Thursday, January 13, 2005

anti-virus developers, listen up!

take a look here... (Message-ID: wa6dnTcvF_JsK3jcRVn-qA@comcast.com if the link is broken)

this poor user has a virus stuck in his email and he can't figure out which message it is that he needs to delete... folks, do me a favour, when you detect a virus inside what you recognize to be an email envelope could you report not just the virus name and filename but also some kind of identifying information for the email in question (From:, To:, Subject:)?

i mean really - when your product detects a virus in an email database and it can't clean it, without this information you might as well be telling the user "there is a virus somewhere on your computer"... that's just too vague to be useful...

more from crazyworld

f-secure's blog had 2 good links showing both supposed sides of the guillermito vs. tegam issue...

tegam's press release described their displeasure at having their company violently depreciated (violently? ok, maybe thats just a translation thing, but they're obviously trying to appeal to our emotions rather than logic) for years and how a hardheaded search for vulnerabilities (what might otherwise be called persistence) is somehow wrong and unfair and that other companies don't get treated that way (even though they do - one need only look as far as invircible and it's creator zvi netiv for an example of that; martin overton's chekmate didn't escape notice either, and there are plenty more examples)...

guillermito's side seems reasonably well laid out and unmired by marketing double-talk, along with examples (scanned full page advertisements) of tegam claiming he was a terrorist and that the FBI was looking for him...

tegam's press release suggests they're upset at the negative publicity guillermito has caused them, that it's hurt their public image, and yet they are the ones making false terrorist accusations... their legal complaint against guillermito doesn't seem to contest the validity of his claims, it only charges that he reverse engineered their product in a way that was not legal... you'd think if guillermito's claims about their software was false and that it hurt their reputation so much that there would be some sort of charge of defamation or something... i suppose guillermito must have a strong defence against such a defamation charge (like his claims being the truth)...

tegam - stop being such petulant children and take responsibility for your failures...

Tuesday, January 11, 2005

and in crazyworld, people can go to jail for finding bugs... did i say crazyworld? i meant france...

on fark this would probably get the [Asinine] tag... if you haven't heard about guillermito vs. tegam then count yourself lucky for the bliss that is your ignorance...

long story short: tegam produced a very, very bad anti-virus product, called viguard, and made classic snake-oil claims... guillermito (ok, not his real name but i always go by the first name i know a person by) produces a report that documents how bad the anti-virus is, complete with exploits... tegam sues guillermito for counterfeiting/criminal copyright infringement... guillermito faces 4 months probation in france (kind of a long way to go to see your probation officer when you currently live in the states and are working at harvard - assuming probation works in a similar fashion there) and a hefty fine...

what is the moral of this story? do you think it's that you should keep your mouth shut when companies LIE to the public? do you think it's that france's justice system is borked?

no, the moral of this story is that tegam cannot silence criticism with lawyers - the publicity from this case will point everyone towards the truth - any possibility of them re-establishing secrecy for their product's problems is gone - the only purpose the lawsuit can serve is to punish someone for telling the truth - and on the internet things have a habit of never going away, ever...

the free market works best in the presence of an informed consumer... tegam may win in a court of law, but the court of public opinion is a different beast entirely... vote with your wallet, folks...