Dumb users spread viruses

Todd Vierling tv at duh.org
Mon Feb 9 06:14:15 UTC 2004


On Sun, 8 Feb 2004, Paul Vixie wrote:

: > http://www.silicon.com/software/security/0,39024655,39118228,00.htm
:
: The puzzling thing about this is the basic assumption (by the author of
: the article) that computers are fragile and infection-prone and that users
: who don't know how to protect them are somehow part of the problem.

Replace "computers are" with "Windows is" in that statement and it becomes
very much true.  There's a direct link between the Windows*uneducated-user
tuple and distribution levels of malware.

: 2. anti-virus software makes booting, rebooting, logging in, logging out,
: and sometimes just general operations, amazingly much slower.

That's the cost of having an amazingly insecure OS, used by an average
computer user, wrappered by a condom.  If the user is not smart enough to
inspect everything downloaded to the computer (and preferably with a
trojan-virus scan run by hand), then the user is not smart enough to be
trusted not to use antivirus software.

Uneducated users should live with the slowness.  It's protecting the rest of
the world from their blissful ignorance.

: 4. the mail-server versions of these packages inevitably send e-mail to the
: supposed sender, even though they know this address is inevitably forged.

Unrelated to the end user bit, but this is definitely an annoyance.

: In this past year's tour of my friends and family, I've taken to removing
: their antivirus software at the same time I remove their spyware,

Gee, I hope these folks are more computer literate than my family.  My
mother-in-law reinstalled Win2k, and even Mozilla for mail and browsing, and
she still got hold of a malware trojan and ran it.  Didn't help one bit.

The average Windows user CANNOT BE TRUSTED TO DO THE RIGHT THING because
they are blindly trusting the (1) operating system's security, and (2)
non-malicious intent of the things they view or download.

This is established fact, with oodles of hard-earned stats to back it up.

: and I've taken to installing Mozilla (with its IMAP client) as a way to
: keep the machine from having any dependency on anti-virus software.

Did you also do everything in your power to prevent users from running IE or
its shdocvw.dll embedded component?  (Hint:  That's not possible as of
Win2k.)  Or running OE or Windows Media Player?  (Same deal.)

The problem lies not in the e-mail program.  Several of the recent worms
were NOT spread by e-mail.  Viruses still lurk in IE-trojan web sites.

:  IT managers are encouraged to consider a similar move next time they're
: asked to approve the renewal costs of a campus-wide anti-virus license.

Uh, you're kidding, right?  Large internal networks are breeding grounds for
viruses and trojans, and can be trusted even less than Aunt Millie.

: There is nothing wrong with a user who thinks they should not have to know
: how to protect their computer from virus infections.

Exactly.  So just run the software, live with the slowdown while it does its
work, and you get to play in the sandbox.  Don't run the software, and get
infected and shut off from the rest of the world.

Now, I may know your operating system software preferences a little better
than most here.  But it can't be so difficult to see that the average user's
ignorance of technology, coupled with the rapid proliferation of security
holes in their chosen OS, is a recipe for disaster.

Antivirus software is not the best solution, to be sure.  However, until a
certain Redmond entity slows down its "pervasive" embedding of a very broken
and bug-riddled Web browser rendering core into all corners of their OS,
antivirus software is the *only* solution.

-- 
-- Todd Vierling <tv at duh.org> <tv at pobox.com>



More information about the NANOG mailing list