Read MoreOver the past six years a lot of changes have happened in the world of virus removal and computer security. Basically with the advent of Microsofts most secure operating system ever (Windows XP) the world of virii / spyware / rootkits / exploits (collectively I'll refer to them as malware for this article) etc has exploded. Estimates of the number of new virus released each week are normally in the thousands, if not tens of thousands range. Add to that spyware, unwanted applications (e.g. WinAntivirus2008) , trojans, adware ... and the listis enormous.
Recently I have found it is getting harder to ensure that the latest malware definitions are really catching the latest problems. In the last three weeks we have found several pieces of malware or viruses which have had to be carefully hand removed - with new definitions to detect them coming out 2 to 4 days after we have already discovered them.
Malware detection always lags behind the advent of new malware as a new virus / spyware / trojan etc, when it is released, normally has at least several hours, if not days, head start on the first definitions being released. In order for a new definition to be released the Malware has to be noticed, caught, reported, analysed and finally a fix / detection signature released for it. Finally the update has to be downloaded by the end user.
Part of the process we employ when doing a "Virus Bust" is to run several anti spyware / malware removal and root kit detectors across a system. This of course is quite time consuming, and again - if the malware is a new one, sometimes the only way it is detected is by seeing the results of the malware still present (e.g. rubbish exiting the firewall, strange PC behavious, pop ups etc). Which started me thinking ....
Is it possible that the number if items of legetimate software on the average users PC is growing at a slower rate than the number of malware instances. For example, the average user only wants to surf the net, send emails, write letters, do some word processing and listen to music / videos. Throw into that mix a bit of spreadsheeting, VOIP and games and you are stil only looking at a fairly limited range of software.
On an average week the average user does not add much new software to a system. Microsoft updates and anti virus updates probably account for most of the changes to executable code on a system. Instead of scanning for malware maybe a better solution would be to have a list of known good executable software and run a scan based on that. Any executable code found on a system not in the known good DB can then be flagged as suspicious and that subset of files be scanned / isolated instead of scanning an entire system of mostly good code for the odd piece of rot that has crept in.
Security based not on positive detection of malware but the isolation of unknown code offers a chance to allow quicker detection of potentially dangerous software on a PC. Certify the good code, isolate the unknown code and then apply positive antivirus detection methods against the unknown executables.
Not only does this method have the possibilty of being faster in its scanning of systems (creating and checking hashes is potentially faster than applying heuristic algorithms against an entire executable) but means the ability to certify code as being safe might alleviate some of the Zero Hour threats we face now days. Certainly for someone like me isolating the known good from the unknown means we can rapidly discard 99% of all files in a system has safe and concentrate on isolating the threats in the unknown one percent. It also offers a very positive way of providing reliable scanning from an alternative boot disk on compromised systems.
Historically old anti virus systems (circa DOS and Windows 3.1) were able to add CRC codes or hashes to executable files and then check to see files matched a known hash. That method presents problems today, and has fallen out of favour. However as an off-line virus scan, booted from an alternative operating system or boot disk and making use of a 'white list' database, it has the potential to add another tool to the security experts arsenal.
Heaven knows we need it.
This has been a random thought from the fertile and over caffinated brain of Shane. Thoughts, feed back and offers of millions for the idea welcome.
Read MoreThe update is a precursor to the more hotly anticipated 11g R2 release Read More
Bankruptcy sparks fear among IT workers in London Read More
Revera's online data retrieval service frees company's staff of daily burden Read More
But, Apple's process of patching reduces the window of vulnerability, say others Read More
Read More
Read More
Customer retention is something every business needs to be good at. If your customer don't come back then you'll very quickly find yourself going out of business.
Visit your local coffee shop these days and you're bound to get a loyalty card. Buy 10 coffee's and get 1 free. Visit Subway and you'll get credit that goes towards buying a sandwich. Fly with an Airline and you'll get frequent flyer points. Buy your groceries at New World or buy your petrol at Shell and you'll get Fly Buys points. I don't need to list any more - I'm sure you get my drift.
Most of these companies all exist in competive marketplaces where customers have many choices when it comes to spending their hear earned money. These companies realise that keeping their customers happy is not just something you pay sparse attention to, it's part of your core business.
Now lets look at the mobile market in NZ. Stastistics tell is that 100% of NZers own a mobile phone so I'll ask a question that everybody should be able to answer. Exactly what are Vodafone or Telecom doing for you to keep you as a happy loyal customer? Do you feel that your mobile carrier really wants your business or are you simply treated as a number? Do you think they really care if you moved away to another carrier?
This poses the question - do these companies care about customer loyalty? Both feature business models based around locking you into long into term contracts and giving you small discounts off overpriced handsets. Imagine if you wanted to buy petrol but could only do this if you entered into a 24 month exclusive contract with the fuel outlet of your choice, a contract that you couldn't break without paying a penalty. In return they would sell you a 1.5l bottle of Coke dicscounted to $3.00 - more than you would pay for this product if you shopped at a supermarket. Would you feel like you were a happy, content loyal customer or would you feel like you were just a number?
New Zealand now has a greater choice when it comes to mobile with TelstraClear launching a virtual mobile network using Telecom's CDMA network and Black+White are about to launch a similair virtual network using Vodafone's network. B+W won't be offering term contracts and instead believe they can compete by offering a package that makes their customers feel like they are receiving value for money which in turn will drive customer loyalty.
So I'll now ask the question - having been a Bellsouth & now Vodafone customer for 13 years do you really value my business? What have you done recently that should make me feel happy about being a customer of yours? How have you rewarded me for my loyalty over the years? You give me significantly less airtime for my $ spend than virtually any other Vodafone Group network. You've put up roaming rates so I now have to pay more to make calls when I visit Australia 3-4 times per year and also charge all incoming roam forward calls by the minute rather than per second. This annoyed me greatly. What else have you done? Nothing. What would I like you to do? Offer me a plan that feels like I'm receiving value for money. Don't lock me into a term contract. Don't make me laugh me by offering me $50 off a $1000 handset that's selling for $200 more than it's true market value. Quite simply don't insult me. I'm happy to pay good money each month for a plan that meets my needs.
Do you really value my business or not? If you do what are you going to do for me?
Read More
No comments:
Post a Comment