US government calls for enforced patches

Antivirus community condemns idea as ill thought out

James Middleton

vnunet.com, 06 Dec 2001

The US government's call to force security and virus patches on users has been met with consternation by the antivirus industry.

On Tuesday, the US president's computer security advisor Richard Clarke called for more forceful methods of distributing software fixes to personal computers.

Advertisement

Following the outbreaks of Nimda and Code Red, both of which exploited known vulnerabilities, Clarke said that "the problem is that people do not apply those patches".

He claimed that it shouldn't be "beyond the wit of this industry" to force patches on users. But antivirus firms have disputed this, arguing that many users have chosen to be in control of their own updating procedures.

Clarke believes that 90 per cent of virus attacks could be stopped if security vendors forced users to patch up their systems.

He also said that software should ship with the highest security settings as default. Typically, software vendors have claimed that they sacrifice some security for the sake of usability, but this should "not be an afterthought anymore", said Clarke.

However, Graham Cluley, senior technology consultant at Sophos, retorted: "I fear the US government is making comments without being fully aware of the facts."

Cluley explained that most antivirus vendors give their customers the option of automating updates but that "some businesses are reticent about outsourcing crucial security measures. For peace of mind, they'd rather implement their own updates to ensure they work properly for their environment."

Clarke also made the rather bold statement: "America built cyberspace and America must secure its cyberspace."

Cluley agreed that the US government does have a vital role to play in security, but said: "The US courts have still to sentence David Smith, even though it's more than two years since he pleaded guilty to writing the Melissa virus and causing $80m worth of damage."

"Sentencing could go a long way to deterring other virus writers," he added. "This would be a real boost to businesses operating under the threat of virus infection."

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Have your say on this article

Further reading

nasty_virus

Goner worm 'fastest spreading ever'

US Dow Jones index is the latest victim

Linux lined up as virus target

Increasing popularity makes attacks more likely

Related whitepapers

Related jobs

Most watched

eu flag

V3.co.uk weekly debrief, 6 Nov 09

This week, Europe decides what to do with illegal file sharers

Intel unveils its micro server platform

Small-enclosure systems take aim at hosting market

More video

IT white papers

Search white papers

Top categories

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Spotlight

eu flag

V3.co.uk weekly debrief, 6 Nov 09

This week, Europe decides what to do with illegal file...

Dell Adamo XPS

Dell launches ultra-thin Adamo XPS

World's thinnest laptop will be available by Christmas

Top 10 articles, 6 November 2009

The worst Microsoft products of all time, and a USB...

Iain Thomson

Pirate Bay shutdown could be inspiring online militancy

Recent Swedish attacks raise worrying possibility

Primary Navigation