Social science meets computer science

Despite its title, the first chapter is not about the turgid arguments that rumble on over malware nomenclature, but rather about why and from where the term ‘virus’ came into our lexicon and why the metaphor of virus endures. It then moves on to describe the nature of the threat, how it has changed and how our defences against it have been commodified.

In this part of the book the standard security triple of confidentiality, integrity and availability is used to underpin the argument that the terms ‘security’ and ‘threat’ form a loop because they are defined, in the minds of the interviewees, with reference to each other.

The author goes on to address the role of governments and how their interests in the field have changed, particularly since 9/11. Finally, there is a case study looking at how spam has changed from a mere annoyance in the early ’90s to a real security threat, and how detection has been added to the standard suite of security products. This transformation is mirrored elsewhere, specifically the move in the mid-90s to add trojan detection to anti-virus products.

The way in which people and groups communicate and interact is the meat and drink of this book, with chapters 3 and 4 looking at grouping within the industry. The majority of researchers interviewed in the book were CARO members, so it is not surprising that chapter 3 is dominated by an analysis of CARO. Describing what the author calls ‘the mythic past’ through to the present, CARO is used as a standard against which to compare all other AV industry interactions. Detailing the contretemps that arose among vendors over REVS and how, as a result of that, industry interactions changed, this chapter touches upon the exclusions inherited by CARO.

In this chapter the author discusses how corporate users felt that they needed a more coherent and louder voice in the industry. The corporate end-users’ perception was that they were the ones working in the trenches and that the vendors/researchers could make use of their expertise. This led to the formation of AVIEN (the Anti-Virus Information Exchange Network), exclusively for end-users, and AVIEWS (the Anti-Virus Information Early Warning System), which included vendors and researchers. However, researchers soon realized that the data received via AVIEWS was also being provided via other avenues, and this diluted the usefulness of the resource from their point of view.

Chapter 1 talks about the commodification of anti-virus. Commodities are purchased through word of mouth, advertisement, or a mixture of the two. In short, commodities are marketed, and the anti-virus industry has had a chequered history with rogue and not so rogue marketeers/press agents. Here the author discusses the dichotomy of the researchers’ desire for truth and accuracy and the marketeers’ desire to cultivate press links and drive sales.

Race and gender studies are the bread and butter of social science research. The AV industry, at least as far as conference attendees go, is a fairly homogeneous group (white, male, middle-aged, degree-educated, North American or Eastern/Northern European) and provides rich picking for an analysis of race and gender.