More Fear, More Sales
By Carlo Longino, Tue Sep 14 22:15:00 GMT 2004

McAfee's CEO talks up mobile viruses -- just as his company heightens its focus on the sector.

George Samenuk tells CNet in a Q&A that McAfee has decided to focus on 3G mobile phones, talking up the threat that mobile viruses pose to businesses. While the security risks posed by smartphones and other advanced devices is something to be considered, it sounds like building up fear in corporate decision-makers is a key part of anti-virus companies' strategies.

CNet's reporter poses a question along these lines, and Samenuk responds, "What choice do users have? Do you want your business or government to go down because you didn't spend money protecting PDAs or 3G phones or servers? This is a bet-your-job environment. You will lose your job if you don't have comprehensive, layered security solutions." Wow. So now, if CIOs don't implement software, preferably from McAfee, of course, to stop a mobile phone from bringing down an organization (no word yet on just how that would or could happen), they'll lose their job. The threat has now moved from the organizational to the personal.

Comments like these from anti-virus companies make it hard to believe there's much to worry about behind all their noise. While there's no doubt that someday, maybe soon, mobile viruses will be a problem, there are fundamental differences between mobile devices and the Windows PCs that are anti-virus firms' gold mine. It's not clear, however, they realize this. Samenuk says he has "no doubt" PC-type viruses will make it to 3G devices, but it's unlikely at this point. The data and processing speeds are still too low to make phones of much use to the trojans and spam zombies that are the malware of choice today.

Just because a device can access the Internet, like a PC, doesn't mean it has the same vulnerabilities, or even level of vulnerability, as a PC. But hey, if it sells more software, what do the anti-virus companies care? This isn't to say that any and all mobile anti-virus applications are a sham. But the energy spent in raising fear could be better put to use coming up with network- and server-level protection for mobile networks, rather than useless client applications.