Worms versus Bots

chuck goolsbee chucklist at forest.net
Tue May 4 23:58:40 UTC 2004


At 4:19 PM -0500 5/4/04, Laurence F. Sheldon, Jr. wrote:
>chuck goolsbee wrote:
>
>>>However, up to 90% of the users *are* stupid:

I didn't say that, I only quoted (Valdis Kletnieks) it... to which I 
replied that compensating for stupidity is a zero-sum game.



>>Seriosuly though, the Internet might be a better place for it. 
>>After all, 90% of those "stupid" people just want email and HTTP.
>
>Do we have a pointer to a rigorous study that indicates either
>assertion?

First of all, I was disagreeing with Valdis' assessment of 
"stupidity"... a more accurate term would be "non-technical."

I have no rigorous study to point to sorry. But I will say virtually 
all the "home users" I have encountered are running Windows for the 
purpose of getting email and using "the Web". That machine is usually 
in some unprotected, or already compromised state. I make 
similar/same suggestions to them that have already been stated here:
Nuke/pave, enable what security features are available in the OS, get 
a firewall, NAT, etc etc.

The prescription seems to be viewed to be as difficult as the disease 
it cures. Zero-sum.



So maybe they WOULD be better with a "WebTV" model.

Or a Macintosh.


>Or is it possible there are other explanations?

Perhaps. I'm just reporting what I am seeing.


>What will be do when they figure out that paying us to let them hurt
>themselves is a sub-optimal use of their money?

How is WebTV doing these days? Since it is now Microsoft can their 
boxen get rooted/zombied/botted now too? I'll admit I never paid too 
much attention to WebTV.

Perhaps there is a market for "safe Internet access"... I don't know. 
But I suspect the barrier to entry is either making it work with the 
dominant platform, or asking the market take the leap to another 
platform. Both are unlikely. What I do know is that the dominant 
platform is inherently insecure, and many of its users, those 
"non-technical" folks I referred to... they seem to be mostly unaware 
of the danger they pose to themselves and everyone else on the 
Network.

--chuck





More information about the NANOG mailing list