Sunday, February 05, 2006

Computer Viruses - Naming and confusion

With the fizzling out of the latest over-hyped virus and all of the different names for the same virus I was thinking out how these critters are named. It seems that each and every company will define their own name and standard. This to me causes a huge amount of confusion in the user community about what virus is being discussed. As an example the last virus had the following names:
  • Mywife
  • Blackmal
  • Kama Sutra
  • Nyxem version D
  • Nyxem version E
  • Kapser
  • KillAV
  • Grew
  • Blackworm
The actual official name was CME-24. Everyone wants to be credited with the discovery of a new virus and be the first to have the fix but enough, all you are doing is confusing the public and the media.

As a suggestion how about a central reposititory of discovered viruses, how it works, etc? The security community can then define a standard naming convention so that the short name is meaningful, but, allow the first to discover it to give it a 'common name'. In other words a 'Taxonomy' for computer mal-ware. This is good enough for the scientific community for identifying and naming organisms so why not for security software companies to define mal-ware? I use the phrase mal-ware so that viruses, trojans, spyware can all be classified, not just viruses, and the results are available to the public and media. Just enough information should be available to the general public to inform themselves on the risks and how to clean up the mal-ware.

The other benefit is that the massive list of viruses and trojans will be cut down and companies will find it harder to trumpet the number of mal-ware items they scan for as a marketing tool and not as a consumer information tool. In my opinion a lot of the counts are inflated with minor and meaningless variants on the same virus. It would also make it easier for the consumer to compare products to see which package fits their needs. At this time you almost have to be a computer security expert to determine the package that truly fits your security needs.

No comments: