Interview with Roger Thompson, Chief Research Officer & Karel Obluk, Cheif Technology Officer AVG

1. Electronic viruses have been around for a considerable amount of time, what methods does AVG use to keep on top of the cyber criminals?

From the web side, we spend a lot of resources "putting things together". For instance, when we find one exploitive or hacked site, we like to see what else it can tell us. This is quite a complex business, but one example is that if a site is shooting _one_ exploit, it might be shooting other exploits, and we like to see what else might be there.

Once you find something that the Bad Guys are doing at one site, it is almost certain that you'll find the same stuff at other sites.

2. Why do you think people create viruses?

They have no life. Just kidding. It certainly used to be that kids (mostly) wrote viruses to show their friends how smart they were (mostly), and they mostly grew up and got a job and a mortgage, and found something better to do, and stopped.
These days , it _is_ their job, and they're not going to stop until they can't make a living at it.

 3. Originally, PC's were dominated by viruses and Trojan horses,  now we've seen keyloggers and unfriendly cookies, what do you think  the next threat will be for computer users?

Well, I've been convinced for a couple of years now that the web is the new battleground. The reason for this is that even the basic firewall in Windows XP does a pretty good job of keeping out worms and bots, but when you start a web browser, it creates a tunnel thru the firewall, because it starts from a trusted place ...._inside_ the firewall. If you visit a website of hostile intent, the code is able to get thru the firewall to the computer itself. If you're not patched, you're probably nailed.

4. In your professional opinion, do you think there will be ever a >day when the operating system will no longer need viruses?

I don't think the operating system needs viruses now, actually. :-) I'm just kidding... of course you meant "no longer needs an anti virus". The answer there is a resounding "No". I've been doing this for 20 years, and the only thing that's certain is that the Bad Guys keep re-inventing themselves.

>5. What is the most difficult security challenge that AVG has faced?

We have not seen any major virus outbreaks since MyDoom back in 2004. However, the biggest challenge for us is the continuous exponential growth of malware attacks. Each year, the volume increases by the factor of three or more. So for us, the most difficult is to have our researchers analyse the ever increasing flow of malware and our infrastructure to process the data and deliver in a timely manner to more than 60 million users worldwide.

6. PC versus Mac versus Linux. Do you believe there is one operating system that is superior than the other?

Define "Superior". Seriously though, there are pluses and minuses in all operating systems, including available of applications, security, target base. It depends what you want to do with the computer. I'm happy enough with Windows, myself.

7. Walking into the realm of science fiction, do you think that a virus or the like actually be beneficial if you could rework it?

Heh. It's an old argument and the answer is always "No". Not unless we're trying to hack into an alien computer, but you need a Mac for that. By definition a virus is _self_ replicating code. That means it's deciding where and what to infect... not you.

8. How does AVG ensure that their internet security programs are less resource intensive than the big three anti-virus companies?

No silver bullet here. Simply put, we always have this criterion in mind when designing new features and integrating new technologies. Ease of use and user friendliness are always on the top of the list of our design guidelines, even it means more complicated implementation for us or will take longer to deliver the product.

9. Is there such a thing as the perfect virus?

No.  All software has bugs. There's no such thing as a perfect _program_, including the underlying operating systems. This is part of the reason why there is no such thing as a Good Virus. It's hard enough to get computers to work properly all the time without adding viruses to the mix. If something starts playing up on your computer, what do you blame? The program that's playing up? Or the virus that
has attached itself to the program.

10. What do you believe are the reasons for operating systems, especially Microsoft based system for their internet flaws?

It's simple really. Security and functionality tend to exist in an inverse relationship. In other words, the more "functional" or usable you make something, the _less_ secure it tends to be, and vice versa.

Microsoft is a really successful company, with a large client base, and it is successful because it listens to its clients. The clients want "features" or extra functionality.

11. What are your top 5 tips for internet users to protect their PC's?

(1) Patch, and allow auto patching
(2) Get an anti exploit scanner, and keep it up to date
(3) Get a good anti virus and keep it up to date
(4) Make sure your firewall is switched on
(5) Be careful... it's a bit like the Wild West out there

12. Have you ever had a virus or the like on your personal computer?

Well, I always have _lots_ of viruses, but one has only got away once. In 20 years, it's not too bad.