Dumb users spread viruses
Paul Vixie
vixie at vix.com
Sun Feb 8 22:46:17 UTC 2004
> http://www.silicon.com/software/security/0,39024655,39118228,00.htm
The puzzling thing about this is the basic assumption (by the author of
the article) that computers are fragile and infection-prone and that users
who don't know how to protect them are somehow part of the problem.
At the moment I'm on a moderate rampage against anti-virus companies, for
four reasons:
1. "free" anti-virus software that comes with new computers these days is
usually time-locked such that after N days of service, the user has to pay.
2. anti-virus software makes booting, rebooting, logging in, logging out,
and sometimes just general operations, amazingly much slower.
3. since they're pattern matchers, it's almost always nec'y to update the
virus definitions AFTER a new virus is in the field, to get any "protection."
4. the mail-server versions of these packages inevitably send e-mail to the
supposed sender, even though they know this address is inevitably forged.
In this past year's tour of my friends and family, I've taken to removing
their antivirus software at the same time I remove their spyware, and I've
taken to installing Mozilla (with its IMAP client) as a way to keep the
machine from having any dependency on anti-virus software. IT managers are
encouraged to consider a similar move next time they're asked to approve
the renewal costs of a campus-wide anti-virus license.
There is nothing wrong with a user who thinks they should not have to know
how to protect their computer from virus infections. If we (the community
who provides them service and software) can't make it safe-by-default, then
the problem rests with us, not with the end users.
--
Paul Vixie
More information about the NANOG
mailing list