Hosing down the Flame worm hype

Hosing down the Flame worm hype

Summary: Information security vendors are seemingly split in their reactions to Kaspersky Lab's discovery of the Flame worm. Some are joining the hype bandwagon, while others are dismissing Flame as just another spy worm.

SHARE:
TOPICS: Security
1

Information security vendors are seemingly split in their reactions to Kaspersky Lab's discovery of the Flame worm. Some are joining the hype bandwagon, while others are dismissing Flame as just another spy worm.

Flame was uncovered in Iran and other Middle East countries by Kaspersky Lab. It's 20 times bigger than the Stuxnet worm, they said, and has been operating for at least two years, and maybe up to five. They and other researchers are calling it the most complex malware ever seen.

But others downplayed these claims, seeing Flame as nothing special. The fact that it is 20 times the size of Stuxnet is more about the way it was coded than about any technological breakthrough.

Trend Micro's director of security research and communication Rik Ferguson, for example, noted that Eugene Kaspersky couldn't resist the lure of a good headline, even relishing the fact that a journalist had called him a "glorious global megatroll". That would've been me.

Trend Micro senior threat researcher Paul Ferguson (no relation) was similarly dismissive.

"From my perspective, there's nothing really gee-whizz about Flame, with the exception of ... the interaction it has with Bluetooth devices," he said.

On this week's Patch Monday podcast, Paul Ferguson puts Flame into perspective. He explains how different cultures of programming produce different styles of code, and comments upon claims by Mikko Hypponen, F-Secure's chief research officer, that failing to discover Flame for at least two years represents a failure of the antivirus industry as a whole.

While reluctant to fuel the hype, Ferguson does agree that there is a Cold War online.

To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney 02 8011 3733.

Running time: 23 minutes, 19 seconds

Topic: Security

About

Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust.

He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit trap, clear a jam in an IBM model 026 card punch and mix a mean whiskey sour.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • So what about it being out 2 years?
    About 2 years ago I reported one that was new to all the AV companies which Mcafee came back to me about saying THAT one was new and they had identified it with time stamps as being around at least 2 years.

    It isnt the first time this has happened and wont be the last.
    greg-w-h