Most In US Have False Sense of Online Security

BaCa sends along a link from Net-Security on a study of attitudes among Americans about the security of their PCs, versus their actual vulnerability. "More than half of computer users who think they are protected against online threats like spyware, viruses, and hackers actually have inadequate or no online protection, according to an independent research study conducted for Verizon... While 92 percent of participants thought they were safe, the scans revealed that 59 percent were actually vulnerable to a variety of online dangers. Ninety-four percent of those surveyed said they would find it helpful to be able to diagnose or check their online security status on a regular basis to make sure their PCs were safe."

Old news

[Billosaur]

It's not like this hasn't been noted before: PEBKAC Still Plagues PC Security. Your average user firmly believes what they are told by "experts" or the guy who sells them the computer. They are not web-savvy and don't dig into the background on computer security. They think that all they have to do is run their spyware remover and update their anti-virus and their fine. Heck, too many don't even know they have such utilities, and if the do know, aren't actually aware if they are running or not!

Computer security must be taken out of the hands of the user where the user is likely to not have a clue how it works.

Re:Old news

[Frosty+Piss]

Your average user firmly believes what they are told by "experts" or the guy who sells them the computer. They are not web-savvy and don't dig into the background on computer security. They think that all they have to do is run their spyware remover and update their anti-virus and their fine.

And why shouldn't they? Honestly, "average users" shouldn't have to be computer security experts. Average users use computers to play or do productivity tasks unrelated to software development and computer science. The fact is, the average user shouldn't have to be "computer savvy" and running spyware cleaners should do just that. Blaming "average users" for the fact that such dangers exist is missing the point.

Completely content-free

[$RANDOMLUSER]

* Spyware Protection: When asked how safe they felt their home PC was from spyware, 92 percent of respondents felt "safe" or "somewhat safe." In contrast, the Verizon Security Advisor scan revealed that the majority (58 percent) were "at risk" or "potential risk" from spyware infection. Nineteen percent were critically "at risk" from spyware infection.
* Virus Protection: When asked how safe they felt their home PC was from viruses, 92 percent of respondents felt "very safe" or "somewhat safe," whereas the Verizon Security Advisor scan revealed that 45 percent were "at risk" or "potential risk" from virus infection.
* Firewall Protection: Nineteen percent of respondents had their personal firewall turned off.

Please define "at risk", "potential risk", "critically at risk".
And by "personal firewall" do you mean that POS built into XP, or the POS from Symantec? Or do you mean the router firewall?

The best protection is a smart user.

[CastrTroy]

I don't have any virus scanner or malware blocker, or firewall or any kind of security software whatsoever installed on my computer. Actually, I have clamwin, but I only run it once a week. It never finds any viruses. Yet I would say that I'm adequately protected because I have a brain. I don't run software from sites I don't trust. I use Firefox, which doesn't have a history of letting websites run malicious code, and I try to stay on sites that I trust. I have a router, and no incoming ports are forwarded to my PC, so I'm safe in that way I guess. At work I have Norton installed, because it has to be. To date, it has blocked 0 spyware, 0 viruses, and 0 worms. Because it hasn't encountered any, because I practice safe computing. It hasn't actually done anything except slow my computer down. What a great waste of money that was.

94%?

[Delusion_]

This would be the target demographic of the malware antivirus attack, where a site does a browser hijack, slows your computer to a crawl, then starts bombarding you with ads for its "solution" to the problem its own malware caused.

There is no single answer here. Affordable (or free) antivirus software that actually works would be a start, providing it isn't on the McAfee/Norton bandwagon of getting you to pay for a subscription and using up a fair amount of resources when running. There are good community-governed host file lists which can be a real help on many different levels - adware, phishing, malware, viruses, and some of the more onerous types of advertising. User education about basic practices is key - I'd like to see some Public Service Announcements on this, in the style of some of the American Lung Foundation's 1970's PSAs.

I have to tell people over and over: "It doesn't matter if you trust Jackie not to send you a bad file. You also have to trust that Jackie is vigilant about computer security, and that she knows a lot about the subject. You also have to trust that her computer hasn't been compromised, or that her e-mail isn't a spoof, which requires you to understand a lot about message headers at the very least. Is an animated stripper dancing on your start bar really worth the risk?"

I think there's a more telling bit of evidence ...

[ubrgeek]

"Hi. I'm with Verizon. We're trying to see if your computer is secure. Mind if we scan it for vulnerabilities?"

When they answered yes, why bother to go any further? In my mind, they're obviously potentially victims for spear-phishing types of attacks.

Re:XP

[Billosaur]

Most people have a yellow light on their dashboard that tells them when they are running low on gas, and yet people still run out of gas. I suspect most people wouldn't know what the green light meant if you asked them.