One lawmaker has a possible solution to the increasing problem of computer viruses: requiring all computer users in the United States to install antivirus software on their PCs.


At a congressional committee hearing on computer viruses Thursday, Representative Charles Bass (R-New Hampshire) discussed this possibility as a way to counter the billions of dollars in damage done by viruses and worms in 2003 alone. IT security experts disagreed with his suggestion, and with other ways for the government to encourage cybersecurity among private companies and individual users.
Read the rest over Here (http://www.pcworld.com/news/article/0,aid,113322,00.asp)

Hmm.. I thought microsoft would make some sort of antivirus that would run in the background and shove them in there next service pack.. :D

In other news, a computer user named Fatphantom was found lying naked in a ditch. He had apparently lost all his memory and the only clue to his origen was a tatoo burned into his back that said "Bill...". He was found early this morning chanting "Yes sir, the start button is very shiny; Yes sir I love start button..."

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by Fatphantom
Hmm.. I thought microsoft would make some sort of antivirus that would run in the background and shove them in there next service pack.. :D

I can see it now... Microsoft AV telling me that my Norton AV signature files are viruses and automatically "repairing" them to "enhance my computing experience", and the rest of the world giving up on 3rd party software because of such inconveniences, much like Netscape users did 5 years ago when IE4 came bundled. Unless they but a tried and true distribution, I'll stick with third party software, thenk you very much.

Hmmmm

To install AV is human.................to keep it up to date and run it would appear to require divine intervention?

Sorry, I have seen too many installations with two year old AV on them:(

I do not believe that legislation will work unless it is along the lines of "due dilligence"...........as in if your computer contracts something that damages my computer, you have to prove "due dilligence" insofar as you took adequate steps to prevent it?

How on earth you would enforce such legislation is another day's work?


Just my £0.02

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by nihil
Hmmmm

To install AV is human.................to keep it up to date and run it would appear to require divine intervention?

Sorry, I have seen too many installations with two year old AV on them:(

I do not believe that legislation will work unless it is along the lines of "due dilligence"...........as in if your computer contracts something that damages my computer, you have to prove "due dilligence" insofar as you took adequate steps to prevent it?

How on earth you would enforce such legislation is another day's work?


Just my £0.02

I agree with Nihil: People are lazy, or the download takes too much time on their 56k or they dont know how to update their antivirus. I installed Norton Antivirus on my sisters computer 3 months ago and she called me the other day asking if she had antivirus on the machine....

I don't use any av at the moment, but if they get some team together and build a free app and have the team working on it constantly and constantly updating it I think it is a good Idea. They could also get anyone they catch for making viruses and force them on the team for punishment. I didn't read the article just the quote because I'm lazy. That is my opinion though.

average people don't give a F**k about security, ive seen computer that are infected with natas and other old shool virus. The only thing an average uiser whants are:
1 browser the internet
2 Download songs
3 Chat
4 burn cd's

I work at a computer shop, thats one of my jobs. And we have been having computers infected with Blaster. At least we get 3 or more a week. And the only updates that i found in th ecomputers are just codecs for Microsoft Mediaplayer.
I personaly tell customers to update, and tell them how, i even make shortcuts to their desktops so that they remember.

But what else could i do ?? ? go to their houses every week to run windows uptade an their AV update ? ? ? ?

Yeah, this is just silly. Will there be a certification process for anti-virus software? How much will it cost? If AV software doesn't have to be certified, I'll just define SETI@Home to be AV software, and be done with it. Computers are not lamps, it's not just a matter of a UL engineer looking it over and slapping a sticker on it. (Digression: Underwriter's Laboratories technicians have cool jobs. They get to blow stuff up for a living.)

************
also i did noticed that most of the people that come here don't have an idea of how virus work, or how they get infected.

i made some print outs about virus they answer the FAQ's that i get here from persons that get infected with virus.

Like it has been said people just dont care. and all they really want is an emachine that they can browse the internet with. I can see microsoft putting in their own antivirus and pawning it on the masses as a hotfix. But if it were to happen there would be another great uproar about how they are taking over everything. So either way M$ and their users lose (sortof) Either their computers get infections and they hear about more scandals from bill gates, or they get force fed some more crap. People just need common sense. Maybe we should make them all attend classes to teach them how to do crap the right way.

PeacE
-BoB

The only thing an average uiser whants are:
1 browser the internet
2 Download songs
3 Chat
4 burn cd's

Lmao I know some friends who brag that they have a 200 gb computer, NVIDIA Video Card, Sound Blaster card, and its in there own room.. All they do with it is Chat on AIM..

h3r3tic,


I don't use any av at the moment, but if they get some team together and build a free app and have the team working on it constantly and constantly updating it I think it is a good Idea.


I hope that you DO.......

For those who do not like to pay, I would suggest AVG from Grisoft......it works quite well, is from a major supplier and happens to be free in the USA to private users. Regular automatic updates & all.

Http://www.bitdefender.com

They do P2P stuff, but also a personal AV for DOS/Doze/Linux


No excuse for at least making an attempt?


Cheers

I can't see legislation being the answer.

The law could be neither useful nor enforceable. It is probably illegal to copy mp3s over p2p, but people still do it. Most of them don't get caught for it.

It is illegal to have warez - but lots of people still do it and very few are prosecuted.

Even if you did invent a law insisting that they have AV software (which would be stupid because there are very good reasons NOT to have AV software under some circumstances) - then people would ignore it the same way they do software piracy and music copyright.

Slarty

I don't use any A/V. I used to use AVG but it never detected anything in the few months I had it. I don't do that much email, and never open attachments which I am not expecting. I do have AV on one of my computers and that is the computer I use when I download something that might have a virus, then I check it and transfer it to the computer I wanted it for in the first place. I am one to not mind reinstalling an os given that I have done it many times now, so if my not using an AV software brings me to that, no big deal. But for now I don't have AV software installed on any except one of my comps.

If someone is driving a car with a flat tire and has a muffler that is broken off, they are going to get pulled over and fined. Also if they don't have a license to use that car, then they are going to be fined and told to get one.

Maybe computers should be the same way. People should get "computer licences" that show that they have some common sense on how to use them (test questions on updating frequently, and what is an AV or Firewall) Also computers should be inspeceted before they are allowed to enter the networks (like a car being inspected before it is able to be driven) This way people who don't know how, or don't have a "healthy" computer can be kept away from are nice pristine networks.

If we are controlled we rebel, if we are not we whine. There is no simple solutions, personally I just look out for myself.

Sorry if I seem negative, I just found out that my 8,000 dollar a year car insurance isn't going down. **** New Jersey.

DeafLamb

No. That will not happen Lol.

-cheers-

Maybe computers should be the same way. People should get "computer licences" that show that they have some common sense on how to use them (test questions on updating frequently, and what is an AV or Firewall)

..Kids are going to have to learn how to use 20 yr old typewriters now :D

I don't know if what I typed expressed my thoughts clearly. My above post is all in sarcasm, I guess I should of better eluded to this as emotions are not easily conveyed through plain text.

DeafLamb

It won't matter if they make it the "law".

I have users bringing in their PC for me:

user: "I think I have a virus, cause my computer is acting all funny and stuff."
me: "Do you have antivirus on your PC?"
user: "Yes, it came with my computer."
me: "Ok, do you have updated antivirus on your computer?"
user: "Oh, you have to update it?"

Usually when you open an AntiVirus program, there'll be some kind of button with the words "update definitions" with text thats big enough to see without glasses.. And most anti virus programs today update by themselves..

Kinda hard to fail that test :rolleyes:

yeah but some users just dont look at their programs. they just think as long as its on the computer it will do its job without any user intervention.

PeacE
-BoB

Geez, haven't we heard enough of the "average users are stupid and lazy" argument yet?

I've heard the same argument from mechanics - "How can anyone drive a vehicle if they can't fix it?" Aside from the few of us here that can also fix cars, who here would be able to fix their car if it broke? This is a machine that most people trust thier life to every day, yet most people can't tell thier brake lines from thier gas lines. I worked as a mechanic for three years, and found that average drivers are a lot like average computer users.

Sorry, I have seen too many installations with two year old AV on them
I have seen transmission oil so old it had turned black.

I agree with Nihil: People are lazy
Yes. That is why we have survived for 3 million years. We expend as little energy as is required in order to survive, thereby keeping the rest to help us survive later. This has worked quite well for the last 2.99 million years. Old habits die hard. It's human nature. Get used to it.

average people don't give a F**k about security, ive seen computer that are infected with natas and other old shool virus. The only thing an average uiser whants are:
1 browser the internet
2 Download songs
3 Chat
4 burn cd's

Average people don't give a f**k about how cars work. They want their cars to do 4 things:
1 Go
2 Stop
3 Turn
4 Play music

The law could be neither useful nor enforceable. It is probably illegal to copy mp3s over p2p, but people still do it. Most of them don't get caught for it.
My car is, as we speak, leaking gasoline onto its exhaust pipe because I am too lazy to fix it. I have not fixed it yet because the law requiring me to is not enforceable until the car gets a safety inspection.

Maybe computers should be the same way. People should get "computer licences" that show that they have some common sense on how to use them (test questions on updating frequently, and what is an AV or Firewall) Also computers should be inspeceted before they are allowed to enter the networks (like a car being inspected before it is able to be driven) This way people who don't know how, or don't have a "healthy" computer can be kept away from are nice pristine networks.
Your car is inspected before it becomes legal to drive. It's called a safety inspection. Where I live a car must have this done before it is sold. And every computer, before it hits the market, has standard software with no viruses installed. When mechanics try to tell people how unsafe their cars are, the become lying sleazeballs trying to rip everyone off. I don't want the same name for security professionals. And what you are proposing here is akin to requiring every driver to have take a test on how change thier oil, replace a fan belt, stop a gas leak (wait - that is a good idea). Either way, two years late the course would be obsolete.

me: "Ok, do you have updated antivirus on your computer?"
user: "Oh, you have to update it?"
me: "When was the last time you changed your transmission oil?"
driver: "Oh, you have to change it?"

So how do you keep your car from breaking in the middle of nowhere? You pay someone else to fix it. And how many people bring thier car in before it breaks, let alone perform scheduled maintenance when they're supposed to?

Funny thing, I never once heard a mechanic complain about how little most people now about automotive mechanics. People didn't even get laughed at (not even behind thier backs) when thier own lack of regular maintenance was what broke their car in the first place. Nobody is considered stupid or lazy when they don't know how to fix thier broken alternator or didn't realize it was going to break, no matter how obvious the signs were to an experienced mechanic. Why should people be considered stupid and lazy because they either don't know how to update thier computer or are afraid they will only break something on it?

In short, not everyone needs to know how to fix a car, and not everyone needs to know how to fix a computer. That way each can be an expert in his or her field. So until we can all fix our own cars, do our own taxes, reshingle our own roofs, build our own houses, write our own wills, and diagnose our own illnesses, we should stop bragging about how much we know about this one thing and realize how little we know about everything else.

Hi Striek,

I see where you are coming from but I do not agree for the very simple reason that the math is quite different?

If I don't maintain my car and it breaks down that is my problem, or may be I kill a couple of people as well, so that is three problems. The same holds good for domestic appliances.

If I have a badly maintained computer and it contracts a virus it then goes on to infect another 10 computers which in turn infect another 10 each..............and so on?

1 x10 =10
10 x 10 =100
100 x 10 =1000
1000 x 10= 10000
10000 x 10 =100000

The other "math" problem is that I do not think that the number of badly maintained motor vehicles is anything like the number of badly maintained computers?

My other problem is one of geography. In this country I can take my badly maintained motor car problem around at 50/60/70 Mph. The Internet takes my badly maintained computer's virus around the world at something like the speed of light (in theory)

OK the ignorance factor is similar, but more people actually realise that they are ignorant about motor vehicles, and take them for regular services. Certainly in this country. And I am talking about people who are happy to have 2 year old AV on their computers.

And the final one is economics. When I see the figures for the cost of major virus outbreaks, frauds, and suchlike, they are in the billions worldwide, impact on people's jobs, living standards, and all. Not the same as badly maintained motor cars I would have thought?

I still do not think that legislation will work, as the internet is so global, and such things would be impossible to enforce.

Cheers

True...

you'd think that ppl had realized by now that they NEED to update at least every 3 days (and even then they are at risk).
If M$ really came with a default AV, we could only expect the same we been having from all the other M$ stuff: freezing, crashing, killing apps, re-writting sh1t they shouldn't, making you dl at least 5 super-dupper-incredibly-needed-100mb.updates every month...

And still Joe A.U. would think "whow! now my supper expensive SO comes with an anti-virus thinggie. Microsoft really loves me and worries about my computers sake. I'll write an email to Bill (using outlook of course) and thank him for being so generous":fpissed:

I've read on zdnet (i think) that when the ubber guy was giving a comp. classe, his future admin/sec. experts and so on didn't even have AV (not to mention FW)...:confused: and those who did never patched it "hey, those virii dont get me! I'm 1337" :P

I think legislators should write a law that made every comp manual have a BIG BOLD se3ction named 'Things you need to do otherwise you'll be back at the store in a month'.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by nihil
If I have a badly maintained computer and it contracts a virus it then goes on to infect another 10 computers which in turn infect another 10 each..............and so on?

Yes, I will grant you that the math is very different. I was speaking generaly and using cars as an example. I could have used anything as an example. Like my neighbour leaving pools of standing water in old tires in his backyard which breed mosquitoes and spread West Nile, because he is either too ignorant to realize the problem or too lazy to do anything about it. I think ignorance is the main problem here. I moved out of a large metropolitan area because too many people drive SUV's they don't need and the air smelled like exhaust everywhere, and we had something between 20 and 30 smog days a year.

And don't forget who you will spread the virus to... If your computer became infected because it was improperly maintained, then how do you think the other million computer that subsequently got infected let the virus slip through? The only people getting infected are those with improperly maintained computers. It may be my fault for becoming infected, but it's equally theirs for becoming infected too. So the real problem is with the bandwidth and processing power viruses eat. And that is maily because most ISP's refuse to filter viruses, leaving the sucurity of your computer as your responsibility. They neglect this because they will not earn a profit for stopping the spread of viruses, so they don't even try until it's too late.

If viruses were stopped at major Internet choke points, the problem would be a lot better too. I think that could be legislated instead of requiring users to install antivirus. Require ISP's to do it. This might make Internet access cost more, but the reduction in traffic would likely reduce the cost as well.

Perhaps an education campaign from Microsoft or Dell or a company as well known to the general public would work. But for now, us telling people to update thier computers sounds like a bunch of paranoid techies fighting for a cause with no real meaning to the rest of the world.

Anyway, that's my solution to the problem, and I think it might work.

That way each can be an expert in his or her field.

If your computer became infected because it was improperly maintained, then how do you think the other million computer that subsequently got infected let the virus slip through? The only people getting infected are those with improperly maintained computers.

we can have the computer manufacturers make the critical tweaks in windows system (file - printer sharing, etc), and shove some sort of auto - update thing in the OS. That solves our computer maintenance problem :D


you'd think that ppl had realized by now that they NEED to update at least every 3 days (and even then they are at risk).
If M$ really came with a default AV, we could only expect the same we been having from all the other M$ stuff: freezing, crashing, killing apps, re-writting sh1t they shouldn't, making you dl at least 5 super-dupper-incredibly-needed-100mb.updates every month...

If I was forced to use some sort of anti-virus that microsoft made, maybe it should just provide the same features as the anti-virus that are present today. If it updates once each day (maybe it can install critical updates while updating definitions) and scans very deep (decrypts encrypted viruses) and fast, heuristic anlysis and good resident protection, and doesnt hog resources, I guess I wont be too pissed off. As long as were not forced to use 1 particular anti-virus, it shouldn't be too bad.


SP2 is coming out soon - click (http://zdnet.com.com/2100-1104_2-5092742.html)

in the next upgrade of Windows (that I won't install). They bought Reliable Antivirus (RAV) a while back. The only reason I can see them buying it is to include it with Windows, unless they plan to invade the AV market.

I don't think people are lazy when it comes to computers, I think they're naive. If I don't go to gaming sites, porn sites, kazaa, or warez, I won't get a virus. I think they close their minds to email, webbugs, and all the other things that are out there.

Passing a law requiring people to have antivirus on their computers would add a few bucks to the price of the computer. The dealer would install either Norton or McAfee in this country (USA), which a lot of new computers already come with, btw, and that would be that. The newbie users would take it home and forget about it. Hopefully the auto update feature would be enabled, so they'd have at least a few months of protection. After that, I don't think Uncle Sam can force you to purchase a new license to stay current.

I guess Govt could also demand that security info be packed with the computer, but who would read it? Do people read manuals, other than how to connect the various parts? Any law passed demanding anything be included is another "feel good law." Politicians could pat themselves on the back and say, "This is what we did to solve the problem." If the problem isn't solved, which it won't be after the initial few months license runs out, you won't hear any more about it.

Cisco is said to be producing a new series of hardware which will not allow a PC to connect to a network if it is not determined to be up-to-date AV and patch wise. I think thats a great idea.

http://www.eweek.com/article2/0,4149,1387468,00.asp

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by SexyBadGirl
Cisco is said to be producing a new series of hardware which will not allow a PC to connect to a network if it is not determined to be up-to-date AV and patch wise. I think thats a great idea.

http://www.eweek.com/article2/0,4149,1387468,00.asp

Kind of messes up the honeypot people though....

Steve

Steve - in a way yes. But if we were able to get the spread of malicious code to stop, Honeypots in the context of virii would be irrelevant.

Actually, Cisco's scheme is a way to provide lock-in for Cisco and the big anti-virus companies. It lets Cisco sell new hardware, and lets the cabal decide which AV products get to be deployed on a corporate network. Not to mention, you suddenly need (useless) AV software for all your Linux, *BSD, MacOS, HP/UX, SunOS, etc. machines. This is a scam that provides just enough goodness that they may get away with it.

good point Striek

If you want to be up-to-date you have to pay. (updates, patches etc.)
If not, you will pay.
Only the cost is diferent.

I sure that you got my point.

Supply it free of charge, free of spyware and of good quality and it will be a hit, otherwise, they can go shove it!

- Noia