Slashdot Mirror
Most Home PC Users Lack Security
Ant writes "CNET News.com and MSNBC report that a survey of home personal computer (P.C.) users found 81 percent lacked at least one of three critical types of security. However, the number of consumers using firewalls and updated antivirus software is improving, according to a report released Wednesday. The vast majority of consumers surveyed were found to lack at least one of three types of critical security--a firewall, updated antivirus software or anti-spyware protection, according to a report by America Online and the National Cyber Security Alliance. Of this group, 56 percent had no antivirus software, or had not updated it within a week, while 44 percent did not have a firewall properly configured, according to the report. Meanwhile, 38 percent of survey respondents lacked spyware protection..."
Yeah, since they care more about podcasting than rootkits, what did you expect...
giel.y contains 2 shift/reduce conflicts
Yes, I know I can google this - no shit. However, interested in the opinions here. I'm tired of paying for Norton A/V, so what's the best freeware A/V scanner for Windows? Shell/app integration is not needed, just a standalone app with good and frequent def updates would be nice.
xoxo,
boomgopher
Your hybrid is not saving the environment. Its purpose is to make you feel good about buying something.
Consuemrs have been socially engineered by their Windows firewalls to click "Yes" any time an application wants network access. Windows firewalls are no longer a good metric for evaluating security.
fast as fast can be. you'll never catch me.
If you run OpenBSD at securelevel 1 or above then even root is not able to modify files who have their system immutable flag set - a category into which pf.conf often falls. If you run at securelevel 2 then no program can modify the NAT or firewall rules. I tend to run at securelevel 2, and it doesn't seem to get in my way other than requiring an extra reboot when I upgrade my kernel (I need to reboot to set the securelevel to -1 before I can modify the kernel).
I am TheRaven on Soylent News
I think that the questions are skewed to make things appear worse than they are, presumably because the survey is done by AOL and the National Cyber Security Alliance, who presumably have an interest in scaring people into their products and services. Aside from the obvious Linux/Mac issues described by other posters, "properly configured" firewall is a pretty strong definition and I expect many quite adequate firewalls could be classified as "improperly configured" even though they were effective against the bulk of the current attacks. Similarly, only counting anti-virus software if it has been updated in the last week is going to skew things- there is a big difference between having no AV at all and having AV that is running but has definitions that are two weeks or a month old, and the metric chosen groups those two cases together.
It's psychosomatic. You need a lobotomy. I'll get a saw.
Concerning the state of modern day antivirus software. If you really want to put on a tin foil hat, try this one:
:) People are paying money to count score for someone else's game.
Who are the people best qualified to research and write viruses? Antivirus writers.
Or, more appropriately (considering chicken vs. egg):
Who are the people best qualified to research and write antivirus software? Virus writers.
Is antivirus software really antivirus software? No. It's really virus tracking software. At some level in these A/V companies these programmers are playing a game of who can write the best virus--and they're using customers as tallying points.
That's quality tin foil.
fast as fast can be. you'll never catch me.
You are absolutely correct. I do "tech support" for most of my friends and family, and I always recommend getting a NAT box between them and their ADSL line, keeping automatic updates on in Windows and not doing anything stupid, such as opening suspicious attachments. That's it. No problems for me or then, ever, and if there are problems, it's almost always their fault because they didn't follow the last rule.
The last time I saw my cousin's laptop it was so stuck on something that it wouldn't even manage to finish booting before nearly freezing. F-Secure's antivirus program was hogging up all system resources, and the firewall was acting funny as well. They hadn't, of course, been updated for ages. All of her security programs had come on some ISP's CD, which tend to be a bit shaky to begin with. So, I uninstalled all of that crud, ran all the missing patches into Windows and moved her to my safety regime. Everything has been fine ever since.
The lesson to be learned here is that people are not interested in playing with anti-virus programs and firewalls, and therefore they see it as a neccessary evil, which when neglected or misused is going to cause grief when they subsequently fail to protect. Are people really going to be able to differentiate between two processes that both want to communicate somewhere outside the box, one of which is something legitimate and something not? No, and this is why they either reflexively allow everything (I've got a virus!) or refuse everything (my program broke!).
End-user's security products are a sham. They slow down the machine and the user for worse cost/benefit than simpler solutions.
I want to play Free Market with a drowning Libertarian.
I had another client this week whose PC was infested with spyware and viruses. Took me HOURS just to get it working *somewhat* normal. (Of course, he was using a pirated version of XP, so I couldn't do the easy thing and just re-install.....) The idiot hooked his PC up to a cable modem with NO anti-virus or spyware protection. We all know that PCs are hit within minutes of connecting to a high speed line. I've never seen so many instances of a virus in my life. And the spyware he had was NASTY. I hope some day to meet the guy who developed SurfSideKick so I can kick him in the balls repeatedly. (if you are reading this you bastard, I hope you meet a painful death very soon)
Anyway, I'd say 95% of my PC clients have problems with spyware. They have no clue what it is or what to do about it. I think these ISPs should do a better job of educating these people when they sign up. They should also install spyware/virus firewalls. Hell, we have no problems at my office with that kind of thing.
Cheap pr0n!
I would be surprised if the aggressive adware/spyware programs agreed with your self-assessment. But, then, how would you know you had spyware without an automated scan?
Um, what about with a manual scan? I do much the same as the other guy: I run Win2k, and I don't keep any AV, anti-spyware, or firewall software running. Every once in a while, I download the latest version of Spybot or AVG and let it have a look. I've been doing this for years, and I can state with absolute certainty that unless it's happened within the last month, I have never been infected with any viruses or spyware.
Again, "ignorance is bliss" is not the same as "I know I have no problems."
Nor is paranoia. Why waste processor cycles on buggy and unstable "protection" software when safe practices are enough, and their success can be confirmed with occasional checkups?
Failing to catch a heart problem or cancer in time can be fatal, but I don't believe anyone has a private doctor who performs exploratory surgery on them every hour. And eating poisoned or infected food can be fatal, but I don't believe many people bother to send samples of every meal they eat to a lab for testing. If you don't take precautions like that when it's your life at stake, why do you think you need to do the equivalent for a mere computer?