Slashdot Mirror
Most In US Have False Sense of Online Security
BaCa sends along a link from Net-Security on a study of attitudes among Americans about the security of their PCs, versus their actual vulnerability. "More than half of computer users who think they are protected against online threats like spyware, viruses, and hackers actually have inadequate or no online protection, according to an independent research study conducted for Verizon... While 92 percent of participants thought they were safe, the scans revealed that 59 percent were actually vulnerable to a variety of online dangers. Ninety-four percent of those surveyed said they would find it helpful to be able to diagnose or check their online security status on a regular basis to make sure their PCs were safe."
Actually, if you're really conscious about what you click, why would you need so many security layers?
At least once a year, these results come out in yet another study. Perhaps we should declare a new holiday: False Sense of Security Day (and of course, False Sense of Security Eve, when a hacker in a Santa suit constructs an enormous botnet and takes down a few small mailservers with spam).
Palm trees and 8
I don't know how good Verizon is at online bank security. I mean ... how safe can you be when you look at your bank account and can't distinguish .02 dollars and .02 cents?
*ducks*
Apology to Ubuntu forum.
It's not like this hasn't been noted before: PEBKAC Still Plagues PC Security. Your average user firmly believes what they are told by "experts" or the guy who sells them the computer. They are not web-savvy and don't dig into the background on computer security. They think that all they have to do is run their spyware remover and update their anti-virus and their fine. Heck, too many don't even know they have such utilities, and if the do know, aren't actually aware if they are running or not!
Computer security must be taken out of the hands of the user where the user is likely to not have a clue how it works.
GetOuttaMySpace - The Anti-Social Network
DTA: Don't Trust Anybody
And by "personal firewall" do you mean that POS built into XP, or the POS from Symantec? Or do you mean the router firewall?
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
this missive is stored on a secure server.
My name is Milo T. Farnsworth, D.O.B 27/07/1974 My Switch number is 3975-4438-0098-2310, expry 04/09
Please take care of this, I will be on an extended trip for the next 2 months, during which I will require great use of my $10,000 credit limit.
A feeling of having made the same mistake before: Deja Foobar
Even after meeting online criminals in person, they still tried to rip me off. Fortunately, I tracked them down and got them. Stolen and Recovered 1949 Chevy Saga
Doesn't XP have a big green light that tells users they're secure with a firewall and anti-virus protection? If an OS tells an average user they're secure, even if they're only marginally more secure, I wouldn't expect the average user to question it.
Developers: We can use your help.
I don't have any virus scanner or malware blocker, or firewall or any kind of security software whatsoever installed on my computer. Actually, I have clamwin, but I only run it once a week. It never finds any viruses. Yet I would say that I'm adequately protected because I have a brain. I don't run software from sites I don't trust. I use Firefox, which doesn't have a history of letting websites run malicious code, and I try to stay on sites that I trust. I have a router, and no incoming ports are forwarded to my PC, so I'm safe in that way I guess. At work I have Norton installed, because it has to be. To date, it has blocked 0 spyware, 0 viruses, and 0 worms. Because it hasn't encountered any, because I practice safe computing. It hasn't actually done anything except slow my computer down. What a great waste of money that was.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
Look, my Windows machines auto-update themselves, and I have AVG running, which also updates itself. I have a firewall downstream of my modem and upstream of every other machine on the network.
What else can I do?
My wife is constantly playing and downloading games from the internet. No doubt she is polluting machines on our network.
Basically my approach to security on my home machines is I wipe them and rebuild them every 6 months or so, in case there is some hidden malware on there that has turned my machine into a zombie.
What I would really like is a "smart firewall" I could buy and put in place of my current firewall. This device would monitor all network traffic going in and out of my house, and it would stop the bad things from going through. It could even be a service whereby the device is managed by some security firm and I pay them to protect my network through this device.
A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
This would be the target demographic of the malware antivirus attack, where a site does a browser hijack, slows your computer to a crawl, then starts bombarding you with ads for its "solution" to the problem its own malware caused.
There is no single answer here. Affordable (or free) antivirus software that actually works would be a start, providing it isn't on the McAfee/Norton bandwagon of getting you to pay for a subscription and using up a fair amount of resources when running. There are good community-governed host file lists which can be a real help on many different levels - adware, phishing, malware, viruses, and some of the more onerous types of advertising. User education about basic practices is key - I'd like to see some Public Service Announcements on this, in the style of some of the American Lung Foundation's 1970's PSAs.
I have to tell people over and over: "It doesn't matter if you trust Jackie not to send you a bad file. You also have to trust that Jackie is vigilant about computer security, and that she knows a lot about the subject. You also have to trust that her computer hasn't been compromised, or that her e-mail isn't a spoof, which requires you to understand a lot about message headers at the very least. Is an animated stripper dancing on your start bar really worth the risk?"
"Hi. I'm with Verizon. We're trying to see if your computer is secure. Mind if we scan it for vulnerabilities?"
When they answered yes, why bother to go any further? In my mind, they're obviously potentially victims for spear-phishing types of attacks.
Bark less. Wag more.
I know I'm secure. I use only genuine Microsoft products. I remember seeing an ad that said that they're the most secure computer company there is.
This guy's the limit!
I'm pretty sure online commerce would come to a screeching halt ( "Oh N003355!! My Pr0n tax $$$s!!!111eleven!", cries the establishment) if the great unwashed masses ever knew that their main, and possibly only, line of defense was safety in numbers.
In other news, 92% of all drivers feel that their driving ability is above average.
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
Well some bleach oughta remove that from my eyes. Thank you sir.
Most In US Have False Sense of Security
There, fixed that for you.
There are no karma whores, only moderation johns
...by an false exaggerated sense of insecurity about other matters, such as risks of getting blown up by terrorists, being victimized by a serial murderer, etc.
Let's keep this sort of journalism on Dateline please.
The world is a dangerous place. Somehow, I think that humanity will soldier on nevertheless....
-- If you try to fail and succeed, which have you done? - Uli's moose
*GASP* I thought AOL was keeping us all safe online!
The game.
And security done right is way more complex than that.
Shocking, isn't it?
The real problem is that the average user does not understand or care to understand about security and the risks involved with surfing the internet's. All they want to do is surf the web and write their relatives. Further, the computer hardware and software makers make everything so easy to just plug in and access the internet, that a user is never required to really understand the security perils and risks.
What we need is a Computer License. Something similar to a drivers license, where you go and take a written exam and then take a hands on exam to determine if you are capable of securely operating and understanding a computer that is connected to the internet's.
Oh wait, that would probably not work. After all, there are millions of licensed drivers in this country and many of them still cannot drive safely.
Disregard.
My sense of security isn't false, I have a Mac. (No matter how true that is, yes, that was supposed to be moderated as 'funny'.)
I've got several family members machines that I've got the firewall on, spybot installed (and immunized) and AVG and they still get spyware out the wazoo because they click "yes" to "ya wanna install this nifty search toolbar?"
I've got a cousin that calls me up about twice a year because she ran a game she downloaded off the internet and it trashed her system. She's got the same, firewall, spybot and AVG and I've instructed her on safe computing habits...
I run all that AND firefox and I still got infected with a trojan because of a javascript hack while viewing a picture...a... PICTURE via Digg! I run noscript now, obviously...
What can you do? If anything all this "protection" makes people think they're "safe" and can do stupid things...
"Ninety-four percent of those surveyed said they would find it helpful to be able to diagnose or check their online security status on a regular basis to make sure their PCs were safe." run windows update and update your anti-malware products. Oh yeah, you also need to build a wall of fire in front of the opening to your tube.
You always need to be vigilant. You can't trust a software program to keep it safe. There are work around and security breaches for every platform. Even Linux or Macs...
/dev/hda
*** DO NOT RUN THIS UNLESS YOU ARE STUPID *****
#!/bin/csh
set uname = `whoami`
if $uname == 'root' then
echo "Installing..."
while (1)
echo "YOU HAVE BEEN FOOLED" >>
else
echo "You need to run this program as root"
end
Now if you want to be fancy and actually make it like a virus you make it to scan your drive for email addresses first email them using mail with a message. Hey I just got this Linux script it really improved performance try it out. Then it goes to messing up your drive...
Chances are it will trick most linux users out there. Because they feel that they are protected against anything. And most don't check the scripts because they feel it is to complicated for them.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
I must have a false sense of security. If I see things realistically, I am going to have to don a tin foil hat and end up like the protagonist in John Varley's excellent story, "Press Enter."
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
"First things first -- but not necessarily in that order"
-- The Doctor, "Doctor
I think this is a piece of research that anyone with a brain knows, and won't be accepted by those without one.
$.02: don't even have to read the article - just the post saying it's a perennial dupe
Lemme translate: This software collects data about you when you run it, will continue to collect data about you, and if Verizon's business partners happen to be skeeze, they won't warn you about their spyware. Do. Not. Want. By the way, by using their security advisor, I agree to use their "Internet Security Suite" as well. Which reports on me, and allows Verizon to edit settings on my computer. Sounds a little like remote access, yes?
Here's another thing: On the installation page itself, it says "Administrator rights are required to install this software." So that means that this ActiveX has access to ALL KINDS of fun functions and methods. Who is to say this can't be hijacked and turned into a mal-ware infection source?
~Sticky
/Cannot believe this made the front page of Slashdot.
If you want news from today, you have to come back tomorrow.
Also note, that while 98% of the people walking on the sidewalk felt safe, 100% of them were vulnerable to attack!
I've been using home computers for as long as there have been ghome computer. The number of viruses/Trojans:
1 Trojan the was on a floppy being circulated for the Apple IIc.
1 virus I compiled while doing security work.
Until two years ago, I never kept a virus checking service on my pc. I just ran virus software once every couple of weeks.
Two years ago I was contracting and some people freaked out when they found out I didn't have a virus checking service running 24/7.
So I installed AVG free because it is a lot less resource intensive then other anti-virus software.
The Kruger Dunning explains most post on
95% of americans have a false sense of security when it comes to walking down the street and being vunerable to a mugging!!!!!
Asking slashdotters for advice on securing windows is akin to asking people on a windows forum for reasons to switch over to linux. They're not exactly unbiased, know what I'm saying?
We do NOT need to protect our children from the evils on the Internet. We need to protect people in general. While the US might have more people who are gullible, there are gullible people all over the world. Computers are not simple to use and operate like a toaster, or other kitchen appliance. Even if they were, one look at the statistics of fire departments on the day before and the day of Thanksgiving should tell you that people, in general, are not competent to operate anything more complex than the shoestrings of their shoes.
You can buy a car that costs less than some computers, but still need a license to drive it, and insurance in case you get into a wreck. Why should computing be any different? Oh, don't believe in the nanny-state? Well, stfu about kids needing protection from the evils of the Internet. Yes, give me that argument that motor vehicles are a life and death issue, or could be. I'll argue this, losing your identity or giving your life savings to some Nigerian prince is more or less a life and death issue, especially if you need that money in the near future for heart medicine.
The point is, and well demonstrated in this report, that NOBODY is safe, and not just kids need some training and guidance. Using the Internet is not a game, and people should be taught better how to use it and avoid the pitfalls of modern life. If it sounds too good to be true, well it probably is. If someone is advertising it in an email, it probably is something you don't need or can live without. That goes also for television and other advertisements.
I think that it is high time we, the human race, began to look at things a bit more intelligently. False sense of security? If it were not for Dept. of Homeland Security, most people in the US would think that flying was safe. This and other such campaigns are not about raising awareness or traning, it is about selling antivirus and antimalware software.
Why this should come as a surprise to anyone is beyond me. How long did it take to get people to wear seatbelts? The public, at large, is wont to believe experts, yes, but this is true despite the news that those same experts are paid by large corporations more often than not, and have been shown to be less than 100% honest.
How long before 'made in China' means it is a lethal device? (won't happen) How long before people riot in the streets because the food we eat is not labeled correctly? (won't happen). This is just one more thing that the US populace in particular is blissfully ignoring. If you have to spend 2-6 months salary on something, you tend to figure out how it works and treat it with care, take it in for tune ups and such. How many reading this know of one or more people that just go get another pc when theirs acts up, or becomes slow?
Ranting done. If you can't get people to read directions on the kitchen appliances, or cleaning recommendations on the tag in their clothes, you can't protect them from the evils of the Internet. Who would have thought we'd need instructions (too small to read) on cigarette lighters to stop them from ending up in baby's mouths? or warning notes on coffee cups that the contents are hot? I don't want to imply that people are ignorant... but
Support NYCountryLawyer RIAA vs People
Dude. Off Topic.
Most people probably feel the same way in the real world.
I said no... but I missed and it came out yes.
You are broadcasting an IP!
(That's one of my favorites!)
LOOK AT ALL THESE SECURITY HOLES! People are so very confused about the security of their houses!
I think the example shows that the only real test of whether a machine proved "secure" is whether it got compromised or not. "Could be compromised" does not matter. The only way to fully secure a machine is to detach it from all networking, sink it into a 20-ton block of concrete, and drop that into an undisclosed location in the middle of the Pacific. No, wait... you also have to kill all the witnesses and arrange for tectonic activities to have the block go under into the magma too. Once the computer is goo, I have reasonable expectations that it will be safe!
Since "secure" is an unrealistic goal, a better goal would be "secure enough", which is very dependent upon the person, their practices, and their needs. If I burn a full backup of my system every few months, and everything I do between the backups is reasonably recreatible, I argue that my system is "secure enough" for my needs. Whether it has glaring holes or not. I think, however, that doing a study on whether people's machines are "secure enough" would present some serious challenges.
Name address and phone number. What's the problem? Its all the same crap that is in the phone book. Or yellowpages.com, or whitepages.com, or phonebook.com.
Danger is everywhere. Yet we live in a Nanny State because so many people do things without thinking, and are involved in things that they really don't comprehend the dangers that surround them. We live in a society that tries to protect the dumb from their stupidity, and the rest of us from the idiots we know everyone else are.
The problem is, we don't let nature fix the problems anymore, but blame shift everthing away from where it actually belongs. We all know the lawsuits that have created this Caution Label society, and we've seen these warnings that have us bemused beyond belief.
It is now to the point that everything comes with a long list of warning labels to not do something stupid while using a product that is semi dangerous, and should be recognized as that by default. Hot things burn, sharp things cut, electric things don't like water, power tools are dangerous. There should be no warning labels needed for these things, and if 99% of the people can use something responsibly, the 1% that can't or won't shouldn't be able to sue because they are stupid.
The false sense of security arises from the idea that we should be safe, and society should protect us from our stupidity. I'm sorry, no amount of protection can stop stupidity. I say this having been stupid in times past, but I don't expect society to cover my own stupidity.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
The interesting thing about these studies is that they often conflate "computer users" with "Windows users". The problem is, that as a Linux user, I have no need to run anti-virus software or a firewall. I know which services are running on my machine, and have accepted the security risk thereof. But, consequently, we, (and the Mac users) get counted in the insecure group because of the faulty study methodology.
I really don't think most users expect their machine to be secure. Microsoft Windows has been insecure for so long now that getting hacked is just expected after a certain period of time. In fact, I had a rather interesting conversation with an anasthesiologist:
Him: I'm thinking about buying a new computer. What kind should I buy...
Me: (I rattle off some specs) Why?
Him: Well, it's slowed down again.
Me: Well, why don't you just run Linux.
Him: Well, I do a lot of gaming. I figure you're going to have to replace your PC once a year, anyway.
Me: Why don't you just format and reinstall, and get yourself a good virus scanner and firewall?
Him: What, do all that work? And then I have to reinstall everything? No, I'll just buy a new PC.
Me: But you're just going to have the same problem a later on. You'll get infected by a virus, etc... and you'll have to buy antivirus software.
Him: No I won't - I'll just buy another PC. It's not worth my time to do all of that antivirus and firewall stuff...
Words failed me at that point. But he did have a point. Most users believe that computers "just wear out" and slow down like an old automobile. They think that virus infection is a normal part of owning a computer.
The problem isn't Windows, per se. It's that people don't expect any better.
The society for a thought-free internet welcomes you.
.. when your watching your boot CD scan pick up hundreds of infected MP3 files on one machine while on the other the 'midgits' directory is hitting a home run on the AV scanner as the owners ask how it possibly could happen to them when they had AV software. Some days I really loved my old job.
~~ Behold the flying cow with a rail gun! ~~
I think the responsibility for spyware/virus resistance has to ultimately lie at the feet of the operating system developer. The very idea that users should be expected to pay for commercial add-on software packages to prevent these problems is a triumph of marketing/advertising -- but is really a big ripoff for the consumers.
When you think about it, the entire idea of naming these mal-ware programs "virii" is all part of the marketing game. The average user understands how colds/flus and other infections work in the "real world". Eventually, you're going to get sick. There are some "common sense" measures you can take to reduce your risks (washing your hands often, insisting people cover their mouths if they cough around you, ensuring you've taken enough vitamins and got enough sleep, etc.) - but ultimately, nobody goes through life without ever catching a cold. Given enough time, one's immune system weakens enough to let something past that wouldn't have gotten past before.
In reality though, a computer virus doesn't have much in common with a real-life virus. Computers don't just spontaneously "catch" one because they're in close proximity to another machine that's already infected. In fact, assuming a computer is set up properly to begin with and it runs a specific set of tasks that don't get modified, it's almost certain it will NEVER get a "virus". (Take for example, a Novell Netware server that sits for years serving files and handling print services, but doesn't have any applications actually run on it. Have many virus issues with those?)
Nevermind that, though. It's MUCH more profitable to perpetuate the "scare tactics", making the "average user" think computer virii are inevitable.
IMHO, if developers can't build an OS that's truly resistant to mal-ware, then it's their job to at least include code that helps defend against it. Microsoft's inclusion of "Windows Defender" in Vista is a half-hearted start. It's the right idea, but a poor implementation - since competitor's products are noticeably better at doing the same job. Making all of this the OS developer's job makes the most sense, because it's THEIR code that's under attack. Nobody should know better than them how to protect it. Certainly, the "average end user" knows the least (and forcing them to learn more just lessens their enjoyment of the whole experience of using said product).
These scan's are worthless. First they will keep beating on you about MS updates and stuff that not all of us want. Some of us still want to actually do real things with out PC's and don't appreciate the very large performance hit that comes with a full scan of our 50 gig raw video files before we can open them.
Also as long as you don't browse porn with MS IE, something large percent of those vulnerabilities don't apply.
Also if you are behind a NAT such as a linksys routers again a very large percent of those vulnerabilities don't apply.
Also I find elimination of myspace addicted teens fixed almost 99% of all problems.
Don't believe the Hype unless it believe you.
I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso
I watch National Geographic and Animal Planet a lot. The gazelles act threatened when the lions chase but they should rightfully have some sense of security because every time it happens only one of them turns out to have been wrong. MY sense of security comes from having updated security programs,watching for stupid crap, a $50 limit on my credit card losses, 15 years of ALWAYS wanting a newer PC and wishing for an excuse to get one(until Vista anyhow)and nary a more serious problem than some wierd-ass internet explorer audio spam thing that occasionally plays strange voices and music. Maybe was published because Peter Norton needs a new boat...
The scaremongering: of the 59% "who were actually vulnerable", how many had already succumbed to some online threat - discounting iTracks, that is? The article doesn't say...
Or as bad: from http://www.marketwire.com/mw/release.do?id=799704: The tool [Verizon Security Advisor, from Radialpoint], which is now available free of charge from Verizon to all Internet users (http://www.verizon.net/securityadvisor),
And a last tidbit for the paranoid: Running without images or javascript (my own paranoia showing), TFA is completely obscured by an ad for Qualys, a company guaranteed to have a vested interest in a scare like this. Particularly a corporate scare.
Hope you've a sufficient supply of slightly iodized sodium chloride on hand.
We will only be free of nonsense like this study when the mainstream realizes that vulnerability is not the same as risk.
"oohhh... I didn't know Schopenhauer was a philosopher!"
Basically my approach to security on my home machines is I wipe them and rebuild them every 6 months or so, in case there is some hidden malware on there that has turned my machine into a zombie.
I find it shocking that Windows users just accept that as part of the cost of doing business. Can you imagine a Linux distro suggesting you reinstall every six months? No cracks from Ubuntu users which releases on a six month cycle. You get my point. MS would have a field day with that.
Every virus infected Windows machine I've fixed the owners all said the same thing. They had AV and had automatic updates enabled, and usually that was true. They got infected anyway. The ultimate irony is that I use Knoppix to resurrect the deaders and retrieve their data.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
i have a win 98SE comp thats been on the net for 7 years, only powered off for hurricanes (dont move to florida).
never had a single problem, not one fuckup.
as long as your not a complete retard in your surfing habits you'll be just fine.
I wouldn't blame them. Obviously, they didn't create the problem. But nothing changes the fact that "average" users do have to be knowledgeable about computer security in this day and age. If they are not, they WILL become a botnet member. They WILL get taken advantage of in due time.
And so I did the only thing I could do to combat this: I created a free class on basic computer security and taught it. It's true, though. Education will not eliminate the threat. I doubt that anything we can do will eliminate the threat. But even if I can't fix the world, I will still help clean up my corner of it.
I'm surprised such a router isn't readily available, especially with the new "evil bit" in RFC 3514: http://www.faqs.org/rfcs/rfc3514.html :P
And probably, you're among the few that indeed don't have virus running on their machine.
Most likely because, as you said, you *DO* have a brain and actively try to limit your exposure to sources of malware (unusual websites that could exploit bugs to install malware without your interaction, opening untrusted attachmetns, and all other example you give).
(Note in addition to running from time to time ClamWin, another possibility is to use FireFox extension and post-download script in most download software to selectively scan new coming files).
The internet is full of people prancing "I have no resource-sucking Anti-Viru$ $oftware, but I have no virus !". And given the the statistic about the spread of infected computers part of botnets, we may anticipate that, sadly, unlike you, most of those are probably just infected by viruses who make a big deal in staying stealthy.
This is even more likely today because :
- Botnets are a huge market, virus maker got to keep low profile in order to keep their Zombies. The times of "I'm in Ur computer, formating your files !!!" are long gone.
- Their attack are widely distributed, which means the workload *per infected PC* is very low and doesn't consume too much resource.
- Root-kits are getting popular even with Script-Kiddies and when the infected user tries to run a check just to be sure it may be too late and the root-kit is hiding everything.
- Multi-core chips from Intel and AMD are getting popular. They aren't much useful for average Joe's casual surfing/mailing/IMing/typing and occasional gaming. But they make the impact on ressource of a running malware even more discrete. An infected Zombie isn't crawling to death anymore.
In fact, a lot of people who are buying new computers because "the older one has gotten too slow" may have crapware-loaded machines. At least when they did change their machines, they replaced them with new machine, clean of virus, at least for some time.
Now as multi-core setups are limiting those problems from getting apparent, the users aren't even changing their computer anymore, and more PC stay infected and connected to the net.
People should learn "to use their brains" when on the inter-tubes. But sadly most of the users want a hassle free experience, the most easy possible.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
The world is round, details at 11....
"We're gonna need a bigger boat"
It sounds like the Bush admin and Guiliani and the 9/11 rhetoric. Level of secure-ness is one thing, but so is the level of likelihood to be a victim. These guys assume that every individual will suffer an attack.
>I find it shocking that Windows users just accept that as part of the cost of doing business.
My home PC is primarily for entertainment (games). If you want to play games on your PC, it means you have to run Windows. I understand some of the emulators are getting pretty good for Linux these days, but I'm skeptical about it 1) working and 2) not taking a performance hit.
If all I did was surf the web and read email I'd be all over Linux.
A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
I'm surprised the White House website does not have some sort of "threat level" for online use...
Oh wait then again... grisoft.com already has one.
Ignorance aside, one of the larger and more disturbing problems with online security are the lack-luster, wholly incomplete, all-in-one security suites offered by many ISPs (Verizon, Comcast, AOL, Earthlink). These suites fully appeal to all of the best American values - they claim to offer an all-in-one solution that once it is installed you simply click and walk away. We don't need to know how to use them so there is no learning involved, they claim to cover everything so no more worrying about multiple programs to cover the vast array of computer security and best of all to Americans - they're free; and since they are usually associated with some heavy hitter in the tech-sec realm, like Norton or McAfee they are trusted. But, these are very expensive programs backed by ongoing and costly R&D and updates so it's a pretty good bet that they and your ISP have not teamed up to offer anything other than a watered down version of what is available for consumer purchase. To further this ISPs are playing to desire as Americans to be ignorant and lazy by touting the fact that the consumer doesn't have to lift a finger but this is simply not true. They need to be updated and you need to make sure they are actually running. Not to mention that file monitors, though a great tool, need the support of regular virus scans and virus definition updates. Simply having these programs to check for viruses, spyware, adware etc. taking up space on your hard drive is not enough, they need to be run on a regular basis; otherwise free up that space on your hard drive, there is a trojan that is looking for a place to park. Finally, in the battle for online safety and protection of privacy these "do it all" security suites are not doing anything at all in one huge, key area.....firewalls. It is still the individuals responsibility to ensure that your computer is protected in this way. With a strong enough firewall properly configured and running you should know what network connections are being made by your machine and why. Criminal activity on your machine is not limited to people trying to get in, but also to an array of hidden gremlins that watch everything you do and transmit that information via the internet back to their masters. By the time the tech-sec vigilante catch up to a new threat and update spyware scanners to find them it may already be too late to protect your machine, or your bank account. It is a strong firewall that will tell you something is trying to connect and give you the power to refuse that vital link to your personal information.
I tried the Verizon security test and i think it is worthless. It stated my last antispyware update was 27 days ago, in reality i updated yesterday. It stated that the last complete scan i did with Avast antivirus was 271 days ago, last full scan was last week. Basically all they want you to do is buy their security suite by giving you a false sense of insecurity, i don't understand why this bs is propagated on slashdot. Did the editors finally give in to corporate pressure? Is this some kind of product placement? Thumbs down for this one.
False Sense of Security Day
We could celebrate by passing out CDs with Teh Lunix, or encourage people to get OSX, and advise all of them to not use a virus scanner "because only Windows gets viruses!!"
We can also tell people not to check any security web sites, since they might find out how insecure our pet OS is, and thus ruin the spirit of the day.
Wow, this could be a huge coup for Teh FOSSies!! Nobody does security by obscurity better than Lunix and Apple!
It's the reverse in Australia.
Australia has a culture about being suspicious and progress, new technologies (That aren't the Hills Hoist) and similar.
Because of this, more people have an irrational fear of the Internet. Not so much to do with system security, but more with credit card security, bank security and general detail security.
To the point where, if you try to start an online business in Australia that requires these sorts of transactions, you might find yourself in an EVEN SMALLER market than you thought you were to being with.
This is my footer. There are many like it, but this one is mine.
I rather have functionality than security. I once downloaded Belarc advisor and they added a security rating scale from 1 to 10. I believe it was based on or was a BaCa scale. I had a 3.4. I can only remember three instances where my system being completely compromised, all of which were my fault. Once, I installed a conflicting driver, so I reformatted not knowing exactly what driver to remove (and the Windows self help database just caused my system not to work at all, I removed one too many drivers). Next, a downloaded something manually, Macfee (which I get for free from Comcast) decided to block it when I tried to extract it. I decided to disable Macfee and yet it extract anyway, but turns out it really was a trojan and, ironically, had to use Macfee partially to recover. Finally my brother decided to hold down the enter key on my password window and that locked me out of my account (in a weird way, like, without freezing up and not letting you enter a password). Yet how many more times has security cost me functionality? I've had Macfee corrupt at least three software installations, only one of which was partially my fault (I didn't want Gamespy arcade, but turns out blocking it isn't a good idea), because there is no convenient way to turn it completely off (Norton Internet Security had an "exit" button, this doesn't, and many firewalls never truly shutoff unless you kill the process, which, since it has kernal access and/or another process to keep it alive, cannot ever be completely killed [by me]). Macfee doesn't detect any spyware (tracking cookies) that I get from the advertising on most sites, I have to run regular ad-aware scans (I'm too lazy to buy it). The comcast version of Macfee doesn't make its adblocking (if they include it, every time I download it it's different) completely obvious in the options (which I always check to make sure it isn't going to screw things up) and it has blocked several of my online applications that I use and yet left most of the ads there. Possibly due to firewall problems, I haven't been able to get my new FTP to work externally. I have never lost complete system functionality on my new system due to badware. Apart from tracking cookies on the ads that I haven't blocked with ad-block plus or added to the cookie block list I never get any spyware (at least spyware that shows up in routine scans). All my other family members, including one with a Mac, have had serious problems with their computers that could not directly be related to hardware or drivers. I install anti-badware applications on all the computers, and, for the most part, they update automatically (although they must use the dedicated anti-spyware program manually, which I instruct them to do). So perhaps any rating of security based on system settings is mostly irrelevant. It depends on how safely and wisely you choose to use the internet (and how you clean up if you don't use it safely).
...they sudo apt-get upgrade && sudo apt-get dist-upgrade
"Flags are bits of colored cloth that governments use first to shrink-wrap people's brains..."
"More than half of *Windows* users who think ...."
The fact that media, including jouranlists, seem to think that Windows == Computer (or PC) is a testament to the sorry monopolized state of the technology sector.
I went to a security get-together with Dan Kaminsky, Damon Cortesi, and Jason Larsen, and during the panel discussion asked what they were doing to protect their own systems. I forget which one said it, but one of the replies was that the person reformatted often.
Which strikes me as the counsel of despair, but in a world of stealthy malware where you can get infected by simply viewing a video, I can't bring myself to say it's absurd.