Slashdot Mirror
Non-Technical Users Talk Malware
swirsky writes "The Chicago Sun Times is running an article detailing the experiences of non-technical users after they were infected by spyware, malware, and viruses. We cluck our collective tongue and think that we'd never be so stupid, but this is a major problem that plagues personal computing." From the article: "The study found that spyware has disrupted the computer lives of 43 percent of surfers. That means an estimated 59 million people have spyware or adware on their computers, the study found. Adware is defined as tracking programs that come bundled with other software and that users knowingly download, although they don't necessarily want the adware."
It can hapen to anyone, but being protected is important... One time i downloaded something from a random torrent site. I knew it was probably virus/spyware packed, but I wan ted to use this as a way to test spywares remover. When I opened it I went from 0 to over 400 spayware (and that's only what AdAware saw). And as many have told before, 1 anti-spaware is not enough, I had to use 4 to get rid of everything XSoft spyware Remover, AdAware, Spybot, Microsoft anti-spyware beta. All of them saw spyware the others didnt see. So now I randomly run them all in cycle to make sure I see everything (but im pretty sure there's some spyware that they dont see anyway).
people eventually will become so fed up with this they will collectively begin to unplug (not necessarily a bad thing) and move on.
Definately not! If all the idiots on the internet would simply unplug it would
Honestly, I believe you should require some sort of license before operating the internet. You need a license to drive a car because you are putting other peoples lives in your hands. You need a license to fly for the same reason.
You need a license to sell stocks and be bonded by the securities commission. You need a license to sell insurance.
Why do you need a license for all of the above? Because what those people are doing is dangerous! Not necessarily to them, but to others as well.
How is the internet any different. Its estimated that viruses, spyware. and DDoS attacks cost over Billions of dollars.. They slow VoIP systems, they slow regular phone lines, they can mess up cable TV. If messing up necessary communications tools isnt dangerous, what is!
People ain't up to the task of using a computer. Most people are frightened, they have no idea what's going on... they merely repeat cryptic memorized sequence of actions to do everyday tasks but they are just not "getting it". Sad news: this is unavoidable, a gap is going to widen between people. Earlier "breaktrhoughs" in technology didn't need much understanding... take the wheel. But the automobile has been around since a century and people still can't drive ! Ever wonder why plane is safer than road ? The car is not intrinsequely more dangerous, on the contrary, but generally the pilots are trained professionals. I think technology is going to split between ultra-simple computers meant for web (and web will include applications such as wordprocessing etc) and the real-thing.
\u262D = \u5350
"There is a trust gap,'' said Douglas Sabo, a member of the board of directors for the National Cyber Security Alliance, which did that study. Consumers believe they are safer than they actually are, he said.
Wow, what insight!!! You could apply this statement to how people relate to today's government, media and advertising.
The bottom line is that people need to be vigilant about security in whatever they are doing. The computer software manufacturers need to stop spyware and adware as a built-in feature, not as a free download from an obscure website. But then again, who is profiting from all this spyware and adware? Most likely it includes some of the same people who are trying to stop it.
It does provide a need for tech workers to fix these problems ---- as its only bright side.
He who knows best knows how little he knows. - Thomas Jefferson
At home I use slackware and OS X (and a well firewalled, FireFox-ed and Thunderbird-ed Win2k box,) but I have witnessed the people at the bank where I am consulting go nuts whenever one of their machines get infected.
A consultant got banned after his laptop got infected from a connection at a hotel while getting his mail and some crap got through when he connected to the bank.
There are over 20k boxes at the bank and they take a bird if any of them would ge anything that would behave like spyware. They might monitor your keystrokes but they would hate like hell if somebody else did it. Its their equipment after all.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
We must be giving our customers quite a deal - most of our service is covered in 1 hour's time, $80.25 w/tax. I've watched our PC tech clean up computers on several occasions, and it astounds me how much you really need to know to pull that crap out, even with the automated programs. After he runs two or three apps, he opens up folders and goes recursively through them all, and selects what appear to be a random assortment of folders and files and deletes them. "All of this is spyware." These things are named in such a way as to look like they belong, and it's amazing that anyone can remember all the "bad" names from the good. That being said though, the PCs usually spend about 2 hours on the bench, mostly spent scanning while he works on another machine that needs more focus.
I'm the mac tech so I don't see the spyware first-hand but I know it keeps the PC tech pleanty busy. Most entertaining aspect of spyware: when one of the other employees uses the PC tech's PC to web browse, and he comes in to find popups on his own machine. hehe..
Then there are the oh... 1 in 15 customers that can bring in their machine every two weeks to have us remove the spyware, again. Some customers just can't get "don't click the popup's close button" through their head. There ought to be a simple law that states that "any software installer must clearly label the buttons and other control areas in their installer, such that there can be no confusion or deception as to the function of each control, whereas a user could be tricked into allowing the installation without his consent."
I work for the Department of Redundancy Department.
My experience is as follows.
My mother got a new PC about Feb last year, it had XP installed on it (not by me) and since her Internet access would be coming through my PC through NAT, I asked her to install Mozilla on it to stop her getting malware. She immediately told me she didn't want "any of that Linux crap" on her PC.
Fast forward a couple of months. She was complaining about, among other things, porn popups and the fact that her PC was slowing down to a crawl. She and my brother had installed, among other things, lots of casino programs, Kazaa and had been using only IE to browse the web. A quick scan with Ad-Aware revealed 1000 infections. This time I set Ad-Aware to run a scan at every system startup, removed access to IE and told her to use Firefox. This time, she went schizo and I had to shout her down and get someone else involved to point out to her that using IE was a bad thing.
Normal users don't care. End of.
By summer it was all gone...now shesmovedon. --
People ain't up to the task of using a computer. Most people are frightened, they have no idea what's going on... they merely repeat cryptic memorized sequence of actions to do everyday tasks but they are just not "getting it". Sad news: this is unavoidable, a gap is going to widen between people.
After dealing with this sort of problem for years, my conclusion is that there are two types of people in the world:
a) Those who need instructions and learn new things by learning those instructions, and
b) Those who don't need instructions and learn new things by grasping the underlying behavior behind the system.
That's basically the difference. Most people aren't stupid, but a lot of them fall in the type A category above. These people have trouble with computers. They also have trouble trying to, say, fix a car. They cook by reading a receipe and following those instructions, possibly introducing minor variations on that theme. This basic underlying behavior applies to all facets of everything they do. They're not incapable of learning, but they need some form of step by step to learn it from.
But a type B person figures out how the thing works and then works his way up to how to do specific things. A lot of auto mechanics fall into this category. All "hacker" types do as well. A large number of your better chefs do too. They grasp the basic principles behind whatever it is they do, and then simply figure out the specifics each time, based on their knowledge of those principles.
That's my opinion, anyway.
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
I'll tell you something else...the $129 average price tag quoted in the article is right on the money.
Wow, I never quite realized what people are willing to pay for this. Personally, I usually do it for friends and family for the price of a good meal. At work, I support student owned laptops and do this as part of my job. I really need to reconsider going independent.
That said, yes malware is a huge problem, and one of the reasons I am employed. And for all of the preventative measures we take and try to get our friends and family to take, it will continue to be a problem. The reason is that the biggest security hole is the interface between the chair and the keyboard. People are going to download stuff off the internet and run it. Some of it will be good clean fun, some of it will come with a hidden price. And as long as users have admin/root priviledges to thier own machines, they will continue to get nailed.
Even if we get people over to other browsers, other OS's etc., it's not going to go away. Consider the crapware bundled with Kazaa Media Desktop, or the like. During the install, if the user doesn't have root access, pop-up a box which asks for the root password. Sure, anyone with a clue is going to stop and wonder for a moment, why does it need that. The other 90% of computer users are going to just blithely type in the root password. (probably 'rootpassword' or other such sillyness) The program now has the keys to the kingdom and is going to put in all of the crap it wants.
Unless we can actually train all of the users out there not to do this sort of thing, malware is going to be a fact of life on the internet. And considering that people still fall for con-men and pyramid schemes, I don't hold out much hope of this happening.
Necessity is the mother of invention.
Laziness is the father.
Since I didn't want to spend time cleaning my friends and family members' machines the mac mini made it perfect for me. I made my sister switch to a very inexpensive mac and voila.
This is totally insecure, but very convenient.
Actually, it was pretty funny one time in my AP psych class. The teacher (who ran a program at our high school for training elementary school teachers in computer use and was married to the comp sci teacher (ie, smart and techno-savvy)) was doing a class demonstration using a psychology website, and one of those popped up. In front of a full classroom, she clicked on it (chorus of "NOOOOOOO"). Easily 30 popups, instantly. 'Twas amusing.
There ought to be a simple law that states that "any software installer must clearly label the buttons and other control areas in their installer, such that there can be no confusion or deception as to the function of each control, whereas a user could be tricked into allowing the installation without his consent."
We have something like that in Germany... If sonmeone wants to install and run a dialer on your system they have to jump through several hoops - the dialer may not be installed without your consent. That means typing "OK" into a text field. The installer has to provide, in easily readable letters, information about what exactlyyou're going to pay and what exactly you're installing there. And so on.
If the RegTP (the German regulation authority for telecomm and postal stuff) finds out that someone didn't comply with all regulations or even used some kind of technique to automatically enter the "OK" etc. he's getting his licence withdrawn, which means that he doesn't get a single cent anymore and you can get your money refunded if you can prove that he tricked you.
That law was damn necessary - in the German-speaking parts of the internet auto-installing dialers used to be the most common form of malware, except maybe for viral mails.
USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)