Antivirus software ought to be a commodity by now. It’s not. Until recently, it was probably the most used type of commercial/prorietary software which has not been released under the GPL as open source. Wait, some of you don’t know what open-source software is? Ok, for those of you out there who aren’t acquainted with the philosophy of “open-source”, here’s a quick rundown:

Companies like Microsoft build proprietary software. They own the source code, and never disclose how their software does what it does. They protect their trade secrets, typically for profit. When a problem or bug arises in their applications, users of the software have to wait for the company to provide a new version or a “patch” to fix the bugs. While waiting for the patch to fix the discovered bugs, it is extremely common to find other bugs, which the current patch won’t fix. This is a never-ending story. Ask anyone who’s ever run a Windows computer.

Open-source software on the other hand requires that when distributing software, the source code must be made available (with certain exceptions - for those of you who wish to call me out on the Lesser GPL!). This permits anyone with a programming aptitude to get into the guts of the application, make changes, and customize the software. The only stipulation is that if you modify the code for the application, you need to make your changes available too. This way, you can fix bugs (if you know how), and the “open-source community” is always working to fix bugs.

There’s a pretty big rift between commercial software makers and the open-source community. Open-source developers and subscribers believe software should be “free”. Free doesn’t necessarily mean cost = $0.00, but free as in unencumbered by copyrights and patents. This concept is gaining momentum, and now is a pretty serious force to be dealt with.

So back to the antivirus utilities…Of course there’s a plethora of them out there for purchase. Command, Norton/Symantec, McAfee, etc…Most of them do the same things: scheduled scans, and active protection from threats while a computer is connected to the internet. But as is the case with any commercial application, the patches (or in this case virus definitions) must come from the company who makes the application.

So how about open-sourcing it? Build an antivirus application under the GPL (GNU Public License - see above). Let the entire world work on it. The only stipulation here is that there needs to be some central repository, where code is checked in before being released. We wouldn’t want anyone with bad intentions adding code to the application. It’s a simple check to make sure the application going out stays safe. This way, as soon as a programmer/contributor to the project becomes aware of a weakness in the application, or discovers a new malware (worm, virus, trojan, adware, etc..) the fix can be quickly published.

I’ll even go a bit further here. What if updates and virus definitions were spread through the internet via bit torrent networks? Wait, bit torrent is a foreign term to you? Ok, here’s the skinny:

Bit torrent is like other file-sharing networks in that “someone out there has what you want, so you’ll download it from them”. The difference is, in a bit torrent network, there are say 1,000 people out there with a file that you want, and a “tracker” who knows about all these people. You’ll download small “bits” of the big file from 1,000 people all at once. Once you’ve got the whole file (or sometimes just the part of the big files someone else needs), you automatically share that with the other people on the network. Bit torrent is hugely popular these days because large files can be downloaded quickly, since you’re getting 1000 small pieces from 1000 different places, rather than one big file from a single place.

…Back to anntivirus. Spreading antivirus via bit torrent allows changes to get out to everyone quicky. To draw a parallel between this and real epidemiology (the study of the spreading of real illnesses), the ability to vaccinate a large number of people quickly is the best way to prevent an epidemic.

I guess the point here is that antivirus software should be a commodity by now; i.e. everyone should have it, and it should not cost money. Since Microsoft makes their operating systems so vulnerable, they ought to be producing an antivirus to fill in their own holes. Don’t hold your breath folks..

There is a frontrunner in the open-source antivirus communtiy. ClamAV is probably the most stable open-source antivirus project out there, and I’m sure they could use all the support you can afford to give them.