Memoirs of a (media star) virus researcher

I have been known, from time to time, to make rather unkind statements
about the accuracy of virus reports in the mainstream media. Some of
my antipathy arises simply from the fact that there is an awful lot of
“mythology” surrounding viral programs, and most pieces that appear in
the media simply perpetuate this. Some of my experience, however, is

A reasonably prominent periodical devoted to security topics had been
advertising for writers in, among other areas, the virus field, so I
sent some sample materials off. I did not hear anything for about
eight months, and then I got a call asking me to do an article. On

However, it was not enough to write the article. No, I had to contact
the vendors and listen to what they had to say on the topic. This
actually consumed the most time. Some research, and some roughing out
an outline, took up two hours. A rough draft took three. Polishing
the final draft took about an hour. Lots of room for profit there.
(Of course, when you consider the years it took to build the
background to be able to do that, it tends to reduce the margin a
bit….) But contacting three consultants, two user-group
representatives, and eleven representatives from seven major vendors
took more than fourteen hours spread over a ten-day period. In the
end it got me one very helpful vendor contact (Carol Smykowski from
Fischer International), one returned message, one faxed spec sheet
from a loosely related product, and a
heavy parcel, which arrived postage due after the deadline. Needless
to say, this was less than helpful to the project.

In the end, the article was rejected. Not enough “vendor quotes.”

What is really important here is the fact that most of the articles
being generated in the trade press are, by and large, “infomercials”
on the printed page. Articles are being written by people who, if
they have a technical background at all, are writing out of their
field and are being judged on the
acceptability of the content to vendors and advertisers. The vendors,
quite happy with the situation, are in no hurry to be helpfully
involved in the process (or even to return phone calls).

As two examples, I cite the recent (as this is written) releases of
PKZip 2.04 and MS-DOS 6.0. For the first month after the release of
the new PKZip, while the nets were stretched by the reports of the
various bugs and the latest release by PKWare to try to correct them,
*PC Week* blithely rhapsodized over “version 2″ and advertised that it
had version 2.04c (the real buggy one) on its own board. Meanwhile,
in spite of the protests of the virus research community *before*
MS-DOS 6 was released, and the almost immediate storm of reports of
bugs and problems with various of the new features, the trade press is
only now, after six weeks of ecstatically positive reviews of MS-DOS
6, starting to report some of the potential problems.)