Viruses are here to stay

Combating viruses should be an easy job. If we could all promise not to send executable attachments to one another: be they programs or Microsoft Office documents that support macros; rude or clever screen savers; or even just fancy HTML pages that download something we don't see.

If we could all promise not to install applications other than from the reputable manufacturer's installation disk. If we could all agree that infected PCs are rebuilt, preferably with a decent operating system; or failing that, simply recycled. In fact, if we could all agree to start using an operating system that doesn't suffer from virus infections, like Linux or Apple's for example. Computer viruses should then be completely eradicated.

Unfortunately, the real world isn't like that: someone will still think it's clever to send a stripping lady screensaver to everyone in their address book, and it only takes one virus enclave in the interconnected world and the whole sorry mess of infection will start all over again.

The internet has recently been shown to be a "scale-free network": there are a small number of highly connected nodes, meaning that one infection will quickly spread to a connected node and from there to the rest of the network in an eye blink. And the viruses themselves have become increasingly clever, targeting not simply our technology blind spots - as the earliest viruses did - but now blind spots in our psychology. Viruses spread in attachments through our address book: they come from people who, in the main, we trust. The "standard advice" of binning programs sent by strangers is irrelevant: the last few times I caught a computer virus, it came from my friends.

We can't dodge the virus problem by shifting to another operating system. It is true that Microsoft appears particularly vulnerable to viruses.

There are several reasons for this, not the least of which is the willingness of the Office application suite components to do "clever" things on behalf of the user. But the most important reason is simply that Microsoft has been targeted.

The overwhelming majority of users have Microsoft Windows and the Office suite running on standard PCs. As such, they represent an environment that is easily understood by the virus writers who can target it directly.

The early viruses took advantage of the poor user security implicit in the early Windows systems. At the time it was certainly true that Linux and Apple were not likely to suffer from the same problems given their user security models. However, the more recent application viruses bypass those models: Linux and Apple become potentially as vulnerable. All it would take is for the virus writers to shift their attention.

It seems you can run but you can't hide. We will need to continue fighting and fixing the virus problems. People in the business of antivirus software - even though they can barely keep pace with the problem - are clearly sitting on a goldmine.

Have your say: reply to IT Week