Smashing Security podcast #018: Windows is a virus. True or False?

Three security industry veterans, chatting about computer security and online privacy.

Graham Cluley
@gcluley

Security firm Webroot drops a clanger when it declared Windows was malicious and borked customers’ PCs, millennials are streaming a lot of movies illegally, and blackmailers are targeting members of the Ashley Madison cheating site again.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Michael Hucks from PC Matic.

Show notes:

Smashing Security #018: 'Windows is a virus. True or False?'

Your browser does not support this audio element. https://aphid.fireside.fm/d/1437767933/dd3252a8-95c3-41f8-a8a0-9d5d2f9e0bc6/4dac040d-0f9e-4333-8086-fa361972e2dc.mp3

Listen on Apple Podcasts | Google Podcasts | Pocket Casts | Spotify | Other... | RSS
More episodes...

Sponsor: Recorded Future

This episode of Smashing Security is made possible by the generous support of Recorded Future – the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.

Sign up for free daily threat intelligence updates at recordedfuture.com/intel.

Thanks to Recorded Future for their support.

Hope you enjoy the show, and tell us what you think. You can follow the Smashing Security team at @SmashinSecurity on Twitter.

Remember: Subscribe on iTunes to catch all of the episodes as they go live. Thanks for listening!

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 comments on “Smashing Security podcast #018: Windows is a virus. True or False?”

  1. I hadn't known about the Great Sophos Disaster.

    How did they recover from a situation where they can't push out an update? And how did they fail to scan their own software?

    Because of the scanning method that DSAV-Findvirus used (single point), I don't think we ever had a false alarm.

    1. Here is how The Register reported the Sophos foul-up: https://www.theregister.co.uk/2012/09/20/sophos_auto_immune_update_chaos/

      If I recall correctly, the first fix was a manual one – on every computer that had had its Sophos Anti-Virus update feature borked by umm.. Sophos Anti-Virus.

      Later there might have been a tool produced that could be rolled out across the network as users logged in, but that's lost in the mists of time for me.

      Regarding "how did they fail to scan their own software"? My understanding is that the false detection was spotted during testing…. and then human error meant that someone overrode the warning and pushed out the update anyway…

      But it's five or so years ago now, so that may not be right.

    2. I seem to recall there may have been occasional false alarms (but nothing like what McAfee and others suffered from) when it came to file compressors, Dmitry's heuristics, etc. But they were pretty rare. David Emm probably remembers better than me.

      BTW, it's 20 years since we put out this press release. Time files…

      http://www.prnewswire.co.uk/news-releases/mcafee-pleads-with-dr-solomons-to-reduce-virus-detection-rate-156451045.html

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.