it may seem like these violate the av companies don't hire virus writers rule but in reality these edge cases (neither company is technically an anti-virus company) actually reinforce the rule by virtue of what the av industry does in response...
so you can imagine, then, how far my jaw dropped when john sharp, founder of authentium, solicited applications from students who graduated from a virus writing curriculum:
Authentium to George Ledin's students: if you're interested in a job, we'll look at your resume. Based on your training, our assumption is that you're going to do a better job helping us detect and defeat malware than someone without this knowledge.
now, i realize one might argue that people who learned to write viruses in school don't have the same motives as those who write and release viruses (though it occurs to me that a virus writing curriculum would appeal to exactly the type of person who would write and release viruses so you may actually be dealing with a population whose bad apple content is higher than average) and the debate has been weighed in on by far more influential individuals than myself - but, with many companies refusing to hire such students just as they would virus writers, mr. sharp's words are unexpected to say the least... i wonder if he's shared his philosophy with helmuth freericks, who was listed as the vp of r&d at authentium when he signed the public letter against teaching virus writing that's being hosted by the anti-virus information exchange network...
things get more interesting than that, however... authentium's (formerly command software system's) command anti-virus used to license the f-prot scanning engine and given the identical naming produced by the two it seems like it still does... that engine is produced by frisk software international... frisk has made his feelings on the subject of virus writing curricula very clear, stating that it's ethically unacceptable, so it'll be interesting to see what if anything becomes of this if authentium really does hire students who've taken such courses...
0 comments:
Post a Comment