Friday, October 24, 2014

anti virus - Malware vs Viruses



Is there a legitimate technical difference between malware and viruses? I have looked at the Wikipedia entries but I am not really seeing the difference.



Currently, I kind of feel like this is just Symantec's way of getting more money for products (features). But maybe someone involved more deeply in this area can explain this.



Answer



If you want to get into semantics (no pun intended) viruses are a subset of malware in the sense that they are (typically) malicious. What makes them stand out is that they spread themselves. Aside from that, technically there is no differentiation. Malware is malware in the sense that anything can be written to do whatever malicious activity the writer wants, at least within the confines of any vulnerability that is being exploited.



The modern term should really move away from "Virus" and solidify to "Malware". Virus still holds as a known term because of the history involved. The main mechanisms that allow most modern malware to function didn't exist back when viruses were the big thing. The only effective way they had to do anything was to spread themselves, and this was typically done via floppy disks. Today with the Internet and other large-scale networks it's trivial to reach a mass of people without having to write the code to self replicate.



For the purposes of marketing, the term "Virus" is something scary because the public knows the term and the history of damage they have done in the past 20 years. For the purposes of technology, there are numerous pieces of Malware that are much more dangerous than many viruses every dreamed of being.



Non-replicating malware can be a file on your machine just like a replicating virus, so a scanner should have the means to find either. A signature is a signature.



Long story short: IMHO it's marketing on Symantec's part. They're looking at breaking up products based on the entry points that malware uses to get into your system: email, web, file system, network shares, IM, etc. The more separate products they have, the more revenue. Technically, though, viruses ARE malware.




(And Peter Norton said that viruses would never be a threat to the computing population. chuckle)


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...