Slashdot Mirror
PEBKAC Still Plagues PC Security
Billosaur writes "ARS Technica is reporting on a study release by McAfee and the National Cyber Security Alliance (as part of the beginning of National Cyber Security Awareness Month) that suggests when it comes to PC security, the problem between the keyboard and the chair is even worse. PEBKAC has always been a problem, but the study highlights just how prevalent it has become. 87 percent of the users contacted said they used anti-virus software, while 70 percent use anti-spyware software. Fewer (64 percent) reported having their firewalls turned on, and only 27 percent use software designed to stop phishing attempts. Researchers were allowed to scan the computers of a subset of the users, and while 70 percent claimed to be using anti-spyware software, only 55 percent of the machines of those users scanned showed evidence of the software."
Nothing is ever, EVER going to be idiot-proof.
Because idiots are both highly prolific and highly creative.
Unless the world standardizes on a single platform, and never, EVER changes it again, this is always going to happen.
It's a matter of "that's not how I learned it" or "I never learned it", and they wind up making the systems do things they aren't supposed to.
It does, however, go to show you that even hordes of security professionals can't be collectively omniscient.
As always, "security" is a PROCESS, not an endpoint, not a product.
Chas - The one, the only.
THANK GOD!!!
So let's see, it's not software that is broken and buggy, but rather the problem is the users that 'inadequately' act as an insanely complex added layer of security, managing a bunch of brain-numbingly-unrewarding security layers.
/etc/selinux/....)
This article reeks to me of a security industry that is proactively trying to cover its ass, primarily because of the fact that the only reason they thrive is because microsoft 'needs' to keep it's source closed, and the public 'needs' an illusion of security.
Sorry, but I've recently gone through about my 5th runaround of giving selinux-Enforcing an honest try, and realizing yet again what an utter pile of useless shit it is (for the vast majority of Fedora users at least). (review my past comments which I won't argue over again... or just laugh as setroubleshootd tells you how the solution to your problem is to reboot and force a relabel... pulling in hardcoded path state from
Wake up and smell the insecurity folks and get used to it. Don't say anything within earshot of a mobile phone's mic that you wouldn't feel comfortable with any telecom employee overhearing... or anyone those employees might give network access to...
It's a brave new world. Don't give me this shit that the users are to blame.
Yeah, and there could be a huge Linux virus epidemic. Its just stealthy enough that its not being detected! Seriously, its become standard to retort to claims of malware free with Windows with "Nuh uh! You probably just don't know you have it!" which is stupid if only for the reason that such a claim isn't reasonably falsifiable. I know that a lot of malware is designed to be stealthy, but a lot of computer professionals know how to root this stuff out, and theres no reason to think that the grandparent is not capable of detecting it.
I've never been infected by malware. And I have confirmed this every time I've been challenged on that point. Doesn't stop people comming out and saying that I really am infected, I just can't detect it.
This Slashvertisement rates a 4.2 out of 5.
It caused many readers to wonder, "if McAfee has an all-in-one package that can handle all my anti-spyware, firewall, anti-virus and phishing needs?". However, McAfee was unable to get the actual product it was trying to pitch in its press release on Slashdot.
Well done (though not perfect) - another high-five to my those PR pros!