As we depend on email more and more, its security weaknesses become ever more apparent.
Viruses continue to plague our computers. The first viruses were created in the early 1980s. Early viruses were handcrafted, and their creators had some degree of skill. Virus creation became much easier with the introduction of powerful virus-creation toolkits. This has led to a dramatic upswing in the number of viruses. This problem with viruses is not unique to any one vendor of computer software. Viruses affect a wide variety of systems, from mobile phones to mainframes.
For the last twenty years, the majority of anti-virus (AV) products have relied on explicit knowledge about every virus that exists in the world. That knowledge is codified within a signature. When a piece of AV software can match the bits in a file to a signature in its library, it blocks or deletes what it presumes to be a virus. This approach is effective close to 100% of the time when the AV software has a signature for the particular virus that happens to be attacking the computer. When it doesnâ€™t, this approach doesnâ€™t help. The value of an AV product therefore hinges on two things: the AV product vendor must identify new viruses and create signatures for them, and those signatures must reach the end userâ€™s computer as quickly as possible. Most AV products are updated daily or weekly with new signatures, but this is a never-ending race between the virus writers and the AV product vendors. Even if you run AV software, your computer might become infected by a virus before a signature is installed. The dramatic changes in virus creation over the past quarter century contrast with the rather tepid evolution of AV products.
Commercial AV products have typically been signature-based. Vendors have periodically brought products to market that use heuristics, such as analyzing behavior, to try to identify viruses. The idea is to remove the dependency on signatures by learning how viruses tend to act. But this technology can struggle with distinguishing between hostile and benign actions, and it can have an error rate of 50% or more. We certainly have fewer problems with computer viruses due to the degree of protection that AV software can provide. But we have only treated the symptoms. Viruses continue to be created at a very high rate. We havenâ€™t solved the problem with existing technology, and millions of people continue to be affected. With no cure in sight, it seems that viruses will be with us for some time.