I am a member of AVIEWS and I have the utmost respect for the knowledge and expertise of its members, but I have to agree with the philosophy of the University. The experts in the field that insist students can learn about viruses by dissecting the existing viruses are still pushing the reactionary model. Tomorrow’s experts need to learn to think beyond and develop better applications and operating systems that proactively block potential attack vectors rather than waiting to be attacked and then responding.
Prohibition did not stop the consumption of alcohol. Gun laws do not stop the sale of guns. Demonizing and mystifying the creation of viruses won’t work to stop them from being created. What happens is that the underground has access to information and resources that law-abiding security administrators won’t be aware of.
There is a whole industry of books and classes aimed at teaching network security by educating people about hacker tricks, tools and techniques. The idea is that by knowing exactly how hackers operate and the tools they use an administrator will be able to prepare a better defense and recognize when their network has been compromised. Why should virus security be different? Security through obscurity (see Security Through Obscurity article) is a failed model that offers no real security at all. Hiding how viruses are created from the mainstream won’t help to proactively defend against the next generation of threats.
It is through experimentation of this nature that brilliant new discoveries are achieved. If Thomas Edison was told that he could learn all he needed to know about light by studying a candle and that it was illegal for him to try and develop light himself we wouldn’t have light bulbs. If Albert Einstein was told that he could learn all he needed to know about physics by studying those that came before him we would not have the Theory of Relativity and physics would still be where it was a century ago.
In order to progress and move forward you have to take what has already occurred as a foundation and move beyond it. In the case of great discoveries like the light bulb, the airplane, the telephone, etc. it sometimes requires breaking the mold and experimenting with new solutions in spite of what the currently accepted boundaries are. If we didn’t have people that think outside the box and look for new answers we would still think the Earth is flat and that the Sun orbits the Earth.
Can you learn what you need to know about existing viruses in order to defend against them by simply reverse-engineering them and looking at how they work- absolutely. But, will you make a discovery that becomes a quantum leap in programming to stop the next generation of viruses by dissecting the existing viruses- doubtful. In this virus / antivirus chess game the bad guys have always had the first move and the security experts are constantly reacting. I applaud the efforts of the University of Calgary to try and create a new breed of security experts who can take the initiative and make the first move for a change.