Sophos and their disreputable marketing scam
I was very, very disappointed to see a respected company such as Sophos being a party to the promotion of continued misunderstanding of key concepts in computer security.
Whilst precise technical definitions are not necessarily important for end-users, that is not an excuse for the use of imprecise language when discussing specific security issues, and I note that Cluley's article (hotlinked from this story) is very careful to avoid stating that Mac viruses do or do not exist - he refers to Mac "malware" and Mac "threats", but keeps referring to "anti-virus software" to address these. No. It's bad enough that the uninformed seize upon the existence of ClamAV and the like to bleat that "there must be Linux viruses because anti-virus software exists for Linux" (we can't stop people from demonstrating the extent of their ignorance), but it's shameful that he is attempting to promote Sophos anti-virus and anti-malware products by leveraging that ignorance.
By all means he can promote his company's security products for the Mac, and there's no objection to them calling it "anti-malware" and/or "anti-spyware" software. But it's not "anti-virus" software unless, like ClamAV, it's software for dealing with Windows viruses that happen to reside for whatever reason on a Mac platform, in the same way that my Linux servers deal with Windows viruses being sent through my Exim MTA, destined for Windows-using end users.
Quite frankly, it's about time that Trading Standards officers or the Advertising Standards Authority prosecuted Sophos for misleading anyone who buys "Sophos anti-virus for Linux" in consequence of the belief that Linux can be infected by a virus. Or have they successfully claimed the cash prize offered by Eddie Bleasedale's NetProject Limited to anyone who can successfully infect one of their properly-configured Linux boxes with a virus - i.e. malware that is self-replicating, the key criterion for software to be classified as a virus?