Viruses at University of Calgary

For some background information visit Damien who has had his say in the matter. Read the "Virus writing at university" posts to get the crux of the matter. Duncan also has some links on his blog.

The opposing side seems to have a habit of finding false analogies to explain their position. But thinking just a little bit about these statement one realises that they do not represent the situation very well at all.

"You don't send somebody out to shoot someone so they understand what happens when somebody gets shot."

And you do not go around infecting deployed systems with viruses so you understand what happens when a system gets infected. The computers the students will be practicing on will be dedicated to this task and will not be connected to anything important. There is no way anyone is going to get shot.

"For example, I wouldn't need to know why somebody does graffiti to know that it's a problem and to know how to combat it."

So not knowing what allows a virus to be written and effective in the first place is not necessary if you want to write virus resistant applications? What would people say if the course was about teaching students what allows programs to exploited by viruses and other such malware? Would they feel differently then? If they do they need to rethink their position. One cannot fight an enemy whose methods are unknown.

"Don't bother applying for a job at Sophos," he said. "If you have written viruses you will be turned away."

This stance I honestly do not understand. These students are not doing anything illegal, wrong or unethical. I can't even argue against it because I have no understanding of this position. So if I have an old computer and I see if I can infect it with a virus of my own devicing I can suddenly no longer be considered to a potential valuable asset to these companies. Sounds like a knee-jerk reaction to me, a reflex without thought.

And while I am the topic of AV firms. They are not the solution against viruses as they do not solve any of the fundamental problems. The fundamental problem is of course that viruses can be written in the first place. "There are a thousand hacking at the branches of evil to one who is striking at the root." The AV firms are the branch hackers. The people who make it harder to write viruses in the first place, University of Calgary, are striking at the root. And that there is a thousand to one is self explanatory when the major players will not even look to see if any good comes out of this.

And I do not think that AV firms are the only potential employers of these students. The potential employers are all companies which write software. Someone with the knowledge of how a virus works can apply that knowledge on the other end and write virus proof software. And here is why so little headway is made in the battle againt malware, the first, last and only line of defense against the worst scum of the universe are reactive. If all we do is react then the enemy will always be one step ahead. That is why we need students from University of Calgary to proact so we can be one step ahead of our enemy.

My feet are firmly planted in the pro University of Calgary camp and I intend to stay here.