Do you remember “Comical Ali”, also known as Mohammed Saeed al-Sahaf, the Iraqi Minister of Information for the brief duration of the second Gulf War. He was famous for bombastic quotes such as “Our initial assessment is that they will all die” and bald-faced denials like “I triple guarantee you, there are no American soldiers in Baghdad.” (One of his final remarks before retiring).

I was reminded of him just a few days ago when Symantec chairman and CEO, John Thompson, was reported as saying “The problem of worms and viruses is ‘solved’.”

He must be suffering from some anti-virus information disorder. Admittedly he didn’t say “I triple guarantee you that that you’ll never get infected by a virus or worm again.” In fact, in case I’m accused of quoting John Thompson out of context, he went on to say that Symantec intended to focus on some quite new (for Symantec) areas of security technology. John is trying to reposition Symantec as your friendly neighbourhood IT Security company rather than “AV for the masses”, but nevertheless that’s no excuse…

Let me introduce you to quite a different headline, which I had been saving for a rainy day, but hit the press a mere 10 days before John Thompson made his outrageous statement. It cries out to be used here:

FBI study shows 97 percent of organizations have anti-virus software installed, yet 65 percent have been affected by a virus attack at least once during the previous 12 months.

John, I don’t mean to be rude, but your AV technology is scandalously ineffective.

The only plausible explanation for you making the statement that you made is that you have been briefed about one or more of the software authentication companies; AppSense, Bit9, Savant Protection and SecureWave, that take the correct technical approach and actually do stop viruses and all other forms of malware. Yes indeed, the problem of worms and viruses is ‘solved’, but not by Symantec.

Today’s AVID theme is; AntiVirus Is Disruptive. What am I talking about? Well, as regular readers already know, because I keep unearthing and publishing evidence that demonstrates it, AV technology doesn’t block malware effectively. It is horribly flawed, primarily because it takes the wrong approach to the problem. Rather than give you a mosquito net, it tries to recognise every mosquito. Actually (as evidence I recently published shows) it doesn’t even manage to recognize all known mosquitoes and is pretty much useless when it comes to recognising any previously unseen mosquito.

What to do? Well the thing to do is to get a mosquito net from one of the vendors that provide them. These companies are; AppSense, Bit9, Savant Protection and Secure-Wave. All of them have technology which works by blocking anything new that turns up and either stopping it dead or holding it in some kind of quarantine until its intentions are known.

Companies in the US and Europe are now gradually adopting this technology with the result that they no longer suffer the expense and annoyance of frequent virus infection. In the longer term, we can look forward to a time where viruses can no longer spread because their rates of proliferation will be dramatically cut.

But in the mean time, there is still a large number of companies that have drunk the AV KoolAid. What is the experience of these companies—aside from the fact that they regularly suffer virus infection? The sad truth is that their PCs run much slower because, in failing to protect you adequately from viruses, AV software chews up a whole lot of computer resource.

How much? According to an article by George OU entitled Proof that Antivirus makes your PC crawl, “desktop Antivirus suites all appear to make your PC run slower than a 5 year old computer”. George didn’t actually do the investigative work on this. It done by Oli.

So AntiVirus disrupts your PC’s performance. If you’ve converted from the PC to a Mac recently and you’re wondering why the Mac is so comparatively fast, this may be one of the reasons.

I had hoped that Sun Micrososytems wasn’t going to fade away after its dot-com-decline. The decline finally did for Scott McNeally earlier this year and placed Jonathan Schwartz on his erstwhile throne. Jon’s doing well. Actually I have to confess that I’ve grown partial to him from reading his blog (http://blogs.sun.com/jonathan) which is intelligent (IMHO) and doesn’t over-promote Sun.

Jon was out meeting the press this week to tell them about Sun’s Data-Center-In-A-Box—that’s not a brand name, just a convenient description of an array of computers in a container. Assuming that you want such an array (consisting of 35 AMD or SPARC servers packed into a container) then $500,000 looks like an economical price to me, because you can park this container anywhere that has a 500 kW (redundant) power supply, Internet connection and a water supply.

This means not having to build a new data center any time, soon if ever. You just keep on adding containers until you run out of parking space and then you buy more parking space close to an electricity supply. You may not appreciate how clever this idea if you are unfamiliar with the economics of building data centers. For starters, data centers are the most expensive office space there is, more expensive even than plushly furnished boardrooms that are rarely occupied. (Think massive air conditioning, raised floors, sprinkler systems, etc.)

Also, nowadays we have the cooling issue, born of the fact that Moore’s Law didn’t just give us fast chips, it gave us hot chips. Sun addresses this issue with a “cyclonic cooling” system (which works just fine in a container) that it claims is 5 times as space efficient as a traditional data center and 10–15 percent more power efficient.

As a quick aside here, I’ve noticed that major server vendors—IBM, HP and Sun—are all positioning themselves as “cool” server vendors in various ways, and yet there’s a severe trend out there of data centers getting too hot. Are we to presume that it’s all the fault of Dell?

But never mind, I’m inclined to believe that Sun has come up with a very neat solution here. It may drive a whole new trend with its data-center-in-a-box, and if it does, then Sun may soon be whole lot stronger and on balance that will be good for the industry.

AntiVirus Ironically Damaged is this week’s alternative meaning for the AVID acronym. I am thinking here of the howls of protest from Symantec and McAfee because of security features that Microsoft has put into Vista. McAfee put a full page ad into the UK Financial Times to record it’s displeasure. Symantec has complained to the EU (the only government body in the world that dares to fine Microsoft for antitrust behaviour).

So there we have it. The most remarkable of ironies. AntiVirus companies, who fail to offer effective protection against viruses, howling and screaming because Microsoft, the company that IT security forgot, wants to make it harder for viruses. Basically, if I understand it correctly, Microsoft intends to whitelist (i.e. apply software authentication to) the Vista kernel so only valid kernel components run.

If you are a first time reader of the AVID thread, you may not know that there is technology (software authentication technology) from 4 companies; Savant Protection, SecureWave, Bit9, and AppSense, which stops all viruses and completely cures the malware problem. So why isn’t Microsoft implementing the full security solution and applying software authentication to the whole of Windows? After all, it could.

There are only three possible explanations, so take your pick:

1. Microsoft’s security team are unutterably stupid and also don’t read the AVID postings here. So it hasn’t occurred to them to apply software authentication to the whole environment.
2. Microsoft really does want Vista to be as secure as Apple’s OS X, but they are afraid of antitrust action being initiated by Savant Protection, SecureWave, Bit9 and AppSense. (They can’t possibly be afraid of such action from AV vendors because AV technology provably doesn’t stop viruses effectively.)
3. Microsoft realises that if it completely implements software authentication it will prevent all virus infection (of Vista and other versions of Windows going forward). And that would mean it had only a slim chance of getting a share of the $4 billion revenues that the AV vendors make from failing to adequately protect PC users.

Digg, Del.icio.us and Stumble Upon are suddenly where it’s at. Just for fun, I’ve been using the above three web sites/information services over the past 6 months or so. I was doing it to see whether the concept of “social networking” really works (for me). The idea of these services, by the way, in case you missed them somehow, is that they recommend sites and web pages for you. (Social networking and Web 2.0 now seem to have taken on the same meaning, but I’m not sure why).

• Stumble upon is for entertainment mainly (I use it when I’m bored because it throws up interesting web pages http://www.jigsawdoku.com/ for example).
• Del.icio.us is for serious web research. I prefer it to Google when I’m looking for good information sources.
• Digg is for news. It’s especially good for technology news.

Here’s my conclusion; social networking is a powerful force. It harnesses the power of the group. It changes the Internet dynamic.

None of these sites are going to change the world.

We’re done here—for the moment.