Slashdot Mirror
Most Users Think They Have AntiVirus Protection, While Only Half Do
SkiifGeek writes "A survey carried out by McAfee and the NCSA found that while more than 90% of users believed that they were protected by antivirus or antimalware products that were updated at least once a week, only 51% actually were. 'Even with significantly growing awareness by everyday users of the need for efficient and effective antivirus / antimalware software, and the increasing market penetration achieved by the security industry, the nature of rapidly evolving Information Security threats means that the baseline of protection is outstripping the ability of users to keep up (without some form of extra help).' The study is available online in PDF format. What sort of an effect does this sort of thinking, and practice, have on the overall security of your systems, networks, and efforts to educate?"
New computer users forget to update antivirus. In other news water is wet, and fire is hot. Film at 11...
We all know what to do, but we don't know how to get re-elected once we have done it
I've been travelling around the world for the last six months, usually staying with people from hospitality associations. I've connected my iPod to a lot of computers to update Rockbox, and I'm amazed at how often autorun files from some virus or another are left on the iPod. Sure enough, these people have rarely installed antivirus, and don't even realize the need to run Windows Update. Indeed, most couldn't even get much from running Windows Update, since in much of the world legitimate Windows installations are difficult to achieve.
I downloaded this antivirus from this webpage that told me "YOUR COMPUTER IS INFECTED! DOWNLOAD FREE ANTIVIRUS!". :(
Why do I keep getting popups?
It's the antivirus/computer companies fault, since they switched to giving people with new computers only 30-60 days of protection when they would give you a full year or even software that never expired... People think they still get full service when they buy a computer that they did 2-3 years ago.
I run Windows. If I don't have anti-virus or the definitions are out of date (last time this summer when I was away for a few weeks) it'll nag. Same if I disable my firewall just to see if the reason an application isn't working is because I've blocked something I shouldn't have. It really doesn't get any easier than that, if they're not running updates they must have disabled everything themselves, and there's really nothing you can do with users that insist on shooting themselves in the foot because the safety is annoying.
Live today, because you never know what tomorrow brings
people thinking that a anti-virus program that requires people to update manually, updates automatically, and they therefore don't have to do anything.
Help Me! I'm trapped in the tubes! Oh noes! Here comes a internet!
Most commercial programs only come with a subscription for one or two years. After the time is up, people might forget to resubscribe or figure that it's not worth the cost.
Etch-A-Sketch doesn't actually need anti-virus.
I, like another commenter, think it's because of OEM's so often shipping AV trials that expire and they misunderstanding and think "having antivirus included" meant having it all along. Users would probably be less confused if OEM's didn't include any antivirus at all, or offered a lifetime subscription for some extra cost.
Beware: In C++, your friends can see your privates!
In the very early 2000s, when I started my business, most of my "problems" involved dealing with Windows 98 crapping out or computers just grinding to a halt from overbloatedness and installation of a few too many Bonzi Buddies. Often I was asked to help install antivirus software. But they almost never had viruses.
A few years later, almost all the computers I worked on had antivirus and/or antispyware software... yet almost every single one had some sort of virus, usually a botnet-style worm, or at least loads of spyware. In my opinion this is proof that viruses are something one can only avoid through overall system security and, most importantly, knowledge about computers--no antivirus will protect you if you cannot protect yourself.
While doing tech support for some family and friends I have come across this. I would ask them what AV program they were using, and they would state, "Whatever my ISP is giving me" I ask for more info and they tell me that their ISP told them they get free antivirus with their service. I asked what program they installed, and they would respond with a blank stare.
From what I have gathered, half believe the ISP installed and updates their AV in the same way Microsoft works. They believed that the ISP installed AV when they set up service and that the AV program gets updated the same way MS updates their system. The other half believe the ISP runs antivirus for them on the line so they do not need anything installed.
When I inform them that they need their own, they ask how much. I inform them of AVG and ClamAv* and that those two are at no cost. They then state they cannot be any good if they are free and they go buy either Norton or McAfee.
*I am now Linux only, so I am not familiar with current Windows AV programs. I have Clam on a few systems and AVG on a few others.
I'm no anti-virus expert--but does anyone need anti-virus software anymore? Gone are the days when viruses are spread by floppy. (Mostly) gone are the days when email clients were so brain-dead that they would automatically execute attachments. But most importantly, gone are the days when the main type of infection is viruses (which spread via some sort of user action). These days, worms (which require no user action) are the dominant threat. And anti-virus software, which relies on signatures, is nearly useless against worms which (by their automatic nature) spread far too quickly for even automatic signature updates to catch. Furthermore, worms generally cause most of their havoc just by spreading (and clogging the network), and by infecting PCs to use as bot-farms.
Perhaps I'm just isolated from the sort of users who are so stupid as to get viruses on their PCs...but are there any left? And does anti-virus software help these people?
I can't get that stuff to run under WINE.
I am the unwilling control for my Origin.
I am using a cracked version of McAfee Security Center, mainly because my ancient copy of Symantec Antivirus stopped being able to update its definitions.
I STILL can't update my definitions with the cracked version, right now I'm looking into an FOSS antivirus.Could someone please recommend an option for the unprotected?
Same for me. Until I was given a free copy of Kaspersky from my provider. It's like looking at your own intestines after having spent a 6 year period in the rainforests of Borneo.
I hate keeping up on it, but I dont use Anti Virus and I do just fine, I not a stupid porn-looking, spyware infested computer user, I know what to look for and what to stay away from.
Stop listing porn as a reason for viruses and spyware. You can get infected with either from almost anywhere.
I went 18 months without AV software on my Windows 2000 machine a few years back. I did not get infected with any viruses or malware. I was still using that system until March of this year when I moved to Debian Etch. I surfed many pornsites. However, I trusted the maintainers of those sites. I trusted them more than I would trust the maintainers of MSNBC.com and Ebay.com. There is a decent group of people out there who just want porn with no hassles. No viruses, no popups, and no malware. They took advantage of the situation and set up places to get porn without that stuff. Simple free market forces. Other sites were providing porn but with it they were messing with a person's computers. Someone else stepped up and provided porn without messing with a person's computers.
If this was seven years ago your statement might have more merit, but things have changed a lot. People don't like popups, viruses and malware. Those same people know how to run a webserver. They merely extended some courtesy to others and those others kept returning. Some basic Google text ads and they had a nice little income rolling in. All without infecting a person's computers.
By they way, it only takes one of your "what to stay away from." sites to get hit with a XSS or mis-configured item to infect you with something. Same as with any site I go to. And I bet that some of your sites are targeted more heavily than my sites.
Set up a fake video site like youtube and have a gif show up instead of a actual video player. Tell the user they must install the plugin (some exe file) to watch the video. Anyone with limited html skill should be able to pull that off.
Only the State obtains its revenue by coercion. - Murray Rothbard
Think again! Most budget computers come with a 30 day trail. Don't pay that one, and you're screwed... If you pay, you are screwed too because those Antivirus programs (Symantec, I'm looking at you) are crappy overpriced products.
Your only hope is knowing a Geek/Nerd that is willing too help. Contrary to popular belief on slashdot, not everybody has that luxury.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
I used to believe in virus protection but with the advent of all these rootkits that are undetectable by virus scanners, whats the point of having a virus scanner installed? If someone really wants to get into your computer, they can. If I don't click on everything I get emailed and I keep my windows installation up to date with updates from microsoft, I don't see what added value a virus scanner offers besides slowing down my computer.
On the other hand, the virus update doesn't seem to work unless the administrator is logged on.
The you have a crappy antivirus program. Even AVG Free does this in Limited User. I used Limited User everywhere on my computers, I rarely log in as Admin. Of course, I do have the knowledge to set up a machine that way. Something most -normal- people cannot...
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
It's free and open-source, but doesn't have an on-access scanner. AVG and Avast are commercial, but have free versions.
I have attempted to run as a limited user on my home PC, but almost every program I use (mainly PC games) requires admin rights for some stupid reason; if people would make there programs use user spaces instead of system spaces then this would be much more feasible for more people.
My favorite bit is having seen an out of date copy of norton on xp causes so much virus like behavior and slowdowns that it fooled a person into thinking it was a virus issue when the offender was in fact norton itself.
:/
I have one friend who bought it merely because it was the only way he knew to make his computer work again. Norton is so much more complicated to uninstall than other software that he couldn't figure it out.
YAY Shovelware!
But I've never gotten a virus, not once.
Sorry but how do you know, if you haven't used anti-virus software in years? Do you expect a little flag to come up saying "help help I'm infected, get an anti-virus program!"? You could be infected and not even know it.
Seven puppies were harmed during the making of this post.
The survey results are probably bogus. A lot of people who don't have antivirus software will lie and say "of course i do", either out of embarrassment or avoid a sales pitch.
People think that a Firewall is going to protect them and because Windows ships with a (low security) firewall they think they are protected. Also, it seems that the people who are unprotected aren't those that have low risk systems,I have had people on Dial-up pay for an anti-virus for checking their e-mails. And people who go online a ton seem to be unprotected. Ill admit, when I was on Windows all I had was ad-aware (free) to check for spyware every now and then. It only got really infected once. Then I switched to a Linux system and am very happy that the security risks are minimal all I really have to do is put chkrootkit on cron, install the updates, and set up iptables and Im mostly fine save I don't run unknown binaries or shellscripts. And because the code is open, I don't have to worry about installing software from the package manager because I know that someone has looked at the code and If I really want to I can look at the code and compile it from source. Unix security owns Windows insecurity
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
My wife's computer at work has a secretary account and an administrator account.
So tell, me what will happen the day you catch the secretary account in bed with the administrator account??? This sounds better than a soap opera!
Seven puppies were harmed during the making of this post.
A study carried out by McAfee and North Carolina School of the Arts says users need to buy more virus scanners. I'd have been amazed if a McAfee study had reached another conclusion.
Mielipiteet omiani - Opinions personal, facts suspect.
This ticked him off more at Symantec then he already was, especially on seeing yet again the number the number of different special removal tools for the various versions of Norton Security software there was. The Uninstalls shipped with the software should work, but they do an extremely poor job of it and sometimes crash and lock out the systems. Norton needs to be dealt with before a system restore too, else it will cause it to fail. Not the only AV with this problem of course, but extra aggravating cause of the requirement for the seperate utility to actually clean it off the system. Not to mention that pre-Win95 most of the Norton products were fairly decent, one of my favorites was Norton Desktop which made Win 3.1 more controllable, but with the advent of Win95 on Norton products always seem to be broken. None to the extent that 95 and larger hard drives blew old Norton Utilities 8 away, wouldn't let Norton Desktop even exist for obvious reasons and Norton 95 was just a broken product from its beginning, IMO. After all this time its still a memory hog that doesn't play well with others but then Windows doesn't always play well with others either and some have credited Norton Desktop on Win3.1 as having added extra push to Microsoft radically changing the GUI.
I recently had to fix my parents' machine, because it got massively infected. This turned out to be a blessing in disguise, because I ended up flattening it and reinstalling XP from Microsoft's disks rather than the crappy OEM version that was preinstalled on it, but that's another story.
My father had a subscription to Norton. So, why didn't Norton protect him against the virus? Well, a quick install and run of AVG later, I figured out why: Norton had been lobotomised by the virus. Half of its files were corrupted beyond repair. Most of the Javascript that its crappy UI was written in had been replaced by binaries. It was like one of those caterpillars whose brain gets eaten by wasp larvae, and the caterpillar never notices. It was horrific.
Unfortunately I still can't persuade him that AVG (which is free, which gets good reviews, which actually seems to work, and which doesn't keep popping up crap in your face) might be a better choice on the new system; but hopefully the new improved installation will protect him. We'll see.
Lots of dial up users will disable auto update because the updates take "too long to download." Then they neglect to manually update the software. Antivirus software is becoming antisocial nagware as well which will cause many users to disable the features either incrementally with rules or just turn it off and forget to turn it back on. I've been frustrated with product quality over the years and have changed products several times since 2000. I dumped McAfee because I despised the business practices of NAI, then dumped Norton because of the "elephant in the livingroom" footprint and the frequent forced reboots when it updated. Trend got the boot this year for excessive and unnecessary overhead (Moving a bunch of zip files from one folder to another on the same volume should not require scanning every file.) Now Kaspersky is nagging every time I launch an existing application because of registry access. It even nagged me about svchost. Many users would just give up and not replace the product. They just disable it and forget it's disabled.
Nobody really asks me except my mom, and she insists on "paying" me. I took her computer away from her for a couple of weeks, uninstalled everything Norton, installed all the Windows updates, Avast! and a couple other free things, and gave it back to her in a usable state. Took probably 6 hours over those two weeks.
(The biggest impact was scraping Norton off. Did you know Symantec actually has a tool on their web site to remove all modern Norton products from your system?)
For this, $100 gift card showed up in the mail along with a Thank You card. Gotta love mom.
The preferred solution is to not have a problem.
I know I shouldn't have, but I read it. Did anyone else notice the huge difference between 87% and 88% in the graph?
Also, who here would allow a "survey group" have access to conduct a remote scan on their computer? Methinks this survey is skewed, even if (especially because) they used quotas.
I had to deal with a network wide virus infection because AVG didn't detect the particular virus. Lucky for me I didn't get around to uninstalling Norton on my PC and detected a crapload across the network. Norton maybe a bloated piece of crap but I was thankful that one time having it.
I tested and retested it 5 times because my employers at the time were cheap bastards and didn't want to fork out money. Before leaving I reccomended some products but didn't stick round long enough to buy and implement it. Those bastards were slow and reluctent to fork out money even in emergency situations so I figured fuck em.
Make SELinux enforcing again!
.....The Uninstalls shipped with the software should work,.....
... empty trash ... there, it's uninstalled. Why can't Windows have it that easy? Also, other than a few experimental proofs of concept there STILL isn't a virus in the wild, that infects Macs. Now let the market share replies begin.
On Mac OSX, most programs don't come with an uninstaller, since that is unnecessary. Just drag the program to the trash
All theory is gray
It is perhaps worth pointing out that no antivirus could every be uninstalled without an uninstaller, not even ones on a Mac, as, duh, antivirus hook into various operating system functions. Antiviruses are not applications, they are system utilities.
That said, it's only Norton that is consistently broken during uninstall.
If corporations are people, aren't stockholders guilty of slavery?
......It is perhaps worth pointing out that no antivirus could every be uninstalled without an uninstaller......
For Mac users, uninstallers do exist for the very few programs that do install stuff in the OS. An antivirus program would likely be in that category. These are merely a convenience, because unlike Windows, unless you're talking root-kit, malware doesn't have as many places to hide. Malware doesn't do much good if it can't be made to start running automatically either at boot time or when a user logs in. There is a general system startup folder for boot time and each user has one in their user space. The Apple Installer program also keeps a log of where stuff was put in the system. Dragging those itms to the trash gets rid of them.
The system stuff in Macs is much better protected. We don't give the name of the admin account nor the password to any user around here. Even at home, only one person (Dad) knows the admin password. All users run as standard users and are not able to install any software other than in user space. If anyone wants to install downloaded software that wants to write to the system, the administrator must do it. No Mac program requires admin rights in order to RUN, even games. Sadly that is STILL not the case for many Windows programs out there.
It's so much easier to produce and install malware in Windows, and there are so many more Windows systems out there. The bottom line is: In practice, Macs are very safe without the burden and expense of AV type software. The OS and any other programs that use CPU cycles without adding to the productivity of the user is like the overhead of a business.
All theory is gray
No worries on Linux or Mac OS X.
No worries on Linux or Mac OS X or Commodore 64.
Anyway, my home systems of 3 Windows boxes are sitting fine without worry too. In fact, I've never had a virus on Windows.