The print and electronic media should desist from mentioning any computer security firm when they release news about new virus threats. No purpose (except free publicity for the company in question) is served by doing so. Why cannot they just say that "an analyst at a leading security firm today said that..."? It's not like anybody would complain (except said analyst, perhaps). Attributing a statement to a source when the source wants to remain anonymous is a no-no, but not its opposite. In addition to putting unscrupulous companies in their place, who knows, we might even see a reduction in the number of threats.