Monday, December 11, 2006
Lusers. All Lusers.
Microsoft has been touting its latest iteration of Windows, called Vista, as the latest weapon in the arsenal of security. Vista is supposed to be light years ahead of current Windows XP in terms of security. Internet Explorer 7 is supposed to be the answer to IE users' complaints about threats and vulnerabilities. While I think that these enhancements are laudable and necessary, I do not think that Windows Vista will be the silver bullet of security for the coming age of computers. In fact, I doubt that there will be much change at all in the overall security landscape surrounding Windows users.
Consider, if you will, the typical Windows user. He or she can range from a very intelligent, well-educated professional individual to the relatively uneducated, unsophisticated Internet game addict. It's the latter group that unfortunately makes up a large enough percentage of the Windows user group to be a threat. These people wouldn't recognize most security threats if they came announcing themselves with big flashing signs (which many of them actually do). I can't tell you how many times I have had to work with this type of Windows user. Their computers are usually so clogged with crap that they've downloaded that the machine is barely usable. These users are almost impossible to rehabilitate. They feel drawn to download useless and malicious programs because of their online habits. Vista will almost certainly be no match for these types. Very little can be done to protect against stupid people making stupid decisions.
What we need to do is educate. All the technology in the world isn't going to solve a problem of basic education. Many folks just don't recognize a bad program from a good. And many of these people also don't realize that bad programs even exist. To them, a bad program would have a warning label on it or something. Well, the truth is, many ill-intentioned programs come disguised as helpful programs. To compound this problem, many users feel some strange need to install everything the see. They feel it necessary to have browser search bars and tool bars and various other "assistants" to help them use their computers. What they really end up with is a machine filled with spyware and other malicious software. So many of these programs carry monikers of "assistant" or "search" or "help." These key words fool many less-educated users into believing that they are really useful programs. "Hey, it'll help me search the Internet." or "It'll help me organize my photos." I don't personally find a need for any toolbars to help me search. Google is the search assistant. So, to help get started on educating people to recognize malicious software, I am preparing a list of potentially harmful applications that seem to be very popular with the unsuspecting, under-educated crowd. I would highly suggest that users stay away from the following:
Anyhow, I am sure that even though Vista will enhance security on the Windows landscape, Windows simply can't be hardened enough to protect against stupid decision makers. So, keep up to speed on the security scene. :)
Consider, if you will, the typical Windows user. He or she can range from a very intelligent, well-educated professional individual to the relatively uneducated, unsophisticated Internet game addict. It's the latter group that unfortunately makes up a large enough percentage of the Windows user group to be a threat. These people wouldn't recognize most security threats if they came announcing themselves with big flashing signs (which many of them actually do). I can't tell you how many times I have had to work with this type of Windows user. Their computers are usually so clogged with crap that they've downloaded that the machine is barely usable. These users are almost impossible to rehabilitate. They feel drawn to download useless and malicious programs because of their online habits. Vista will almost certainly be no match for these types. Very little can be done to protect against stupid people making stupid decisions.
What we need to do is educate. All the technology in the world isn't going to solve a problem of basic education. Many folks just don't recognize a bad program from a good. And many of these people also don't realize that bad programs even exist. To them, a bad program would have a warning label on it or something. Well, the truth is, many ill-intentioned programs come disguised as helpful programs. To compound this problem, many users feel some strange need to install everything the see. They feel it necessary to have browser search bars and tool bars and various other "assistants" to help them use their computers. What they really end up with is a machine filled with spyware and other malicious software. So many of these programs carry monikers of "assistant" or "search" or "help." These key words fool many less-educated users into believing that they are really useful programs. "Hey, it'll help me search the Internet." or "It'll help me organize my photos." I don't personally find a need for any toolbars to help me search. Google is the search assistant. So, to help get started on educating people to recognize malicious software, I am preparing a list of potentially harmful applications that seem to be very popular with the unsuspecting, under-educated crowd. I would highly suggest that users stay away from the following:
- AOL Instant Messenger (not because the messenger is bad, but because of all the popus and ads.)
- All browser toolbars (except the Google toolbar and the Netcraft toolbar - which have limited usefulness.)
- Microsoft Internet Explorer
- MSN Explorer (a derivative of Internet Explorer)
- WeatherBug
- WebShots (desktop and screensaver)
- Anything that says "Search Assistant"
- Many system monitoring tools (Many of these do not install spyware; they just eat up CPU cycles)
- Limewire (and other P2P software)
- Browser speed boosters (generally marketed to dial-up users with Internet Explorer)
- Any software sporting a talking gorilla or penguin or any other cute creature that's supposed to entertain you on your desktop.
- Claria/Gator/Gain
- Bonzi Buddy
- The list goes on...
Anyhow, I am sure that even though Vista will enhance security on the Windows landscape, Windows simply can't be hardened enough to protect against stupid decision makers. So, keep up to speed on the security scene. :)
Comments:
Post a Comment