Rich Countries Suffer Less Malware, Says Microsoft Study

chicksdaddy writes "To paraphrase a quote attributed to F. Scott Fitzgerald: 'Rich countries aren't like everyone else. They have less malware.' That's the conclusion of a special Security Intelligence Report from Microsoft, anyway. The special supplement, released on Wednesday, investigated the links between rates of computer infections and a range of national characteristics including the relative wealth of a nation, observance of the rule of law and the rate of software piracy. The conclusion: cyber security (by Microsoft's definition: low rates of malware infection) correlated positively with many characteristics of wealthy nations – high Gross Income Per Capita, higher broadband penetration and investment in R&D and high rates of literacy. It correlated negatively with characteristics common in poorer nations – like demographic instability, political instability and lower levels of education.'"

You don't say?

[Maximalist]

Better literacy leads to a better ability to spot the poorly written bogus come-ons that get you infected when you click on them? I just can't believe it.

Re:You don't say?

[TWX]

Better literacy leads to a better ability to spot the poorly written bogus come-ons that get you infected when you click on them? I just can't believe it.

Not from what I've seen...

Having a techie friend call to fix it when it's broke is what gets most people out of the jam.

Though with my friends, I charge $60/hr to friends to fix their computers on the side. As a consequence I do maybe two side jobs a year. I don't want to do side work, and when they know that it'll cost probably $120 to get their $500 computer fixed, they do tend to be at least a little more careful.

Re:You don't say?

[jellomizer]

That may be part of the issue.
However there is the other issue of being able to afford a better infrastructure.
Even a basic Home network in America has the following.
A broadband modem That connects to a Router for their Wireless, This router does basic hardware firewall and acts like a switch between mutable PC's, and even old Wireless systems offer modest encryption. Just by being able to Drop a hundred bucks in equipment we have basic safety. If you are in poor country and don't have a few hundred bucks to spend, you will get second/third hand possibly hacked or hopelessly out dated hardware which doesn't have nearly the same protection level.
Your computer will probably be using a Pirated version of Windows which you dare not to update, and volnerable system is in essence hooked up to an unfiltered internet. Allowing for the spyware to get in your system without having to click on that link.

Re:You don't say?

[Erikderzweite]

Mine have been forcefully switched to Linux. Much easier to support since I've set up ssh reverse tunnel with port forwarding for vnc. So if a PC is online, I can fix it. If not -- there's a custom LiveCD which does the same trick with reverse ssh.

Oh, and no problems with malware whatsoever.

Re:You don't say?

[emho24]

I wouldn't expect my brother to charge me $60 per hour to fix a fucking computer either.

Maybe not for the first few times, but after a while it just gets freaking old. That's when an hourly rate starts to sound appealing to me. Even family members need to learn and stop making the same stupid mistakes over and over.

Re:You don't say?

A few years ago I set up my parents with Ubuntu LTS, since they wanted something that worked and I didn't want to update it every 6 months. Everything was working fine, until my sister's dickhead boyfriend "upgraded" it to the latest version and messed everything up. From then on, when my parents had trouble I referred them back to dickhead boyfriend, since he evidently volunteered to maintain their OS from then on. Once it involved responsibility he wouldn't do shit, and I wasn't inclined to clean up his mess, so my parents blamed linux and bought a mac.

The moral of the story: don't give your parents the root password, even if you think they should be able to install programs on their own computer. They'll just tell the password to someone who feels like a hacker for one afternoon, but doesn't actually want to accept the responsibility of maintaining something. It's like giving car keys to a teenager, he crashes it, and they blame the car for not being crashproof.

Re:You don't say?

[Mister+Whirly]

"Ok Grandma so you can't look at a picture. Here is what you need to do - drop to a command line and start your ssh server. Check to make sure that the port is forwarded so I can connect on my end with VNC. Ok that all set up? Great now I can start to help you."

An operating system is not a panacea. What I have done with my family, instead of ramming something down their throat that is likely above their abilities, is to teach them good basic security practices, and that bad things can happen if you are not careful no matter what software/OS you are using. I taught them to be security minded instead of giving them the illusion nothing bad could ever possibly happen because I am using {Product X}. Guess who gets a lot less calls now? And how are you going to make them use Linux on their iPads, or do you also get to dictate which technology products anyone in your family can buy as well as dictate which software they can run?

Re:You don't say?

[steveg]

My sister has an icon on her desktop that says "Connect to Steve at home" and one that says "Connect to Steve at work." She calls me up, I set up the VNC client in listen mode, and she clicks the icon.

I then have access to her machine. All the command line stuff is done in a script attached to that icon. She doesn't have to deal with it. It's not that hard.

Re:You don't say?

[steveg]

Maybe. Maybe not. But it is certainly the answer to support. I can support this. When she was using Windows, her "local" support was Best Buy, and they charged her a ton of money without solving the problems. I'm not local (she's 1100 miles away), and my ability to help over the phone was limited, especially since the last version of Windows I used with any regularity was NT4.

If she gets an iPad, she's on her own. I have no expertise with that.

What if the program isn't there or is broken? What if my niece spills a drink on the computer? What if the roof blows off the next time there's a good Chinook blowing through and the computer blows out to Kansas?

You can't protect against everything. We'd deal with that if we have to, but so far none of those things have happened, and I'm not holding my breath about any of them.

Since I switched her over (about three years ago) she had *one* instance where she clicked on somthing and disabled most of her browser controls. That's as close to "broken" as her computer has experienced. All other calls have been on the order of "How do I do this?" or "I bought a new printer," and have easily been solved. The number of calls has dropped dramatically.

And that tells me that perhaps security has been addressed as well, because the security issues she used to have simply haven't come up. Would giving her better training in how to handle herself on the Net be a Good Thing? Sure. But I have 1 week a year there, and perhaps an hour or two of that is spent on computer issues. That's not likely to change.

Backpackers would know this

[CRCulver]

Computers at internet cafes in third-world countries look as scary and diseased as truck stop hookers. One imagines that whoever set up the computers way back when might have been tech savvy, but the owner paid him for his one-time services, then for the next 5-10 years kept the machines running with no updates or virus scans. The staff hired to work there are just babysitting the machines to make sure no one steals them; they have no greater knowledge of how to fix a problem than restarting the computer.

I use these establishments only to plug my notebook into a ethernet jack, but a non-insignificant amount of times, to ask to use your own computer instead of their infectious, malware-ridden machines evokes suspicion that are you are some kind of hacker terrorist and they want you to leave.

Re:Backpackers would know this

[CRCulver]

Yes, I've seen that in a few places. Luckily, 3G data is getting cheap enough that travellers don't have to always use internet cafes anymore. When I was in Tajikistan, for example, I just got a local SIM card, put 5 or 10 euro on it, and then tethered my mobile phone to my notebook. It worked for about a week of usage before needing a credit top-up.

Re:Backpackers would know this

[Ukab+the+Great]

I use these establishments only to plug my notebook into a ethernet jack, but a non-insignificant amount of times, to ask to use your own computer instead of their infectious, malware-ridden machines evokes suspicion that are you are some kind of hacker terrorist and they want you to leave.

Extending and embracing your analogy, it's like bringing your own hooker to a truckstop and they want you to leave because they think you're a pimp.

*hand on their head* - *pat* *pat*

Now that's a mighty find report.

Care to compare that rate VS Open Source ?

Because my memory says Microsoft cuts off machines that are pirated so if you are unwilling to spend a month of ones cashflow for software just so you can get patches OR one can choose to eat, pay rent or property taxes, or electricity.

This problem lies at the foot of Microsoft and their usary. Unless they can show that it doesn't by comparing Open Source boxes based on things like FreeBSD or any of the various GNU/Linux forkes suffer the same problem, the only logical choice is this report is a failed astroturffing attempt to blame others VS Microsoft policies.

Can Microsoft detect malware?

[QuietLagoon]

But how can anything that Microsoft says about malware be trusted when Microsoft's own Security Essentials software has problems detecting malware?

Anti-virus software not updated

[mmsimanga]

The reason is because anti-virus software on these computers is not updated. Reasons for not updating primarily revolve around how expensive it is to connect to the Internet. I don't live in my home country, Zimbabwe. When I did visit the one time I installed Ubuntu on the home PC because half the time the PC was unusable thanks to malware. I blogged about it here http://www.mahalasoft.co.za/blog/ubuntu-linux-experiment . The next time I visited, Windows XP had be reinstalled on the machine because that is what most of the "technies" knew back home, yes the PC was unusable again.

Republican solution is..

[HerculesMO]

To make sure you're rich.

Countries are rich for a reason

Countries didn't become rich by accident.

It's a combination of several things, starting with higher IQs and then including things like rule of law, hygiene, political stability and emphasis on learning.

In any part of the world, and in every ethnic group, you will find that some countries have broken away from the others and have generally higher intelligence, thus put a priority on things like stability, rule of law, infrastructure, etc.

It's not an accident they're richer.

In life, all things come down to the choices we make and the abilities we have. It's not arbitrary, no matter how much ./ peanut gallery would like to think it so.

ERm

[jaseuk]

When the dodgy $1 Windows+Office disk comes complete with Malware this is really no surprise. I'm sure the $1 Norton disk also comes with free anti-virus+rootkit.

Jason.

many reasons

[dmpot]

There are many reasons why malware is so rampant in poor countries.

1. If majority of population cannot afford buying software legally, even those who can afford do not buy it, because they see no reason to pay relatively huge money for something that almost everyone gets for free. Piracy creates increases the risk not only because some pirated software may include malware, but automatic update is often disabled to prevent the pirated version being detected by the vendor.

2. Old computers often mean that they cannot run new software, which means a lot of software in use is no longer supported by the vendor, and there is no security updates for it (even if it was bought legally).

3. Sharing a PC among many people is very common. This dramatically increases a chance of some virus being introduced, because it feels like no one responsible. If something bad happened, anyone can claim it is someone else's fault. Thus anyone feels free to do whatever damn thing comes to his or her mind.

4. There is no police to fight cyber crime, so cyber criminals can do whatever they want with virtual immunity. In fact, common attitude is to blame victims (they should not have installed some pirated software, they should not have visited such sites, etc).

5. Most people do not use their computer to store or transmit any private sensible information (such as credit card numbers), so as long as malware does not interfere with their work, they are reluctant to take any action to remove it. Usually they do not have any antivirus software except perhaps a demo, which can only scan but does not remove malware. So they have to pay some money a local "guru" to clean up their computer, but only to find the computer infected again in less than a week later (probably, due to some unpatched software, infected an USB stick, or some other reason).

6. Very low computer literacy means that people have less understanding about how computers work and how to use them safely. So they may download and install programs that make some completely unrealistic promises (such as making your computer or Internet connection twice faster). In general, they have no clue about the source from which they download software.