[unisog] University virus-writing course?

Steve VanDevender stevev at darkwing.uoregon.edu
Wed May 28 21:43:54 GMT 2003

marchany at vt.edu writes:
 > Notice that nowhere in the article does it say how the Sophos employees 
 > LEARNED how to write AV software. How are they assured that none of their AV 
 > employees would ever write a malicious virus using the knowledge they've 
 > acquired at their jobs? I'm sorry but the same argument that they're using to 
 > make Calgary look bad could just as easily make them look bad.

One of the related links at the bottom of the Sophos press release is to
a page that has the CEO of Sophos saying "I won't hire virus writing


They claim "[Sophos] does not believe that writing new viruses is a
useful way to learn more about the subject."  So what is?

There's also a link to a paper "Is virus writing really that bad?"


As I would have guessed, it never touches on the issue of host security
as a factor in the existence and spread of viruses.  As far as they're
concerned it's bad that people create viruses, but not bad that systems
are so easily exploited to spread them.

More information about the unisog mailing list