Computer Viruses for Dummies


Paul Baccas

Sophos, UK
Editor: Helen Martin


Paul Baccas reviews: Computer Viruses for Dummies, by Peter Gregory

See Computer Viruses for Dummies on Amazon.

Title: Computer Viruses for Dummies

Author: Peter Gregory, CISSP, CISA

Publisher: Wiley

ISBN: 0-7645-7418-3

As a publishing phenomenon the 'for Dummies' series has run the gamut from A to Z over the academic and not so academic disciplines. Unfortunately, in running such a gamut you will perforce travel both through 'nadir' and 'zenith'. This tome leans heavily towards the former, thanks to a number of glaring errors.

My first complaint about this book is that the title is a misnomer. This is not a book about computer viruses per se, but rather a book about personal computer security for the home user. While, naturally, a great deal of the topic concerns computer viruses, the book does not inform the reader extensively about them.

Another serious error was made with the timing of the publication of this book. Whether by ignorance or design the publication date of August 2004 was unfortunate, since the book was able to make no mention of <product>Windows XP Service Pack 2 </product>(which was also released in August 2004). While not a panacea, SP2 has by its very nature changed the home computing market with its specific focus towards security.

Some parts of the book contain fabrications worthy of the most sordid tabloid journalist. In fact, the motto 'never let the facts get in the way of a good story' would be apt in many cases. A selection of howlers:

  • 'Brain, the first virus'

  • 'Concept virus was the first encrypted virus'

  • 'Norton VirusScan was the first anti-virus program'

Part I of the book deals with assessing the risks that arise when a computer is connected to the Internet and describes how to combat them. The section begins with an explanation of viruses and other malware the computer user may encounter. Next, a general chapter describes what symptoms and changes a computer may exhibit if malicious code is running on it. These are followed by an introduction to finding, running and updating anti-virus solutions.

Part II is wholly concerned with anti-virus software. It begins by looking at how to evaluate, acquire and install anti-virus solutions. As part of the section on evaluating anti-virus products the book focuses on many functions of the anti-virus software - with the exception of virus detection. No mention is made of independent anti-virus testing, or even magazine reviews.

The next chapter looks at and explains some of the jargon involved in configuring anti-virus software. This is followed by a section that is best described as 'what to scan and when to scan it'. Finally, a chapter describes what to do if the software detects a virus. Importantly, this section tells the reader to find out what the virus has done before removing it.

Part III deals with the aspects of security software that are often neglected. Computer security is not like forestry where you plant a sapling and leave it - it is more like bonsai, where constant nurturing is required. This includes updating anti-virus data and programs, patching the operating system and applications, and running anti-spyware and firewall programs.

A chapter is devoted to PDAs and describes how they should be protected. Part III finishes with an overarching chapter on how to practise 'safe hex' - from using legitimate software to avoiding spam.

In my opinion Part IV lets the book down. The chapter on the history of viruses contains many errors (some of which were mentioned earlier). This is followed by a chapter on Trojans, worms, hoaxes, and spam - where there are more statements with which experts will disagree. Finally, there is an explanation of how viruses infect and virus taxonomy, which includes further interesting assertions such as: 'The other name for a macro virus is Trojan horse [sic].'

Part V, the ubiquitous ‘part of tens’, ends the book. There are two chapters here; the first concerns virus myths and the second concerns anti-virus programs. The virus myths range from ‘anti-virus companies write viruses’ to ‘viruses broke my computer’. The last chapter lists ten anti-virus programs with a two-third page summary which lists manufacturer, website etc., along with a ‘yes/no’ list of features. One would have to assume that the intended audience for this book is the 'average joe' computer user, but I cannot see why it was written - the book contains no new information and no new insights. What's more, the information the book provides can be gleaned from various other sources and publications, most of which are available free of charge. The author's website does not elaborate on the subject either - although it does provide the opportunity to purchase most of the software programs that are mentioned in the book.

Found a useful infosecurity book? Why not tell us about it so we can let others know - email:

View this book on Amazon



Latest articles:

VB2018 paper: Internet balkanization: why are we raising borders online?

Nowadays, walls are not just being raised in the real world, but on the Internet as well. Countries want to isolate themselves and shut down the information they are not comfortable with, or the companies they don’t want to do business with. Freedom…

VB2018 paper: Where have all the good hires gone?

Much ink has been spilled on the subject of the information security skills gap, and how difficult it is to hire and retain people for these positions. And yet, we all know someone who has had a hard time finding a suitable position despite having…

VB2018 paper: Little Brother is watching – we know all your secrets!

In their research, Siegfried Rasthofer, Stephan Huber & Steven Arzt evaluated the security level of the most popular family-tracking apps on Android. They assessed the security of the respective apps and conducted assessments of the corresponding…

VB2018 paper: Inside Formbook infostealer

Formbook is an infostealer that has been advertised for sale in public hacking forums since February 2016 by a user with the handle ‘ng-Coder' but only came to public attention after it was extensively used in spam campaigns in late 2017. This paper…

VB2018 paper: From Hacking Team to hacked team to...?

In this paper (presented at VB2018), Filip Kafka looks at the resurfaced Hacking Team spyware, and at what has changed since the company behind it faced a number of prominent hacks.

Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.