minutes of my life and gave me nothing in return. This is a diatribe of childish name calling and nothing more. If nothing else, Mr. Reid has proven to all who view this post that he is such a poor writer that he offered not one single FACT in the entire post. Mr. Reid you are either extremely ignorant, or you were paid by a for-fee A/V company, wonder which it was? I should be compensated for wasting my time and you should get an education in journalism.
Posted by icantbelieveitsnotbutter on Wed 3 December, 2008 12:17 AM
Offensive? Inappropriate? Report this comment
I would be glad to explain to you more about Linux and the Open Source community but what could be said to such a pompous fool.
Posted by Shawn on Thu 4 December, 2008 8:24 PM
Offensive? Inappropriate? Report this comment
Articles by Rory Reid
Dell Studio Hybrid
Review While there are a plethora of nettops on the market that offer -- at a basic level -- the same sort of package performance as the Dell Studio Hybrid, they are not as customiseable. You can alter the Studio Hybrid both internally and externally according to your personal preferences. The icing on the cake? It is eco-friendly
Photos: Asus G71V quad-core laptop
Photo Yesterday, the boys and girls of Asus sent us the G71V gaming laptop, and it wasn't long before we were drooling everywhere. Check out the pics
Hands on: Oregon Scientific ATC3K Extreme hands-free camera
Crave If you're the type of person who shouts "Gnarly!" at the top of your voice, you might want to check out the Oregon Scientific ATC3K Extreme hands-free camcorder
LG Netbook X110
Review As far as we know, the X110 is the first laptop LG has ever released in the UK. This standard-fare netbook has the added bonus of integrated 3G, is extremely comfortable to use and comes in three different colours. If you don't mind committing to a 24-month Phones4U contract, this might be the netbook for you
Photos: Porsche Panamera Gran Turismo is a hybrid!
Photo Remember a few weeks ago when Lamborghini unveiled a 4-door supercar concept? Well Porsche has one, too, and it's called the Panamera Gran Turismo.
Sony Vaio TT
Review Sony's T series has always represented the ultimate in ultraportable computing and its latest incarnation, the TT epitomises everything the series stands for: it's attractive, has great connectivity and is highly portable. Netbooks offer similar functionality for a fraction of the price, but the Sony Vaio TT is the best money can buy
tikitag: RFID for the masses
Crave Here at Crave, we're huge fans of radio frequency identification (RFID) technology, so it's no wonder we got excited when Firebox handed us the tikitag system
Shuttle x27D
Review The X27D is the fastest nettop-style machine we've ever tested. Its dual-core Atom 330 CPU makes it a far more robust solution than PCs such as the Eee Box. It's a little too noisy for our liking, but it's affordable, attractive and perfect for lightweight computing tasks like surfing the Web or watching digital movies
