Why Malwarebytes for Mac

As some of you may have already seen, we released Malwarebytes Anti-Malware for Mac last week. Prior to the release of the new product, I was of the mindset that Macs were not vulnerable to malware. So what changed my mind?

Doug Swanson, my former CTO at Malwarebytes (and current board member!) e-mailed me about a cool product called AdwareMedic he had found over the weekend. Doug’s grandmother’s computer, a Macbook Pro, had fallen victim to a search hijacker that was redirecting any links she clicked to advertising content. He ran AdwareMedic and all was well in the world. Doug insisted I take a look at the software, and his story certainly left me intrigued.

Continue reading

Poor Communication Can Cost You $52,140.60

Over the weekend, I received several cryptic e-mails from my CFO, Mark Harris, asking if I had approved the wire template for “the wire I had requested.” We were in the process of making a few wire transfers on Monday but I had already approved those and communicated that to him. He repeated the question a few times, but I still didn’t think anything of it. He asked me again in person this morning. That’s when I started to dig in.

Continue reading

Location, Location, Location!

Sounds like something a real estate agent would shout at you while selling you a house, right? Well, sort of.

Just like a grocer may perform a location survey to determine the best place for their store, i.e. the corner versus in a back alley, as an entrepreneur starting a business it is absolutely critical to choose your location. And I don’t mean your office location, I mean your niche. I hate calling it a niche, because it implies something small. Uber certainly didn’t find anything small when it chose to redefine how calling a taxi works!

We faced this hurdle at Malwarebytes early on. When we built the product almost eight years ago, antivirus companies had already saturated the market. There was no room for another antivirus, not that we wanted to be one anyway. From the very beginning, we decided to position ourselves as another layer of protection, one that focuses on the most aggressive and unknown threats and we left the rest to antivirus. It was one of the best decisions we had ever made.

At the time, we had no idea the position (location!) was so important. The revelation came to me recently while reading The Granularity of Growth where the author’s research found that “a company’s choice of where to compete is almost four times more important than outperforming within its market.” Had we positioned ourselves as another antivirus, who knows what Malwarebytes would be today.

TIL What a Warrant Canary Is

A warrant canary is a colloquial term for a regularly published statement that a service provider has not received legal process that it would be prohibited from saying it had received. Once a service provider does receive legal process, the speech prohibition goes into place, and the canary statement is removed. Source

In a nutshell, a “service provider” hoists a flag periodically that affirms they have not been subpoenaed for user information by a government agency. Often times these national security letters come with a gag order to not discuss the request. By not updating the warrant canary, or the canary disappearing, a provider can passively inform their users that an agency may have requested information and they’re now under a gag order. It’s a cute, and believed-to-be-legal way to inform users that their information may no longer be safe with the provider.

Canary Watch has even gone further and keeps an eye on any warrant canaries that are out there! Service providers watched on the site include reddit, tumblr, Adobe, and Cloudflare, among many others.

Hi!

It’s been almost 3 years since my last post. I logged into WordPress with 30 or so updates and 13,074 spam comments awaiting action. Things have been busy at Malwarebytes, we’re growing extremely fast and are about to hit 250 employees worldwide. Some days are great, some days are tough, but we keep cranking.

I look forward to posting more often and dusting this blog off.