Slashdot Mirror
Consumer Reports on 'State of the Net'
netbuzz writes "A " State of the Net" survey to be released today by Consumer Reports contends that Americans lost $7 billion over the past two years to malware and myriad online scams. Not surprisingly, a significant portion of this financial pain appears to have been avoidable, as the survey reveals a widespread continuing negligence toward the use of home firewalls and virus protection. As for underage children using MySpace and the like? There, too, the risks in many case look to be self-inflicted, as 13 percent of children fail to meet the 14-year-old age minimum on MySpace, and, as the organization notes: "Those were just the ones the parents knew about."
People are stupid, lazy, and/or tech-illiterate. This makes people vulnerable to predatory criminal practices.
I guess I'm not surprised they came up with such a huge figure for dollars lost-- I hate to be the person that's just going to get modded down for this-- but maybe if >80% of computer users werent using windows and there was more diversity on the net (client-wise, at least) viruses and, to a lesser extent, malware wouldn't find it so easy to inflict such damage. A monoculture can be brought to its knees by a common vunerability.
to the amount of money lost in the real world because people aren't educated or fail to take precautions or fall for scams...etc
"Computer viruses have prompted 1.8 million households to junk their PCs over the past two years, while spyware has claimed another 850,000 machines in just the past six months."
When I was in school I was punished for doing anything with a computer that wasn't within the teacher's scope of instruction; making spreadsheets and word processing. Most parents know next to nothing about how to operate a PC outside of simple browsing and email. Anything else is intimidating techno-wizardry. Teaching more advanced computer classes in grade school could easily reduce that "cost." I've found parents are more than willing to take little Bobby's advice on computer related topics, because at least he can program the damned VCR.
If nothing else works, a total pig-headed unwillingness to look facts in the face will see us through.
The response will be more cracking down on MySpace and other community networking sites (thinkofthechildren and all the crap), because it's beyond the comprehension of kids to understand it might not be a good idea to click on every single craplink offered to you. After all, that's something even 30 year olds don't understand, how should 13 year olds?
Sure, it won't solve a thing. But hell, we did something. We didn't do anything that changed anything, but nobody can complain that we don't do anything.
Instead, it could maybe be a good idea to educate people that they should use some AV kits, firewall kits and most important some brains when clicking up and down the 'net. Yeah, I know, I know, everyone wants to replace good ol' common sense (why is it called "common" sense is beyond me, but hey, you know, maybe in the old times when those idioms were created, it was actually common) with technology, we want to bubblewrap our kids instead of preparing them for life, but hey, it simply and plainly does not work. It never did and never will.
Education and information is the key weapon against trojans. Sure, that requires you to learn how to protect yourself and how to defend yourself against malware. You don't want to? Ok, then I don't want you in my net. Get outta here 'til you learned how to operate safely in an environment where your clueless, careless actions cause harm to other people!
How that harms me? Well, considering that there are DDoS sheeps worth a few hundred gigabit/sec, one could see (if one knows how BGP works) how this could be a minor inconvenience to the internet as a whole. So far, "critical mass" is not yet obtained, and they are not in a centralized hand. But I shudder at the thought that it might be. Imagine someone actually having the ability to bring the net to its knees with sheeps firing intercontinentally simultanously. We're heading there. Think he could do the Dr. Evil prank of asking for (pinky-at-mouth) a million bucks and he'll be paid?
All made possible by clueless people who don't give a jack about security, ignorantly participating in DDoS attacks every day.
And what's best about it, they're not even liable for it. I wonder, maybe one should set up a protest through the 'net, and whoever wants to participate and protest against some oil company that fills our seas with crud or clothing companies that employ kids at sweatshops, simply lets himself be infected by a trojan which then DOSes those companies' internet access lines. Hey, don't worry, you're not liable for it. You're just a poor victim yourself, infected by that nefarious trojan.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
...that would include the million or so that I lost to online sports betting. I never learn :P
It may not be classed as a "scam" (because there is no illegality about it), but it is certainly as effective as one.
I am speaking of a kind of private internet "tax" that amounts to roughly $400,000,000 every year.
The internet now has a regulatory apparatus, called ICANN, that requires that domain name buyers pay about $400,000,000 in excessive domain name fees every year. This is a result of ICANN imposing a roughly $7 "registry fee" on every domain name sale every year even though the actual cost of providing that service is only a few cents.
It may not be phishing, but the ICANN tax certainly pays off for Verisign and the very few other lucky DNS registrars. In fact it is better than phishing because smart consumers can avoid being caught, but with the ICANN tax the buyers of domain names have no choice but to pay.
Part of this may sound like preaching to the choir, but bear with me. There is a tendency to want the government to do something about every problem, and the hassle of online scumbaggery is no exception. Individuals (and their guardians) need to take responsibility for their own protection, and not expect either the government to protect them (which it cannot) or for faceless strangers to be kind to them, which a tiny but significant portion will not.
Each of these steps solves roughly half of the remaining problems not solved by the previous ones.
So what do you do if your kids download some game, P2P app, or other crapware-laden piece of stupidity? Take away the computer. What if you have several kids, and you don't know who did it? Enlist their aid and hold them all accountable. Tell them that if any of them downloads crapware and the guilty party won't come forward, they all do their homework at the library (for a week or month or whatever).
sigs, as if you care.
I think that toshe of us who are tech-savvy have a hard time understanding the actions of those who aren't. People are quick to throw out "Well if they didn't click every damn thing" anytime a report like this comes out.
I'm telling you, though, that it's not that simple. The scammers are savvy...sometimes even more savvy than us!
The best defense is education. Here at the office I've been offering some lunchtime classes on basic computer stuff - how they work, how scammers work, how computers get infected, etc. I find that those who participate are much less likely to have problems in the future.
The key is to empathize with those who don't understand, and make it easy for them to learn. That's when the real change will happen.
During a year of not working i "lost" 50K.
By downloading my albums from itunes rather than buying locally, my local record shop "loses" perhaps $100 a year.
Of course all of these are not even paper loses, as they do not represent money that is any way real. They barely qualify as opportunity costs.
I really don't understand why these numbers are represented as losses. If a firm pays $.25 for each advertisement, do they lose that money for customers who do not buy anything, or do they just alginate the entire thing as a loss, or do they say it costs, say $2 to acquire a customer. When a computer is down, is this a loss, or cost of doing business with that computer. Presumable if the computer started generating actual losses, the firm would no longer use it. In fact machines are brought in because not using machines costs more money, and represent real losses. Of course, once the machines are in the savings are often not as great as one calculated, which some might consider a loss.
Of course even if this is a loss, it hardly seems significant. It is like $20 per person. The recent price increase at Starbucks likely has a greater impact.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
This is an ironic article to read so shortly after receiving an email from the AFA seeking my signature on a petition to have Congress protect kids from online "obscenity". While I am both a parent and IT professional and, thus, a little more versed in the dangers which exist and the easily obtained remedies for them, I still blame modern parents for what their children gain access to on their home computers.
For example, my 8 year old daughter does have her computer in her room. It's an old machine I fixed up for her to play games, watch movies, and do a little web browsing. I have so many parental locks in place, however, that she is truly limited to just those things. As she grows older, those locks will come off, one by one, as I deem her mature enough to handle it.
Just like any other exposure children have to the outside world, it's up to the parents to take what steps are necessary to filter out what they don't want their children to see, as best they can.
We also have a couple of teenagers in the house who were getting into some real trouble, based on what they were pulling down from the Internet. This meant more locks went into place and keyloggers installed. We take our responsibilities as parents very seriously and when they are 18, they can move out and do whatever they want. In the meantime, they are using computers I bought, on a network I installed and maintain, and using bandwidth I pay for.
Consumer's Reports is what we started to read to get a laugh after we got through reading Mad Magazine. They both attacked the establishment, and back in the late 50's and early 60's, we thought that was hilarious. Consumer's Reports told us that a certain car "rode like a log wagon", and steered like a "drunk was behind the wheel". The seats felt like "park benches". Getting in the back seat required one to "shrink to 1/3 your size".
These are fictional examples, but typical of the attacks on the establishment that Consumer's Reports dished out in every issue. Not even a lowly coffee pot was safe from their critical reviews.
Just one step away from being a Mad Magazine of Products. Great fun to read.
They justified their reports by selecting one as a "best buy", but sometimes, none were acceptable, adding to the funny-factor. All these serious manufacturers making products that turned out to be downright dangerous, or totally useless for the intended purpose.
Now, on to the 'Net. Did Consumer's Reports draw any correlation between an OS like Windows, installed on a hard drive where Trojans can be placed, and the financial losses that they have reported? Sure, any OS can be used by the unsuspecting to fall for a trap on a web site. Back when comic books had advertisements in the back, one could "send off" for a "movie projector", at a very low price, only to get a cardboard one, that you placed over a table lamp. Excuse given for not sending the one in the advertisement, "Shortage of Metal, caused by the Korean War."
Only now, Mac, Windows, Linux users can "send off" for rip offs like that via web sites, and the financial loss is not the fault of the OS.
However, the "ability" of an OS to accept and retain Trojans, viruses, etc. that have as their purpose the stealing of passwords, credit card numbers, account numbers, etc. stored on a hard drive is the point that should be made when blaming an OS. In that case, the user is not choosing to "order something from a web site", and get ripped off when the product never shows up, or is not accurately represented. The computer is just turned on, and is attacked by not having an up-to-date virus scanner, or is attacked by a drive-by when visiting a link.
Surely most of the loss reported by Consumers Reports is from Windows Computers, even if no Trojan or virus was present in the particular loss, the OS was just the one most computer owners were using when the rip-off purchase was made from a web site. That kind of loss is not really the fault of Windows. One could say that since Windows comes preinstalled, requiring no technical knowledge at all to get on the 'Net, then too many average people are able to use a computer to go on the internet, find web sites that can rip them off. They are simply exposed to more opportunities to buy items than they would if they just looked in magazines, or drove to stores.
In a magazine, if it is a well-known magazine, advertisements may tend to be more from trustworthy companies. On the 'Net, all web sites stand alone, unless linked from a trustworthy site.
Consumer's Reports may not be drawing all of these conclusions, and may just be blaming the losses on the 'Net, rather than on the consumer, and the OS.
I didn't RTFA, but I doubt that the Consumer's Reports that I have known all these years would put the blame on the computer users themselves, rather than on the established 'Net, OS providers, and computer manufacturers. CR tends to say, "This product is faulty, you should not buy it", rather than "This is a good product in the right hands, most of you are not using it right, and are going to get ripped off"
Rapidweather
Rapidweather's Linux Screenshots.