August 22nd, 2003, 07:14 PM
I think some people are definitely lacking in the common sense department, particularly those who have a home computer to use but aren't enthusiasts. Most people I know laugh at me because I'm regularly scanning my pc for viruses, updating my definitions and setting up my firewall etc. But quite a telling statistic - only 3 of my friends have either a pc or a laptop, and of those 3 people none of them have any antivirus/firewall software. 2 of them now have the lovsan virus and are complaining about how they can't get on the net.
You can lead a horse to water.....
August 22nd, 2003, 07:38 PM
I don't really think that drivers license vs. computer license is really a good analogy. Letting somebody drive a vehicle without knowing how to can be a direct cause of death to that person or others. Somebody being stupid about computers at most causes a headache to network administrators. If anybody can 100% link a death to a computer virus, I'll change my stance.
August 22nd, 2003, 08:06 PM
I think that linking acceptance of the analogy to death is an extreme position.
It doesn't need to be death per se. I suppose that if someone drives through a red light there is a high likelihood someone could die, but the analogy works still in my opinion.
People think that they can use their computer on the Internet just like they turn on their TV, VCR or microwave. They have no knowledge of what vulnerabilities await them or how their actions affect others.
Just like I don't want some moron to turn left on a red light and cause an accident that shuts down traffic in all 4 directions making my trip take 4 hours instead of 4 minutes- I also don't want some moron to be allowed on the Internet with an unpatched system that partakes in some denial-of-service that makes my web surfing take 4 hours instead of 4 milliseconds.
If someone wants to be ignorant of common courtesy and safety while driving up and down their driveway that is their prerogative. Likewise, if someone wants to be ignorant of common courtesy and safety while playing on their standalone PC in their basement that is their prerogative. But, once you take your car on the road or your PC on the Internet you are sharing with millions of other people who are impacted by your ignorance. At that point it is no longer aceptable for you to claim ignorance. Learn how to do it right or don't get on the Internet.
It is exceptionally selfish and irresponsible to remain ignorant and impact hundreds, thousands or even millions of other users because you couldn't be bothered to take the time to secure and protect your system first.
Just my $.02
August 22nd, 2003, 10:46 PM
People should be force to take and pass computer class before buying a computer! I totally agree with tonybradley. Car and Computer are related... If you don't know how to drive a car, you're dangerous to other people’s life... If you don't know how to keep your PC secure, you're dangerous to other people’s personal data and more.
Regulation is NEED! Ok... I'm WAY to extremis here but something need to be do!
August 22nd, 2003, 10:49 PM
you could take this to an exteme - if a computer virus managed to infect say a power system and caused a wide spread outage it could infact kill people who depend upon life support machines etc to live. Now I know what people will counter wife "Hospitals have back-up generaters to deal with such things" yes most do but what about those people recieving in home care? The vast majority of them will not have any kind of back-up electricity system and if the main power grid failed they could very possibly die! Not as likly as someone gettin knocked over etc on the roads but as I said this is taking it to the extreme.
If anybody can 100% link a death to a computer virus, I'll change my stance.
August 22nd, 2003, 11:34 PM
It's all very well and good saying that auto-responders should be illegal (and I happen to agree that some action should be taken to at the very least limit their use), but how on earth do you enforce it? Apart from barring all emails from networks that use autoresponders until they change their attitudes (e.g. by adding them to one of the blackhole spam lists), such a proposal is unenforceable.
As with most things on the internet, it's down to individual administrators to comply, and there's not a lot we can do to force them to disable auto-responders, just as there's not much we can do to stop sick people hosting child porn (sure, the police do try and crack down on paedophiles, especially in the UK, but there's no way to outlaw such sites globally, otherwise very few of them would exist).
I agree that home users should be more vigilant in updating their systems, but you can't just blame them. A lot of users (particularly here in the UK) are still on dial-up connections - you try downloading the latest Windows 2000 service pack on a 56kb/s modem. Okay, so virus updates may not take quite as long, but with the amount of updates Microsoft releases (and Linux, Unix etc. - MS is not alone in this department), it's not feasible for most users (especially those without internet access) to keep their systems up-to-date. I check windowsupdate.com most weeks, and nearly every time there's a critical patch waiting for me to download, and that's not including any patches to prevent specific viruses (such as MSBlast). Fortunately, I have a broadband connection, so a 20+mb update isn't a problem to download, but for other people it's just not possible.
There's not much, apart from education, that can be done to prevent clueless home users from contracting any virus, particularly those which email themselves to everyone in your address book. The problem is that those security-aware users who do update their systems are the ones who are least likely to execute unknown attachments.
August 24th, 2003, 02:04 PM
Billy Gates with his nose stuck so far up his future ideals, his coders forget the average joe.. thinks differently..
I won't post my form Antivirus quotes.. but this is the level that we are facing when it comes to a computer systems security.. the same ones who have no problems with forwarding Chain-emails to 20 or more friends...yetch
Customer: This printer I just purchased won't print..
und3rtak3r: Are the cables connected as per the instructions?
und3rtak3r: And the drivers installed from the CD?
Customer: what CD?
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
August 24th, 2003, 02:18 PM
Good point. I often forget that. I have had DSL / Cable at home for so long I forget that the majority of home users still use dial-up.
you try downloading the latest Windows 2000 service pack on a 56kb/s modem
I just ahd to deal with an outbreak of SQLSlammer again. Someone had installed a 3rd-party application which included a vulnerable version of MSDE. The SP2 patch (called "deskfull") for this is 340+ Megabytes. Even broadband users would shy away from applying such an "update" and for dial-up users you may as well tell them that they need to put wings on their computer and make it fly around the living room.
Conversely to my stance that users should be required to get educated (although I still support that stance) there should also be a requirement that if an "update" exceeds a certain size or percentage of the size of the original program, the vendor should have to re-issue the entire program for free on CD's to all customers. When the update is bigger than the program its no longer an update- its a new version.
But- I definitely agree that dial-up 56k (translation = 20k on a good day) connections downloading and applying updates is virtually impossible. The updates need to be less than 1Mb each to keep it feasible.
August 24th, 2003, 06:46 PM
tb: I agree that vendors should have to issue updates over a certain size to their customers for free (you can get Windows 2000 SP4 on disk, but you pay for this and it's only available in America - where Cable/DSL is much more prevelant than over here in the UK).
With dial-up, 3Kilobytes/sec is an average download rate, if you get above 4KB/s then you're doing well. The problem is than the stated speed (56Kb/s) is in bits, not bytes, so you divide that by 8 to get the speed in bytes, and then half that because you'll never get maximum throughput. The slow speed, especially for updates, is one of my main reasons for switching to broadband.
I've downloaded 300+mb files using broadband (the Neverwinter Nights demo weighed in at nearly 400mb!) but it does take a long time (several hours if I go away and leave my computer downloading) and, as you said, dial up users can forget it (in fact, anything over 6Mb is usually too much for dial-up).
August 24th, 2003, 07:34 PM
yes rightly said, the email providers have to think about it right now...........
well anyhow educating the end user about the other side of the technology they are using is the only ultimate solution left...but will the end users take such a pain on their behalf????
guru@linux:~> who I grep -i blonde I talk; cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;