on antivirus spam

Adam Kessel writes:

Does anyone have a rational explanation? Even better, can someone educate the software developers and the people who purchase their software to end this scourge of false "virus detected" emails?

Those messages are a form of unsolicited commerical email. Developers of antivirus software don't need to be educated; as you note they have no excuse for not knowing that viruses forge From headers. They need to be treated as spammers.

The continued commercial success of antivirual software depends on a steady stream of viruses, on a continued low-level awareness of the problem amoung computer users, and on a complacent consumer mindset that accepts this problem as the way things are, doesn't bother to learn about ways to avoid the virus problem, and instead plonks down money for antiviral software and continual upgrades.

So manufactursers of antivirial software have no incentive to educate the public about the systematic problems that make viruses possible. And they have everything to gain by sending out unsolicited emails plugging their products, especially if the mail can provide such compelling evidence that their product actually works, and that the user needs it. I'll bet the response rate from this stuff is ten times better than from your typical spam run, and the antivirus producers get paid to produce the software that does it, and get free use of their customers bandwidth to send the ads, to boot.

It's a vicious cycle, which the news media also feeds off of. While the better news sources do (occasionally) mention that a virus affects only windows machines, the majority of news media do not. And I've never seen a story in the media about the virual problems that suggested finding a better computer platform that could avoid them entirely. Why should the news media bother to educate its audience, when windows viruses are good for a news story every week or two?

This is how inneffective the news media are at explaining viruses: Every time there is a significant windows virus or worm outbreak, my mother fires up her linux system, logs into my server, and sends me an email warning me about the impending doom and destruction. I'm not making this up.

Anyway, I don't know what to do about the news media, except for ignoring them, but I know what to do about these antivirus companies. Treat them as spammers, and treat their customers the same as you would the owner of an open relay. We need a RBL for computers known to be harboring antivirus software that sends spam messages, and support in spam filters for blocking their mails. We need to find other ways to pressure antivirus companies to shape up.