Knowing your limitations

Rob Rosenberger first came to my attention with a web site which was one of the standard resources on virus hoaxes for a while.  In particular, I owe him for introducing me to the concept of ultracrepidarianism (he calls it “False Authority Syndrome” [1]), a neat illustration of the dangers of speaking “authoritatively” about matters in which you’re not competent.

For a good while he’s been sending out his “What’s New” newsletter, giving out his version of the “Truth about Computer Security Hysteria”. [2] Like many others, I’ve been entertained (and sometimes irritated) over the years by his idiosyncratic observations on the security industry in general, and antivirus companies in particular . Not to mention his rants about politicians, business grandees and anyone else in danger of inserting one or more of their feet into their mouth.

In his 5th February 2007 issue, he turned his attention to a report on the Kaspersky Labs web page [3] on cyber-crime, written by virus analyst Yury Mashevsky. He criticized it on the following grounds:

  • There’s no indication of how Kaspersky compiled the statistics on which Mashevsky based the figures in the report. This is true: the source is simply given as Kaspersky Labs. Since Kaspersky are a major antivirus/antimalware vendor, I presume they got their data the same way that other vendors do: by analysing reports from their customers, automated software reports, captured data from honeypot systems and so forth. I suppose it would be nice if they’d said so, but I for one am not about to ask them for access to the data so that I can check it personally.
  • Figure 1 shows that “Previously unknown malicious programs are multiplying at an exponential rate…”, supported by figures from 2001 to 2006. This does, Rosenberger says, suggest that “malicious software authors will be the single largest producers of software by 2014”. It isn’t quite clear from the text in his newsletter that this is Rosenberger’s extrapolation, not Mashevsky’s. Still, perhaps the word “exponential” wasn’t altogether the right choice in this context.
  • That Mashevsky “fails to explain” why a “virus analyst” is qualified to comment on cyber-crime trends. Actually, the trends being described relate largely to malware trends, so I’m not sure why his job title is a problem. And if Rosenberger had checked his biography on the web site, he’d have found that Mashevsky’s PhD dissertation was on information security, and that his job history includes information systems security development, working on information theft and unauthorized analysis. [4]

Rosenberger informs us that he would grade the report as an undergraduate assignment “between a ‘B-‘ and a ‘C'”.

I’m not sure how this maps to the UK education system, Rob, but if I was going to grade your article, it would probably be as somewhere between a D and an E. But it would be a little presumptuous, not to say condescending, for me to do that. Even worse, as I’m not a teacher, that would be pretty close to ultracrepidarian, wouldn’t it? So is there any chance of your  explaining what teaching qualifications you have?
[1] http://www.vmyths.com/fas/fas1.cfm

[2] http://newsletter.SecurityCritics.org/

[3] http://www.viruslist.com/en/analysis?pubid=204791915

[4] http://www.viruslist.com/en/weblog?chapter=153345573

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s