Dumb users spread viruses

Sean Donelan sean at donelan.com
Mon Feb 9 01:59:54 UTC 2004


On Sun, 8 Feb 2004, Paul Vixie wrote:
> The puzzling thing about this is the basic assumption (by the author of
> the article) that computers are fragile and infection-prone and that users
> who don't know how to protect them are somehow part of the problem.

The way corporations "solve" the problem is take away all privileges
from end-users.  End-users can't install software, can't make changes to
the system configuration, can't connect to unapproved systems.  IT support
in most corporations cost more per seat than the average home user pays
for Internet access.

In 1998, the concept of Web Appliances was the rage.  Most users of
the Internet use e-mail and the web.  Web appliances eliminated 90% of
the bloat of Windows, and only provided the few functions most people
use.  They didn't even have anti-virus, because they didn't need it.

The market decided secure (limited) web appliances weren't desired by
the purchasers of computers.

> In this past year's tour of my friends and family, I've taken to removing
> their antivirus software at the same time I remove their spyware, and I've
> taken to installing Mozilla (with its IMAP client) as a way to keep the
> machine from having any dependency on anti-virus software.  IT managers are
> encouraged to consider a similar move next time they're asked to approve
> the renewal costs of a campus-wide anti-virus license.

Next year, whe you tour your family and friends, how many will have
re-installed programs which included spyware as well as saving and running
viruses delivered through the e-mail.

> There is nothing wrong with a user who thinks they should not have to know
> how to protect their computer from virus infections.  If we (the community
> who provides them service and software) can't make it safe-by-default, then
> the problem rests with us, not with the end users.

Every computer sold in the US is safe by default.  It is powered off,
disconnected, in a factory sealed box :-)

The problem is only partially technical.  I used to do public access
kiosks and never had virus problems with millions of users every year.
But you couldn't save, alter or run any unauthorized programs on any
of the public access kiosks either.  No Microsoft Word, no KaZaA, no
Instant Messenger, no Gator, no Weatherbug, no Real Player, etc.

Unfortunately, people want to install arbitrary software on their
computers and are willing to bypass every control to do it.




More information about the NANOG mailing list