Throwback Thursday: The Updating Game

Posted by   Virus Bulletin on   Jul 2, 2015

This Throwback Thursday, we turn the clock back to 1997, when automatic updates of AV software were not the norm.

We all know that the malware scene has changed almost beyond recognition in the last 25 years — one clear indication of that is the fact that, in 1991, we were being advised by the experts to update our anti-virus software on no less than a quarterly basis: four times per year.

In today's age of automatic updates, the idea of updating anti-virus software just four times a year seems laughable — and the idea of there being no other choice than to update manually (whether four times per year, once a month or once a week) not only seems strange, but also seems to put a lot of onus on the weakest link in the security chain: human end-users.

In 1997, VB's then Technical Editor Jakub Kaminski wrote: 'Soon, those programs which are able to find the relevant developer's site, download their own upgrades, and distribute and install themselves through users' networks will be the clear winners.' He wasn't wrong and by 2004, Sophos's Graham Cluley was telling us that 'Effective anti-virus protection includes the ability to poll automatically for security updates on an hourly basis.'

Jakub's forward-thinking editorial piece, in which he comments 'giving users access to daily updates is becoming a necessity for those who want to stay in business' can be read here in HTML-format, or downloaded here as a PDF.

A later piece, by Rob Rosenberger, compares reliance on anti-virus updates to an addiction to prescription painkillers, bringing us the bad news that 'Even persistent updating won't be enough ... Because anti-virus firms spend hours preparing each injection before you can download it. You'll still be lagging behind the latest virus threats when you finally switch to an intravenous update.' Rob's cheery piece can be read here in HTML-format, or downloaded here as a PDF (no registration or subscription required).

Posted on 02 July 2015 by Helen Martin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

VB2021 localhost is over, but the content is still available to view!

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.