Truth About Computer Security Hysteria
Symantec invested money in sulfnbk.exe hysteriaRob Rosenberger, Vmyths co-founder
Saturday, 9 June 2001
I'VE RANTED FOR years about callous public relations. Amoral & immoral PR gurus work tirelessly to create "earned media exposure" for antivirus firms. You know it better as "free publicity."
We pay antivirus firms to fight viruses, but their experts spend a lot of time fighting hoaxes — because it's profitable.
When the press gets hooked on a computer virus — either an apocalypse to come or an armageddon in progress — you'll find antivirus vendors lined up with press releases and talking heads. "Quote us! Quote us!" And reporters fall for it every time. The whole thing strikes me as nothing more than a co-dependent relationship between the media and the antivirus industry.
Reporters think they control their little love affair, but they don't. "I have the free ink," they rationalize. "I can give it to anybody I want." Antivirus firms know the press has a fetish for juicy virus stories, and they wrote the book on how to manipulate reporters. If you know your South Park movie trivia, you know exactly what I mean. Satan is the media; Saddam is the antivirus industry. It's a beautiful (and equally cartoonish) co-dependency. And you know who really runs the show.
Ah, but I digress...
So anyway, it pleased me when Trend Micro called during the sulfnbk.exe hysteria. They didn't want to combat a hoax — they wanted to keep fighting viruses. PR spokesmodel Susan Orbuch asked if she could herd reporters & panicky customers to Vmyths.com. Trend Micro decided to leave sulfnbk.exe to the virus hysteria experts. How refreshing!
On the other hand, Symantec, Sophos, and Computer Associates launched their PR teams when sulfnbk.exe hysteria reached critical mass. From my biased perspective, it looked like each firm wanted to "own" the attendant media coverage.
I call my perspective biased because ... well, because we at Vmyths.com fight virus hysteria for a living. How dare an antivirus firm try to take away our well-earned media exposure! I wanted the industry to follow Trend Micro's lead and get back to the job their customers pay them to do.
I mean, c'mon! You guys admit you couldn't even stop a college student from nearly destroying the Internet. You lose sight of the big picture whenever you get sidetracked by hoaxes. If you want to join the fight, then start selling anti-hoax products. Otherwise, scamper to the drawing board and come up with the antivirus software we need to protect us from all the virus technology you continue to give to the Chinese governm--
Uh-oh, did I rant directly at the industry again? Gotta remember not to do that. (Forget what I said about China.) My bias shines through like a beacon in the night when someone steps on my turf.
Okay, I'll bite. If antivirus firms want to fight hoaxes, then why don't they sell anti-hoax software?
Symantec seemed to earn the most exposure here in the U.S., while Sophos seemed to dominate the English-speaking European media. My bias shines through when I admit I appreciated Sophos' attempts to own the hysteria. They hold a strong set of credentials when it comes to anti-hype. (Relatively speaking, of course.) But Symantec? Get real.
Vmyths.com's livelihood hinders my ability to critique anyone who tries to quell a "Type 2 hystericane" like sulfnbk.exe. Antivirus firms could easily manipulate reporters with the wave of a hand. "Rosenberger runs a struggling little dot-com and he needs your free ink, that's all. It is our job to protect users' PCs from malicious attacks. And this one is malicious to users. And we really are just trying to help..."
Just trying to help, eh? Then let's see you write some anti-stupidity products. You could start by automating the setup of PC security options. You still expect your customers to follow complex instructions after all these years. Why can't we make recommended security changes with the click of a button? If you can't do such a simple thing after a decade in the antivirus business, then why should anyone trust you to save them from their own gullibili--
Uh-oh, did I do it again? Gotta remember not to do that. (Forget what I said about PC security automation.) So anyway, I felt helpless to critique the industry for riding on the coattails of sulfnbk.exe. You win some, you lose some, right? I stowed my biases and began doing research for a post-mortem analysis of the hysteria.
Then I stumbled across one of Symantec's well-known advertising ploys.
Symantec paid the Google search engine to channel sulfnbk.exe searches to their website! I took this screen snapshot on the night of 7 June 2001, a full week after the hysteria climaxed. Symantec didn't just want to "own" the hysteria — they wanted to profit from it. And they considered it worthy enough to invest money in the idea.
My, my, my. We invested money in Vmyths.com for almost the same reason. (Almost.)
Symantec built a perpetual motion PR machine — it creates and dispels virus hysteria. What a concept!
Think about it. What does Vmyths.com do for a living? Answer: we fight virus hysteria. Ironically, we profit from the very hysteria we seek to destroy. Why does Vmyths.com refuse antivirus ads? Reason: antivirus vendors created and sustain our business model. We maintain our integrity by banning our most lucrative source of income. Its corruptive influence would only add to our irony, thank you very much.
You have to appreciate the irony here, folks. Symantec built a perpetual motion PR machine — it creates and dispels virus hysteria. What a concept! It puts the Vmyths.com business model to shame.
So thank you, Symantec, for placing a monetary value on virus hysteria. You validated the critical role we play in the antivirus industry. We at Vmyths.com never thought we'd compete with you for market share and media exposu--
Uh-oh, did I do it again? Gotta remember not to do that. Now if you'll excuse me, I need to call our corporate backers. "Hello, Eric? It's Rob. I smell an IPO! Listen closely. Tell Phil to issue a press release..."