Truth About Computer Security Hysteria
McAfee's advice fails the test of logicRob Rosenberger, Vmyths co-founder
Thursday, 2 December 1999
McAFEE'S ADVICE FAILS the test of logic. This verbatim warning appeared both on their website and in an email "dispatch":
IMPORTANT - If you receive an email with the message "I received your email and I shall send you a reply ASAP. Till then, take a look at the attached zipped docs.", DELETE IT IMMEDIATELY! It will have an attachment called "zipped_files.exe"; DO NOT DOUBLE-CLICK OR RUN THIS ATTACHMENT!
All those who think it reads like a hoax virus alert, raise your hand...
McAfee wants us to (1) memorize an evil phrase, (2) search for it in emails using our eyeballs, then (3) use eye/hand coordination to delete any evil emails we find. We'll need to memorize, look for, and delete email when the next evil phrase comes along. We'll do the same when yet another evil phrase pops up. We'll eventually get frustrated and clamor for a product which can automate this process.
Waitaminit! McAfee already sells such a product. It's called "VirusScan." It's only been around for a decade, but don't let its youth & inexperience deter you. It memorizes thousands of evil phrases (called "signatures") and looks for them in the nooks & crannies of your hard disk. It wipes out any viruses it finds, too. VirusScan even binds itself to email software so it can check attachments for viruses the instant they arrive.
McAfee told users to do manually what their own software could do automatically. Why don't they upgrade their decade-old product to detect evil phrases in an email? Why doesn't McAfee automatically delete email with an attachment named "zipped_files.exe"?
Now you know why McAfee's advice fails the test of logic.
Yeah yeah, many office virus experts parrot this advice. Why do I pick on McAfee? Quite simply, they should know their advice fails the test of logic. They shouldn't go around telling customers to do manually what their own software should do automatically.
It pleases me to say I didn't find this kind of advice at websites run by AVP, Command Software, Computer Associates, Content Technologies, Data Fellows, Sophos, Symantec, Trend Micro, or Worldtalk.