Anti Virus Apps becoming a law

[fl34bit3]

yeah but some users just dont look at their programs. they just think as long as its on the computer it will do its job without any user intervention.

PeacE
-BoB

[Striek]

Geez, haven't we heard enough of the "average users are stupid and lazy" argument yet?

I've heard the same argument from mechanics - "How can anyone drive a vehicle if they can't fix it?" Aside from the few of us here that can also fix cars, who here would be able to fix their car if it broke? This is a machine that most people trust thier life to every day, yet most people can't tell thier brake lines from thier gas lines. I worked as a mechanic for three years, and found that average drivers are a lot like average computer users.

Sorry, I have seen too many installations with two year old AV on them

I have seen transmission oil so old it had turned black.

I agree with Nihil: People are lazy

Yes. That is why we have survived for 3 million years. We expend as little energy as is required in order to survive, thereby keeping the rest to help us survive later. This has worked quite well for the last 2.99 million years. Old habits die hard. It's human nature. Get used to it.

average people don't give a F**k about security, ive seen computer that are infected with natas and other old shool virus. The only thing an average uiser whants are:
1 browser the internet
2 Download songs
3 Chat
4 burn cd's

Average people don't give a f**k about how cars work. They want their cars to do 4 things:
1 Go
2 Stop
3 Turn
4 Play music

The law could be neither useful nor enforceable. It is probably illegal to copy mp3s over p2p, but people still do it. Most of them don't get caught for it.

My car is, as we speak, leaking gasoline onto its exhaust pipe because I am too lazy to fix it. I have not fixed it yet because the law requiring me to is not enforceable until the car gets a safety inspection.

Maybe computers should be the same way. People should get "computer licences" that show that they have some common sense on how to use them (test questions on updating frequently, and what is an AV or Firewall) Also computers should be inspeceted before they are allowed to enter the networks (like a car being inspected before it is able to be driven) This way people who don't know how, or don't have a "healthy" computer can be kept away from are nice pristine networks.

Your car is inspected before it becomes legal to drive. It's called a safety inspection. Where I live a car must have this done before it is sold. And every computer, before it hits the market, has standard software with no viruses installed. When mechanics try to tell people how unsafe their cars are, the become lying sleazeballs trying to rip everyone off. I don't want the same name for security professionals. And what you are proposing here is akin to requiring every driver to have take a test on how change thier oil, replace a fan belt, stop a gas leak (wait - that is a good idea). Either way, two years late the course would be obsolete.

me: "Ok, do you have updated antivirus on your computer?"
user: "Oh, you have to update it?"

me: "When was the last time you changed your transmission oil?"
driver: "Oh, you have to change it?"

So how do you keep your car from breaking in the middle of nowhere? You pay someone else to fix it. And how many people bring thier car in before it breaks, let alone perform scheduled maintenance when they're supposed to?

Funny thing, I never once heard a mechanic complain about how little most people now about automotive mechanics. People didn't even get laughed at (not even behind thier backs) when thier own lack of regular maintenance was what broke their car in the first place. Nobody is considered stupid or lazy when they don't know how to fix thier broken alternator or didn't realize it was going to break, no matter how obvious the signs were to an experienced mechanic. Why should people be considered stupid and lazy because they either don't know how to update thier computer or are afraid they will only break something on it?

In short, not everyone needs to know how to fix a car, and not everyone needs to know how to fix a computer. That way each can be an expert in his or her field. So until we can all fix our own cars, do our own taxes, reshingle our own roofs, build our own houses, write our own wills, and diagnose our own illnesses, we should stop bragging about how much we know about this one thing and realize how little we know about everything else.

[nihil]

Hi Striek,

I see where you are coming from but I do not agree for the very simple reason that the math is quite different?

If I don't maintain my car and it breaks down that is my problem, or may be I kill a couple of people as well, so that is three problems. The same holds good for domestic appliances.

If I have a badly maintained computer and it contracts a virus it then goes on to infect another 10 computers which in turn infect another 10 each..............and so on?

1 x10 =10
10 x 10 =100
100 x 10 =1000
1000 x 10= 10000
10000 x 10 =100000

The other "math" problem is that I do not think that the number of badly maintained motor vehicles is anything like the number of badly maintained computers?

My other problem is one of geography. In this country I can take my badly maintained motor car problem around at 50/60/70 Mph. The Internet takes my badly maintained computer's virus around the world at something like the speed of light (in theory)

OK the ignorance factor is similar, but more people actually realise that they are ignorant about motor vehicles, and take them for regular services. Certainly in this country. And I am talking about people who are happy to have 2 year old AV on their computers.

And the final one is economics. When I see the figures for the cost of major virus outbreaks, frauds, and suchlike, they are in the billions worldwide, impact on people's jobs, living standards, and all. Not the same as badly maintained motor cars I would have thought?

I still do not think that legislation will work, as the internet is so global, and such things would be impossible to enforce.

Cheers

[Sm0kinP0t]

True...

you'd think that ppl had realized by now that they NEED to update at least every 3 days (and even then they are at risk).
If M$ really came with a default AV, we could only expect the same we been having from all the other M$ stuff: freezing, crashing, killing apps, re-writting sh1t they shouldn't, making you dl at least 5 super-dupper-incredibly-needed-100mb.updates every month...

And still Joe A.U. would think "whow! now my supper expensive SO comes with an anti-virus thinggie. Microsoft really loves me and worries about my computers sake. I'll write an email to Bill (using outlook of course) and thank him for being so generous"

I've read on zdnet (i think) that when the ubber guy was giving a comp. classe, his future admin/sec. experts and so on didn't even have AV (not to mention FW)... and those who did never patched it "hey, those virii dont get me! I'm 1337" :P

I think legislators should write a law that made every comp manual have a BIG BOLD se3ction named 'Things you need to do otherwise you'll be back at the store in a month'.

[Striek]

Originally posted here by nihil
If I have a badly maintained computer and it contracts a virus it then goes on to infect another 10 computers which in turn infect another 10 each..............and so on?

Yes, I will grant you that the math is very different. I was speaking generaly and using cars as an example. I could have used anything as an example. Like my neighbour leaving pools of standing water in old tires in his backyard which breed mosquitoes and spread West Nile, because he is either too ignorant to realize the problem or too lazy to do anything about it. I think ignorance is the main problem here. I moved out of a large metropolitan area because too many people drive SUV's they don't need and the air smelled like exhaust everywhere, and we had something between 20 and 30 smog days a year.

And don't forget who you will spread the virus to... If your computer became infected because it was improperly maintained, then how do you think the other million computer that subsequently got infected let the virus slip through? The only people getting infected are those with improperly maintained computers. It may be my fault for becoming infected, but it's equally theirs for becoming infected too. So the real problem is with the bandwidth and processing power viruses eat. And that is maily because most ISP's refuse to filter viruses, leaving the sucurity of your computer as your responsibility. They neglect this because they will not earn a profit for stopping the spread of viruses, so they don't even try until it's too late.

If viruses were stopped at major Internet choke points, the problem would be a lot better too. I think that could be legislated instead of requiring users to install antivirus. Require ISP's to do it. This might make Internet access cost more, but the reduction in traffic would likely reduce the cost as well.

Perhaps an education campaign from Microsoft or Dell or a company as well known to the general public would work. But for now, us telling people to update thier computers sounds like a bunch of paranoid techies fighting for a cause with no real meaning to the rest of the world.

Anyway, that's my solution to the problem, and I think it might work.

[Fatphantom]

That way each can be an expert in his or her field.

If your computer became infected because it was improperly maintained, then how do you think the other million computer that subsequently got infected let the virus slip through? The only people getting infected are those with improperly maintained computers.

we can have the computer manufacturers make the critical tweaks in windows system (file - printer sharing, etc), and shove some sort of auto - update thing in the OS. That solves our computer maintenance problem

you'd think that ppl had realized by now that they NEED to update at least every 3 days (and even then they are at risk).
If M$ really came with a default AV, we could only expect the same we been having from all the other M$ stuff: freezing, crashing, killing apps, re-writting sh1t they shouldn't, making you dl at least 5 super-dupper-incredibly-needed-100mb.updates every month...

If I was forced to use some sort of anti-virus that microsoft made, maybe it should just provide the same features as the anti-virus that are present today. If it updates once each day (maybe it can install critical updates while updating definitions) and scans very deep (decrypts encrypted viruses) and fast, heuristic anlysis and good resident protection, and doesnt hog resources, I guess I wont be too pissed off. As long as were not forced to use 1 particular anti-virus, it shouldn't be too bad.


SP2 is coming out soon - click

[Chuck56]

in the next upgrade of Windows (that I won't install). They bought Reliable Antivirus (RAV) a while back. The only reason I can see them buying it is to include it with Windows, unless they plan to invade the AV market.

I don't think people are lazy when it comes to computers, I think they're naive. If I don't go to gaming sites, porn sites, kazaa, or warez, I won't get a virus. I think they close their minds to email, webbugs, and all the other things that are out there.

Passing a law requiring people to have antivirus on their computers would add a few bucks to the price of the computer. The dealer would install either Norton or McAfee in this country (USA), which a lot of new computers already come with, btw, and that would be that. The newbie users would take it home and forget about it. Hopefully the auto update feature would be enabled, so they'd have at least a few months of protection. After that, I don't think Uncle Sam can force you to purchase a new license to stay current.

I guess Govt could also demand that security info be packed with the computer, but who would read it? Do people read manuals, other than how to connect the various parts? Any law passed demanding anything be included is another "feel good law." Politicians could pat themselves on the back and say, "This is what we did to solve the problem." If the problem isn't solved, which it won't be after the initial few months license runs out, you won't hear any more about it.

[SexyBadGirl]

Cisco is said to be producing a new series of hardware which will not allow a PC to connect to a network if it is not determined to be up-to-date AV and patch wise. I think thats a great idea.

http://www.eweek.com/article2/0,4149,1387468,00.asp

[steve.milner]

Originally posted here by SexyBadGirl
Cisco is said to be producing a new series of hardware which will not allow a PC to connect to a network if it is not determined to be up-to-date AV and patch wise. I think thats a great idea.

http://www.eweek.com/article2/0,4149,1387468,00.asp

Kind of messes up the honeypot people though....

Steve

[SexyBadGirl]

Steve - in a way yes. But if we were able to get the spread of malicious code to stop, Honeypots in the context of virii would be irrelevant.