Slashdot Mirror

← Back to Stories (view on slashdot.org)

Most Home PC Users Lack Security

Posted by Zonk on from the think-then-play dept.

Ant writes "CNET News.com and MSNBC report that a survey of home personal computer (P.C.) users found 81 percent lacked at least one of three critical types of security. However, the number of consumers using firewalls and updated antivirus software is improving, according to a report released Wednesday. The vast majority of consumers surveyed were found to lack at least one of three types of critical security--a firewall, updated antivirus software or anti-spyware protection, according to a report by America Online and the National Cyber Security Alliance. Of this group, 56 percent had no antivirus software, or had not updated it within a week, while 44 percent did not have a firewall properly configured, according to the report. Meanwhile, 38 percent of survey respondents lacked spyware protection..."

4 of 349 comments (clear)

  1. Podcasting by giel · · Score: 4, Interesting

    Yeah, since they care more about podcasting than rootkits, what did you expect...

    --
    giel.y contains 2 shift/reduce conflicts
  2. Re:Bad metric by SilverspurG · · Score: 4, Interesting

    Consuemrs have been socially engineered by their Windows firewalls to click "Yes" any time an application wants network access. Windows firewalls are no longer a good metric for evaluating security.

    --
    fast as fast can be. you'll never catch me.
  3. Re:Bad metric by TheRaven64 · · Score: 3, Interesting
    If you run a software firewall in ANY operating system within the same computer, then any administrator/root users on that computer can modify the settings of that firewall at will.

    If you run OpenBSD at securelevel 1 or above then even root is not able to modify files who have their system immutable flag set - a category into which pf.conf often falls. If you run at securelevel 2 then no program can modify the NAT or firewall rules. I tend to run at securelevel 2, and it doesn't seem to get in my way other than requiring an extra reboot when I upgrade my kernel (I need to reboot to set the securelevel to -1 before I can modify the kernel).

    --
    I am TheRaven on Soylent News
  4. stringent metric biases report by call+-151 · · Score: 3, Interesting

    I think that the questions are skewed to make things appear worse than they are, presumably because the survey is done by AOL and the National Cyber Security Alliance, who presumably have an interest in scaring people into their products and services. Aside from the obvious Linux/Mac issues described by other posters, "properly configured" firewall is a pretty strong definition and I expect many quite adequate firewalls could be classified as "improperly configured" even though they were effective against the bulk of the current attacks. Similarly, only counting anti-virus software if it has been updated in the last week is going to skew things- there is a big difference between having no AV at all and having AV that is running but has definitions that are two weeks or a month old, and the metric chosen groups those two cases together.

    --
    It's psychosomatic. You need a lobotomy. I'll get a saw.