Antivirus companies boycott industry group

Two major antivirus companies are refusing to join an industry group established to speed up the system of identifying and preventing the spread of new viruses.

Network Associates and Symantec have so far declined to join the REVS (Rapid Exchange for Virus Samples) group, which was set up in March this year, by the Wildlist, an independent organisation responsible for the official list of viruses which are in the wild.

In his keynote at the Virus Bulletin Conference today, Sophos chief executive Jan Hruska said: "The gathering of virus samples is absolutely crucial to fighting viruses. The antivirus process involves the gathering of samples, analysis, the development of detections and disinfections, quality assurance and then the delivery of a solution to the user."

"The effectiveness of this process depends on one thing. It needs to be faster getting to the user than the virus," he added.

Hruska said that most stages of the process could be improved by more man power. "But one aspect that can't be solved in this way is the gathering of samples."

He said that in the past, antivirus companies used a number of methods including informal mailing lists and email requests between antivirus companies."These can be unreliable and inefficient. The antivirus industry needed something better."He said that Revs is owned by the Wildlist and its hardware is located at Sophos' headquarters in Oxford.

"When a member of Revs receives a sample, before it is publicised in anyway, it has to be posted on the system. It is then sent out securely to all members within two or three minutes."

In order to maintain its integrity, Hruska said members must fulfill certain criteria to become members, for example they must be a bona-fide member of the antivirus industry and they have to operate a secure antivirus lab.

There are now 22 members around the world, including most of the major antivirus companies with the exception of Symantec and Network Associates, he said."The system went live in March 2000, two weeks before VBS/Loveletter was released and fully proved its usefulness in distributing the original as well as all the ensuing variants to its members. It was difficult to see how anybody could not see the value of the new system. The whole antivirus community(and ultimately the users) benefit from more co-operation in the industry."

Carey Nachenberg, chief researcher at Symantec said: "WE had concerns over who was joining and whether they were bona-fide. We are considering joining after some more definition of the rules."

A spokesman for Network Associates said: "The exact reasons for us not joining I cannot say, but it is worth pointing out that we are a member of several groups that, in principle, do the same thing."