Instead of attacking Windows, Linux, or the Mac, today's hip, new virus writers are going after the anti-virus programs.

Russian-born Israeli Andrey Bayora has documented how this is done at his company, SecurityElf. He dubs the attack, "The Magic Byte." and the trick is simply to hide from anti-virus scans the type of file you've inserted into the system.

In hexadecimal (which is where all software actually lives, no matter how it's written) all executable, or .EXE programs start with the characters MZ, expressed in hex as 0x4D5A. But many files let the header start anywhere, not just the head, so by just adding a byte in front of that header, or prepending, you're giving an anti-viral scan the equivalent of "go on along, there are no droids here." When in fact there are.

This problem affects just about every anti-viral scanner out there, including the one you're probably using, and definitely including the one I'm using. Bayora took some old, easily-disabled viruses, used this trick on them, and bango - they were invisible (but still active).

Bayora says he alerted a variety of companies to this problem months ago, but has received no word that action has been taken. So he has decided to go public with the problem, which will coincidentally help "make his bones" as a security expert.

The problem, and the reaction to it, illustrate a common problem in the security industry. That is, they keep stuff secret, in order to keep bad guys from learning about things. The problem with this approach is it keeps good guys, and innocent guys, from knowing important stuff, and it may even keep your own people from learning things they need to know.