until someone creates the department of pre-crime, enforcing laws will have to wait until after the laws get broken. not sure that counts as prevention. this will probably come as a surprise to many, but the assertion that anti-malware companies need malware to survive is technically untrue. first, and most obviously, anti-malware software could easily continue to be sold even if the malware problem never got any worse (no additional malware was created). what, you think all those updates to microsoft word are because the world of word processing is changing so fast? of course not. second, but more striking, the only thing anti-malware software really needs in order to be successful is the perception that there's malware out there (just look at how successful scareware is). perception can be managed through clever (and unscrupulous) marketing, without the need for any actual malware at all.