Throwback Thursday: The Updating Game (June 2004)

(This article was first published in Virus Bulletin in June 2004.)

In 1991, the experts told you to update your anti-virus software on a quarterly basis: four times per year. If you failed to do this, your anti-virus software might fail to work. By 1996, the experts were urging you to update it on a monthly basis – 12 times per year. In 1998, they pleaded with you to update it on a weekly basis – 52 times per year.

In 1999, the experts screamed at you to update your anti-virus software every day – 365 times per year, and by mid-2000, the experts were ordering you to update it multiple times per day, which works out at roughly 1,000 times per year. If you failed to do this, your anti-virus software might fail to work.

Then the experts backed down a bit. Grudgingly, they admitted that you could get away with updating your anti-virus software multiple times per week, which is only 100–200 times per year. But it seems that’s not good enough any more. Now, the experts want you to update your anti-virus software every hour – which is 8,760 times per year.

“It is no longer effective to only apply anti-virus updates on a daily or less frequent basis,” warned Sophos’s Graham Cluley in a recent press release. “It’s obviously good that companies are deploying anti-virus protection, but they are pouring their money down the drain if the protection is not frequently updated. Effective anti-virus protection includes the ability to poll automatically for security updates on an hourly basis.”

Quarterly anti-virus injections weren’t enough. Monthly anti-virus injections weren’t enough. Weekly anti-virus injections weren’t enough. Now, not even daily anti-virus injections are enough. Companies “are pouring their money down the drain” if they don’t inject every PC every hour, experts insist.

If your firm has 10,000 PCs, then your firm will need to make more than 87 million connection attempts. If you fail to do this, your anti-virus software might fail to work. And you pay for this privilege!

We heckle Microsoft when they occasionally issue a security patch, yet we applaud anti-virus firms when they issue non-stop security patches. While Sophos issued 226 security patches for a single anti-virus program in 2002, Microsoft issued only 72 updates that same year for all of its products combined.

Where will it end?

Some day, the experts will compel you to update your anti-virus software once a minute – which is 525,600 times per year. But even ‘minute-ly’ updates won’t stem the tide forever. Some day, you’ll need a persistent anti-virus update. In other words, your PC’s network cable will serve as an intravenous tube for a constant stream of AV injections. Sounds like an addiction, doesn’t it?

It’s called an ‘Addictive Update Model’ for a reason. Anti-virus updates are so addictive that even the tobacco industry is intrigued. Think about it: what does a smoker instinctively need when he or she wakes up in the morning? What does anti-virus software instinctively need when you turn a computer on in the morning?

Sure, the experts call it a ‘subscription’ – but it’s the same as an addiction to painkillers. Painkiller addicts get a subscription from their doctor; anti-virus addicts get a subscription from their vendor.

No doubt the experts will debate this by stressing how you can poll automatically for security updates. But their counterpoint will sidestep the ultimate issue. An addiction, no matter how automated, is still an addiction. Where will it end?

Even persistent updating won’t be enough, you know. Why? Because anti-virus firms spend hours preparing each injection before you can download it. You’ll still be lagging behind the latest virus threats when you finally switch to an intravenous update.

Enjoy your addiction.