[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Friday, 9 March 2007, 13:24 GMT
Staying safe without anti-virus
By Mark Ward
Technology Correspondent, BBC News website

Keyboard and mouse, Eyewire
Visrting the wrong website can have serious implications
For a long time anti-virus software has been in the front line when it comes to stopping malicious programs infecting PCs.

But as the creators of viruses and other malicious programs adapt their methods to exploit the weaknesses of anti-virus software, some are looking to other methods to help them stay safe.

One such is Brent Rickels, the one-man IT department for the First National Bank of Bosque County in Texas, who has thrown out his anti-virus software and has a much quieter life as a result.

"I just wanted to be able to sleep at night," he said explaining the decision to stop using anti-virus.

"There had to be something better by now," Mr Rickels told the BBC News website. "Anti-virus is such a reactive model."

"The bad guys out there have copies of Symantec and Trend Micro and all of the anti-virus software and are using it to develop their stuff on and get their stuff past it," he said.

Game over

As its front line of defence the bank uses a so-called whitelist system that only lets a few programs run on every PC that bank staff use. Everything else, including viruses or malicious programs that try to strike via websites, are shut down before they can get a hold.

The bank has also imposed limits a 20 minute per day limit on the time staff can spend looking at non-work related websites.

"It seemed kind of restrictive at first but almost no one bumps up against it," said Mr Rickels.

Using the whitelist system, which the bank got from security firm Secure Wave, has stopped people falling victim to all kinds of malicious programs.

Palyh virus in e-mail inbox, BBC
Virus writers move fast to catch out lots of victims
"It's a lot less work to me than making sure everyone has updated versions of the anti-virus," said Mr Rickels.

One type of application remains firmly on the banned list however - instant messaging.

"It's just was not worth it," said Mr Rickels, "nobody has had a good case or need for that in our organisation."

Copy cats

For many, the problem with anti-virus programs is the fact that they need a sample of a virus to analyse before they can update systems to look out for the new threat.

The virus writers have adapted to this by cranking out hundreds of copies of their malicious programs in an attempt to overwhelm the anti-virus companies.

It can mean that anti-virus companies take time to spot all variants of a particular program, said Carl Woodward of Sanctuary Software.

"Anti-virus programs are often signature based in which case you always have some kind of window," he said. "A huge number of people could be infected before the protection is rolled out."

Drawing on work he did for the government Mr Woodward has developed software that can "armour" commonly used programs and files.

Bill Gates, AP
Virus writers are porting their programs to Vista
Once armoured the programs and files are permanently quarantined. Although programs run as normal and files can be opened and edited they cannot be used as a launch pad to infect the rest of a machine.

Malicious hackers have responded to the success of anti-virus programs by turning to techniques that involve the creation of polymorphic viruses.

These programs change their configuration on a regular basis in a bid to fool anti-virus signatures that they are no longer malicious.

"We're seeing a lot of malware designed to outwit the signatures," said Tim Eades of Sana Security.

He said that many malicious hackers were updating viruses developed to attack Windows XP so they could infect Windows Vista.

In some respects, he said, the virus writers were like any other software vendor and had to "port" their products over to the new operating system.

In a bid to stay current with viruses, Mr Eades said Sana's software used heuristics or behavioural modelling to spot when a malicious program is trying to infect a machine.

The security software builds up knowledge about how a PC works so it can spot when a program is doing something it should not.

The whole thrust of this protection, he said, was about not relying on users who tended to be the weakest link.

"You cannot rely on users to make smart decisions," he said, "you have to make the software make smart decisions for them."


SEE ALSO
Microsoft fails second virus test
05 Mar 07 |  Technology
Bank loses $1.1m to online fraud
19 Jan 07 |  Business
Spam surge drives net crime spree
26 Dec 06 |  Technology
Virus writers target web videos
31 Oct 06 |  Technology
Windows virus bites Apple iPods
18 Oct 06 |  Technology
Net crime 'big fear' for Britons
08 Oct 06 |  Technology

RELATED INTERNET LINKS
The BBC is not responsible for the content of external internet sites



FEATURES, VIEWS, ANALYSIS
Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit

PRODUCTS & SERVICES

Americas Africa Europe Middle East South Asia Asia Pacific