Slashdot Mirror

← Back to Stories (view on slashdot.org)

Consumer Reports on 'State of the Net'

Posted by CmdrTaco on from the we-trust-those-guys-right? dept.

netbuzz writes "A " State of the Net" survey to be released today by Consumer Reports contends that Americans lost $7 billion over the past two years to malware and myriad online scams. Not surprisingly, a significant portion of this financial pain appears to have been avoidable, as the survey reveals a widespread continuing negligence toward the use of home firewalls and virus protection. As for underage children using MySpace and the like? There, too, the risks in many case look to be self-inflicted, as 13 percent of children fail to meet the 14-year-old age minimum on MySpace, and, as the organization notes: "Those were just the ones the parents knew about."

16 of 95 comments (clear)

  1. In other news... by Mattintosh · · Score: 3, Insightful

    People are stupid, lazy, and/or tech-illiterate. This makes people vulnerable to predatory criminal practices.

  2. viruses, malware, et cetera by SolusSD · · Score: 5, Insightful

    I guess I'm not surprised they came up with such a huge figure for dollars lost-- I hate to be the person that's just going to get modded down for this-- but maybe if >80% of computer users werent using windows and there was more diversity on the net (client-wise, at least) viruses and, to a lesser extent, malware wouldn't find it so easy to inflict such damage. A monoculture can be brought to its knees by a common vunerability.

    1. Re:viruses, malware, et cetera by CautionaryX · · Score: 2, Insightful

      Actually, I think I have a way to combat the problem:

      Have mandatory 'securing your computer' classes at the high school and college levels. In these classes one would learn about viruses, various malware, spam, social engineering, etc. as well as ways to combat/prevent them from infecting your machine. At least it'll improve awareness (let's not dodge the bullet here, at least 90% of high school students - from my experiences in the past 4 years going to a high school which hands out Inspirion 600m laptops to students - are still clueless as to how their computer actually works).

      I know it may not be the best option, but a little mandatory education never hurt anyone, did it?

    2. Re:viruses, malware, et cetera by Bacon+Bits · · Score: 4, Insightful

      Security is a state of mind, not a software package.

      Malware will be no less prevalent if Linux takes over the home market from Windows because the average home user still doesn't understand computer security (and has no desire to try). The vast majority of malware today is not installed through IE security holes and drive-by-downloads like they were in Windows 9x days. They're all trojans. No matter how tight the security on Linux, you can never stop a user from downloading and installing a malicious trojan for a "FREE SCR33NS4VER!1!!!".

      --
      The road to tyranny has always been paved with claims of necessity.
    3. Re:viruses, malware, et cetera by turnipsatemybaby · · Score: 5, Insightful

      You can't put the blame solely on Windows for this. There's *plenty* that can be done even with a Windows box to protect it. The single easiest step being to plug a cheap $20 router between the computer and the internet. Hell, I'm even starting to see modems with built in routers now.

      One problem is education. A bigger problem is that users don't see this as being "their problem". The ISP should be protecting them. The banks should be protecting them. The gov't should be protecting them. They don't feel they need to bear any of the responsibility of what is going on. I remember one old neighbour who's computer was riddled with viruses, and their ISP cut them off. They proceeded to blast the ISP for cutting the service and not not protecting them in the first place.

      Until people becoming willing to take responsibility, the education won't happen. Until the education happens, these problems cannot be prevented.

    4. Re:viruses, malware, et cetera by nuzak · · Score: 3, Insightful

      Schools used to have "computer literacy" classes. They're largely redundant now, since the kids are usually more computer literate than anyone who could teach them.

      Anyway, you get to fund this class.

      --
      Done with slashdot, done with nerds, getting a life.
    5. Re:viruses, malware, et cetera by ColdWetDog · · Score: 5, Insightful

      Have mandatory 'securing your computer' classes at the high school and college levels.

      That will work just as well as:

      Mandatory driving classes
      Mandatory civics classes
      Mandatory typing classes

      At a population level, people are Just Plain Stupid (TM, patent pending). It's the bell curve - the short bus tends to get pretty crowded.

      --
      Faster! Faster! Faster would be better!
    6. Re:viruses, malware, et cetera by Anonymous Coward · · Score: 2, Insightful

      Malware will be no less prevalent if Linux takes over the home market from Windows because the average home user still doesn't understand computer security (and has no desire to try). The vast majority of malware today is not installed through IE security holes and drive-by-downloads like they were in Windows 9x days. They're all trojans. No matter how tight the security on Linux, you can never stop a user from downloading and installing a malicious trojan for a "FREE SCR33NS4VER!1!!!".


      Ah, yes, but if you prevent the home user from running as root.. it becomes significantly more difficult to get the trojan installed in areas where
      it could do real damage.. for now...
    7. Re:viruses, malware, et cetera by Enoxice · · Score: 2, Insightful

      If they really want the FREE SCR33nS4VER!1!!!, they'll put their root password into the su/sudo box. Or are you suggesting we lock the PC owners out of their own machine?

      --
      Anyone else think the comments just weren't rendering right before they turned off ABP and saw ads?
    8. Re:viruses, malware, et cetera by MoonBuggy · · Score: 4, Insightful

      Anecdotal, I know, but all of the high school level ICT teachers I've come across honestly don't know as much as the geek contingent of their class. AFAICS the root of the problem is sending business studies teachers and the like into teaching kids how to use computers on the basis that they know how to use MS office - it means the teachers have the same issues as the kids you mention (although on a slightly different level, obviously): they can point and click to get a database in Access but look at you as if you have three heads if they see an SQL query.

      Interestingly, too, I almost decided not to post this; I started to think that maybe I was being unfair to expect people with a class comprised (by definition) of mostly 'average' students who don't really care, suddenly to know more than those students who have a genuine interest in the subject. Then I realised that I've never seen a maths teacher fail to be able to work through a formula written by a particularly bright student, or a language teacher fail to understand a particularly complex sentence from a fluent speaker. I've seen a few in these areas who couldn't communicate a concept to save their lives, but at least they understand the concept themselves.

      I really mean no disrespect to all the good teachers out there (and the parent poster certainly sounds like one of the good ones), I just think it's a shame that mediocrity in terms of knowledge seems to be accepted in the IT teaching field when it isn't in others.

  3. How does this compare by svendsen · · Score: 2, Insightful

    to the amount of money lost in the real world because people aren't educated or fail to take precautions or fall for scams...etc

  4. I'm pretty sure I know the response by Opportunist · · Score: 4, Insightful

    The response will be more cracking down on MySpace and other community networking sites (thinkofthechildren and all the crap), because it's beyond the comprehension of kids to understand it might not be a good idea to click on every single craplink offered to you. After all, that's something even 30 year olds don't understand, how should 13 year olds?

    Sure, it won't solve a thing. But hell, we did something. We didn't do anything that changed anything, but nobody can complain that we don't do anything.

    Instead, it could maybe be a good idea to educate people that they should use some AV kits, firewall kits and most important some brains when clicking up and down the 'net. Yeah, I know, I know, everyone wants to replace good ol' common sense (why is it called "common" sense is beyond me, but hey, you know, maybe in the old times when those idioms were created, it was actually common) with technology, we want to bubblewrap our kids instead of preparing them for life, but hey, it simply and plainly does not work. It never did and never will.

    Education and information is the key weapon against trojans. Sure, that requires you to learn how to protect yourself and how to defend yourself against malware. You don't want to? Ok, then I don't want you in my net. Get outta here 'til you learned how to operate safely in an environment where your clueless, careless actions cause harm to other people!

    How that harms me? Well, considering that there are DDoS sheeps worth a few hundred gigabit/sec, one could see (if one knows how BGP works) how this could be a minor inconvenience to the internet as a whole. So far, "critical mass" is not yet obtained, and they are not in a centralized hand. But I shudder at the thought that it might be. Imagine someone actually having the ability to bring the net to its knees with sheeps firing intercontinentally simultanously. We're heading there. Think he could do the Dr. Evil prank of asking for (pinky-at-mouth) a million bucks and he'll be paid?

    All made possible by clueless people who don't give a jack about security, ignorantly participating in DDoS attacks every day.

    And what's best about it, they're not even liable for it. I wonder, maybe one should set up a protest through the 'net, and whoever wants to participate and protest against some oil company that fills our seas with crud or clothing companies that employ kids at sweatshops, simply lets himself be infected by a trojan which then DOSes those companies' internet access lines. Hey, don't worry, you're not liable for it. You're just a poor victim yourself, infected by that nefarious trojan.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. $400,000,000 (yearly) more by karl.auerbach · · Score: 2, Insightful

    It may not be classed as a "scam" (because there is no illegality about it), but it is certainly as effective as one.

    I am speaking of a kind of private internet "tax" that amounts to roughly $400,000,000 every year.

    The internet now has a regulatory apparatus, called ICANN, that requires that domain name buyers pay about $400,000,000 in excessive domain name fees every year. This is a result of ICANN imposing a roughly $7 "registry fee" on every domain name sale every year even though the actual cost of providing that service is only a few cents.

    It may not be phishing, but the ICANN tax certainly pays off for Verisign and the very few other lucky DNS registrars. In fact it is better than phishing because smart consumers can avoid being caught, but with the ICANN tax the buyers of domain names have no choice but to pay.

  6. Be a teacher! by fuffer · · Score: 2, Insightful

    I think that toshe of us who are tech-savvy have a hard time understanding the actions of those who aren't. People are quick to throw out "Well if they didn't click every damn thing" anytime a report like this comes out.

    I'm telling you, though, that it's not that simple. The scammers are savvy...sometimes even more savvy than us!

    The best defense is education. Here at the office I've been offering some lunchtime classes on basic computer stuff - how they work, how scammers work, how computers get infected, etc. I find that those who participate are much less likely to have problems in the future.

    The key is to empathize with those who don't understand, and make it easy for them to learn. That's when the real change will happen.

  7. "Lost" 7 billion by fermion · · Score: 4, Insightful
    Over the past month I "lost" $1000 due to traffic.

    During a year of not working i "lost" 50K.

    By downloading my albums from itunes rather than buying locally, my local record shop "loses" perhaps $100 a year.

    Of course all of these are not even paper loses, as they do not represent money that is any way real. They barely qualify as opportunity costs.

    I really don't understand why these numbers are represented as losses. If a firm pays $.25 for each advertisement, do they lose that money for customers who do not buy anything, or do they just alginate the entire thing as a loss, or do they say it costs, say $2 to acquire a customer. When a computer is down, is this a loss, or cost of doing business with that computer. Presumable if the computer started generating actual losses, the firm would no longer use it. In fact machines are brought in because not using machines costs more money, and represent real losses. Of course, once the machines are in the savings are often not as great as one calculated, which some might consider a loss.

    Of course even if this is a loss, it hardly seems significant. It is like $20 per person. The recent price increase at Starbucks likely has a greater impact.

    --
    "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
  8. Mad Magazine by rapidweather · · Score: 3, Insightful

    Consumer's Reports is what we started to read to get a laugh after we got through reading Mad Magazine. They both attacked the establishment, and back in the late 50's and early 60's, we thought that was hilarious. Consumer's Reports told us that a certain car "rode like a log wagon", and steered like a "drunk was behind the wheel". The seats felt like "park benches". Getting in the back seat required one to "shrink to 1/3 your size".
    These are fictional examples, but typical of the attacks on the establishment that Consumer's Reports dished out in every issue. Not even a lowly coffee pot was safe from their critical reviews.
    Just one step away from being a Mad Magazine of Products. Great fun to read.
    They justified their reports by selecting one as a "best buy", but sometimes, none were acceptable, adding to the funny-factor. All these serious manufacturers making products that turned out to be downright dangerous, or totally useless for the intended purpose.

    Now, on to the 'Net. Did Consumer's Reports draw any correlation between an OS like Windows, installed on a hard drive where Trojans can be placed, and the financial losses that they have reported? Sure, any OS can be used by the unsuspecting to fall for a trap on a web site. Back when comic books had advertisements in the back, one could "send off" for a "movie projector", at a very low price, only to get a cardboard one, that you placed over a table lamp. Excuse given for not sending the one in the advertisement, "Shortage of Metal, caused by the Korean War."
    Only now, Mac, Windows, Linux users can "send off" for rip offs like that via web sites, and the financial loss is not the fault of the OS.
    However, the "ability" of an OS to accept and retain Trojans, viruses, etc. that have as their purpose the stealing of passwords, credit card numbers, account numbers, etc. stored on a hard drive is the point that should be made when blaming an OS. In that case, the user is not choosing to "order something from a web site", and get ripped off when the product never shows up, or is not accurately represented. The computer is just turned on, and is attacked by not having an up-to-date virus scanner, or is attacked by a drive-by when visiting a link.
    Surely most of the loss reported by Consumers Reports is from Windows Computers, even if no Trojan or virus was present in the particular loss, the OS was just the one most computer owners were using when the rip-off purchase was made from a web site. That kind of loss is not really the fault of Windows. One could say that since Windows comes preinstalled, requiring no technical knowledge at all to get on the 'Net, then too many average people are able to use a computer to go on the internet, find web sites that can rip them off. They are simply exposed to more opportunities to buy items than they would if they just looked in magazines, or drove to stores.
    In a magazine, if it is a well-known magazine, advertisements may tend to be more from trustworthy companies. On the 'Net, all web sites stand alone, unless linked from a trustworthy site.
    Consumer's Reports may not be drawing all of these conclusions, and may just be blaming the losses on the 'Net, rather than on the consumer, and the OS.
    I didn't RTFA, but I doubt that the Consumer's Reports that I have known all these years would put the blame on the computer users themselves, rather than on the established 'Net, OS providers, and computer manufacturers. CR tends to say, "This product is faulty, you should not buy it", rather than "This is a good product in the right hands, most of you are not using it right, and are going to get ripped off"

    Rapidweather

    --
    Rapidweather's Linux Screenshots.