Do I Need Anti-virus Software?

To answer that question we must first answer the question Why do we need anti-virus software? The answer to that question is pretty simple. Engineers tend to design things to work and then stop. The exception to this is NASA who has to plan for every possible contingency and then make sure their design will survive.

Normal engineers get to see their design come to fruition and then can iterate on that design. There are moments of “oops, that didn’t work” followed by design improvements. By the 3rd, 7th or Xth version, they tend to get it right. Compare most any engineering feat and you will see earlier less successful designs that were essential to the learning process.

Consider two home builders with lots side by side. Both builders build their houses and are able to live in them. Over time the neighborhood goes down hill. Their houses are no less nice than they were when they were built but now they are both getting broken into regularly. Once of the builders decides to repair the broken windows and add bars for security. The other builder decides to bulldoze his house and build a new one with security in mind. Sounds like an analogy for the Windows/Mac discussion.

In the beginning most computers could only do one thing at a time. If you were running Visicalc on your Apple ][ then it took over your computer. With the Advent of Windows 3.1 and Mac OS 6, we began to be able to run more than one program at a time. These programs needed to be able to talk to one another so they could share data. Apple introduced the clipboard, AppleScript and later Publish and Subscribe. On Windows there was OLE and later ActiveX. The focus of these tools was to expose all the functionality of a program so that any other program could use it. It was possible to write a Word Macro that could control MS Excel. MS Access had its own programming language that could call any system function to do just about anything on the computer.

I admit to having some fun with this in the mid 90’s. I would use Visual Basic to write a little program or screen saver. In one example I wrote a simple program that simply displayed an error message and then quit. What it actually did was edit your WIN.INI and change all of your system colors to black on black. Yes, I always made a backup of the original WIN.INI — this was supposed to be a joke. I would put the EXE file out on the server and see who I caught snooping. Because of the way the WIN.INI is read only on Windows Start, the color changes would not happen until the next day. By then the use would not remember the culprit.

Visual Basic was very powerful and had nearly unlimited access to the system. The system was designed to make things work. Once the got things working there was no reason to keep working on the project and so they shipped it. When a user had a problem, the problem hopefully got fixed.

Before Windows for Workgroups 3.11, it was very hard to get Windows computers to talk on a network. WfW changed that. Now you could use OLE not just on your computer but on any computer on your network. You could open your spreadsheet on your computer and request data from other spreadsheets to make sure your spreadsheet had the latest numbers. Individual program started listening and broadcasting on the network for their own purposes. The most common example of this is called an RPC — Remote Procedure Call. This simply means that I can use my computer to tell you computer to run a program.

Viruses quickly arrived on the scene. They were written to look for floppy drives. If they could hitch a ride on a floppy drive they may get to find themselves on a new uninfected computer. If that computer were on a network they could spread to each computer on the network. This is was the first phase of commercial anti-virus software. Viruses primarily attacked your hard drive or your floppy drive. They loaded as a TSR, or driver, or CDEV so they could stay running. The anti-virus software would be able to find and kill them.

With the advent of Windows 95 and the explosion of people accessing the Internet with email there came a new threat. No longer did viruses need to wait for a floppy. The most popular email program at the time was probably Outlook Express. Outlook Express had a fatal flaw which had been designed into it as a feature. It would open an email when it was received without any user interaction. Between this and Macro viruses the world was besieged with a pandemic of computer viruses.

By Windows 98 virus had evolved to become extremely hard to kill. They were able to propagate right over the network. During this same time more and more people were getting connected to the Internet. Most of them were using real IP addresses. Your computer could get infected by just connecting.

During this same timeframe Apple decided to scrap their Mac OS 9 which was subject to some of the same virus problems and go with a new architecture. This new design was based on BSD UNIX that had been around for decades and had proven to be hardened against the type of network attacks that were becoming so common.

By the beginning of this decade things were really bad. A stock installation of Windows would be infected in minutes just by being connected to the Internet. This infection was so insidious that there was no real hope of cleaning out the infestation. It was insanity to run Windows without any virus protection. Mac OS X had just arrived in 2001 and even though there were no viruses for it yet it was just a matter of time.

Things started to get better. Local ISPs realized they did not need to give their users real IP addresses. NAT would do the job just as well while protecting their users. ISPs also started blocking port 25 which was being used by spammers and viruses to spread. By Windows XP SP2 Microsoft finally shipped their OS with the firewall turned on. Mac OS X still didn’t have any viruses but it was just a matter of time.

Here we are a few years later. Viruses are very cleverly designed to not kill the patient. They very keenly use your computer only when you are not using it in hopes of avoiding detection. They receive new instructions from chat rooms and can be controlled in huge bot networks. What can you do?

* Turn your firewall on and leave it on. Make sure it operates in Stealth Mode.
Run Shields Up to see if your protected. – http://www.grc.com
* Use a NAT Router at home even if your ISP gives you a real IP address.
* Use SSL for any communication that can use it — Email

To date there is not a true virus for Mac OS X. There are some concepts and some trojans but no real viruses. A trojan is like my little WIN.INI hack that requires the user to actually run the program. Have I seen a virus on my system? — yes. As recently as 2002 I saw a few viruses come through in my email. In fact, I actively sought them out in an effort to help my customers. Since my machine was relatively immune, I could use it to scan files and email. I ran various virus checkers that found viruses in my Spam folder.

If you keep your system clean you should not need an Anti-Virus program. The problem is that keeping your system clean is increasingly difficult. I would definitely recommend that anyone who is at all nervous about technology should either use a Mac or make sure the buy and maintain their virus software. Virus software is not much use if you do not maintain it. If you run Windows, you should consider the $40 per year per computer subscription part of the cost of ownership of your computer.

Leave a Reply