Slashdot Mirror
Viruses: More Hype than Danger?
blankmange writes "CNN is carrying a story on how the big virus scares within the last year or so have been just that: scares, usually hyped by the media with software companies standing by to reap the profits. 'The market for computer security is booming as PC users become more aware of the need to protect themselves from worms and viruses.
"Code Red" hit the headlines in July last year, with dire predictions that the PC worm would cripple the Internet. Yet in the end, Code Red didn't even make the year's virus Top 10.' PDAs are the next marketing target, along with cellphones."
People should be glad the vulnerabilities were not exploited to a greater extent and keep on working to keep things secure.
If people broke into my house one night and left after defacing my home, but didn't take or destroy anything - I'd still be pretty upset. And if it was because I'd left the front door open- I would really think about closing it and installing a lock (or locking it if there was already one that I had just left unlocked).
.
It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
Probably still the most damaging as far as I have experienced... the majority of problems with viruses i see are users passing on pretty obvious viruses.. maybe the answer is in the education rather than the protection
But without the hype there would be more people without anti-virus software. We don't see a LOT of viruses hit our mail server, but we do see a few every day. If one of those got in and a user ran it, we'd be in trouble.
Better safe than sorry....
Of course the security companies are going to strongly emphasize the risk of viruses, it should be expected-- it's what they do!
For news sites... they make everything overly dramatic. Maybe that's the problem.
What this article is really addressing IMO is the fact that news sites like to exploit people's fears in order to increase readership/viewership. That's an across-the-board news problem, not a virus problem.
mark
If you want to make an apple pie from scratch, you must first create the universe. -- Carl Sagan
I guess then CNN can produce an article about how it wasn't really hype after all and then, after everyone has forgotten about viruses, they can start hyping virus stories again. Then they can have a story about how much they are hyped. And then they can have a story about how there used to be stories about viruses and how they died down and now they've come back.
Endless stories without having to research anything. It must be fun working in media.
-- SIGFPE
Which top 10 list are we talking about here? The top ten Outlook worms? Top 10 viruses stopped by antivirus programs? Top 10 trojans?
Code Red (and derivitaves) were a major pain in the ass. My servers don't run any MS software, but Code Red still affected me. It kept hitting my ports, over and over and over again. That sounds like a minor annoyance, until you are using more than eth0. Think virtual hosting.
I also was lucky enough to have a number of clients that were using Cisco 678 DSL modems. Anyone remember that? Code Red locked them up. Until a patch was applied, they locked up every time they got a Code Red request. I knew of some people that would go and reset the Cisco, and be down again before they got back to their desk.
It may not have been the typical user spread virus, but it made my #1 last year, because I'm not stupid enough to use Outlook.
Yeah, you'd be correct, if it wasn't for the fact that the patch was available for OVER A MONTH before code red EVER hit the scene. The blame lies squarely on people NOT MAINTINAING THEIR OWN MACHINES. Much like, say, GM would never be blamed for a family who died in a horrible accident after recieveing a recall notice, and ignoring it. Microsoft THEN took steps by turning Windows Update on, by default, in XP Home, and, predictably, everybody started crying because it's an invasion of privacy, and it takes choice away from the user.
Vintage computer games and RPG books available. Email me if you're interested.
Well, I'm out of work now, but when I was working I had to deal with several virus outbreaks. It wasn't pretty or fun either. Usually it would happen like this.
I would get into work in the morning, read the latest advisory about some new virus. I would send out an e-mail to my users, "DONT OPEN ANY ATTATCHMENTS!" After which I would promptly apply fixes to the mail server.
My CIO would be reading her hotmail or yahoo mail, whatever. Point is it was a mail service outside of my control. She would see the subject, "I love you" and thinking it was a date, she would open it, from which it would spread like mad cow diesease. The rest of my day would be spent cleaning out her crap.
Wasn't this way at just one company, it was this way at every company I have ever worked at. No matter how much you try and warn these people they just don't listen. They have the attention span of a gerbil and it shows. And everytime it would happen I would always get the same answer from them, "But I swear I didn't open that attatchment" To which I would reply, "The computer must have MAGICALLY sprouted hands and fingers and opened the attatchment itself, oh don't forget it also typed in your webmail username and password for you too"
I dunno, being jobless all this time has made me realize a few things. There's no enjoyment in a job where you have to put out fires for 200+ people a day because they're too fucking stupid to figure out simple shit for themselves. They won't ever listen to your warnings, they don't seem to care that you have to spend several hours fixing their machines. They have an obvious lack of understanding that you have to actually concentrate to fix their problems, and this is made apparent by the 15 minute head pops they do into your cubicle, "Is it fixed yet? I have a really important blah blah blah for VIP blah blah blah."
I don't think CNN has any concept of what it's really like out there. The amount of single celled organisms in a corporation is astounding.
Code Red didn't even make the year's virus Top 10
...maybe because Code Red was a worm?
If the media didn't hype the virus issue to people who normally wouldn't know any different, then the problem would probably have been much much greater.
Think of Y2K: a big deal, yes, and plenty of people were saying right up through January 1999 that something had to be done, and soon, because thousands if not millions of computers and software programs were affected. Eventually, they all got on it. The problem was licked, and virtually no major Y2K issues were still existing by the time the date actually arrived.
Sure, some people overreacted by building underground computer-free bunkers and stocking up on gasoline and bottled water -- but then, there are always people who overreact. Y2K probably wouldn't have caused the end of the world, but it would have been a pretty big nuisance if the media didn't get the word out so that normal people knew to upgrade their products and pressure companies to produce the upgrades for them.
You can't over-hype virus issues. You can lie and say a problem exists that doesn't, but you can't stop stressing that antivirus software and common sense when opening attachments and securing connections is important. There's always someone new to the computing world, or someone who introduces a new attack strategy, which necessitates restating all the rules.
Bottom line: everybody with a computer needs some sort of antivirus protection, even if it's just common sense. Everybody with an Windows PC on the Internet ought to have antivirus software as well, and keep it up-to-date, just because that OS is so susceptible to new attacks.
Doesn't anyone remember when viruses would actually do something?
Used to be when you got a virus it would munge your bootsector, and as much of the disk as it could after it mailed itself you all your friends.
The viruses these days just seem to be made to propogate as far as possible, or to do something juvenile like deface web sites.
The only reason they are only hype these days is because the payload is (relatively) innoxious. One line of code could make the few hundred thousand of computers infected last year dead, rather than popping up a cute little message.
I would have to disagree with the statement that viruses prey primarily on stupidity. I have many intelligent people working in my company who know nothing about computers. Accountants, Credit Managers, Sales Managers, Location Managers, etc. These people are intelligent and competent in their respective fields. However, many are no doubt "ignorant" regarding anything computer-related.
Instead of revoking access to users we like to label as "stupid", maybe we as IT Managers, Sys Admins, etc. should spend more time training our people rather than browsing Slashdot all day. : )
Just a thought.