Scaremongering over Spyware? 196
Dynamoo writes "The BBC is reporting that PCs in the UK are infected with over 20 pieces of spyware on average. A frightening statistic, if it is to be believed. In fact, the figures come from Webroot - an anti-spyware firm with a commercial interest in playing up the spyware threat." From the article: "In Poland, 867 of every 1,000 domestic PCs have been infected by trojans, unsolicited programs that can allow remote users to control the machine. It is this international reach that concerns those in authority trying to combat the spread of spyware. "
True number or not, way too common.. (Score:5, Insightful)
Slowly people that I know start to have things in order as I have managed to make them change habits, install tools and such, but not everyone has such aquintances, and even then, the number of times I have cleaned spyware from someones computer is way high...
Seems like a statisticians nightmare (Score:5, Insightful)
So yeah, it's a number, but not a very convincing one...
Comment removed (Score:5, Insightful)
Not necessarily that much scaremongering (Score:5, Insightful)
Education is key (Score:4, Insightful)
Education is the real key to computer protection, not the purchase of spyware removal tools.
I've only ever had one piece of malware, which was ten years ago (the Tai Pei virus). In the meantime, I've learned good computer habits. These include being cautious about downloading and installing software, using the free firewall which comes with Windows XP, and employing the Mozilla range of browsers / email clients.
If users don't learn to be cautious when using a computer, they're going to run afoul of phishers, which will be much more of an incovenience that a bit of adware.
Calling cookies of simple webcounters spyware (Score:0, Insightful)
This has nothing to do with spy- and ad-ware.
Please don't call a cookie spyware unless it is used over different sites or it contains personal information.
Re:And, typical of scaremongering tactics... (Score:4, Insightful)
Anything they would teach about spyware today could very well be moot in 5 years if most people use secure systems.
More proper thing would likely be going the route of licencing.. that is in order to allow use of a computer that is connected, you need a computer lisence, the same way you need a drivers license to drive a car on roads. That lisence could then be limited in duration and you would need to get updated on newest things, from behavior to threaths.
Ofcourse that would bring many other problems in itself...
Here's a solution (Score:3, Insightful)
Now if you'll excuse me, Guido the wheel man is at the door wanting his $20 American for not trashing my wheels when I'm not using them -- he calls it "assurance" while I call it "insurance" but it's really just plain old extortion. You see, Guido sold me the wheels and tells me he can only keep them working if I pay him forever, otherwise something nasty is sure to happen and it will cost me even more money to get it fixed.
If the woman in this article is such a heroic professional, why is she only cleaning off the malware and not getting the users off Microsoft OSes? Surely she has figured out by now that the cleaned machines get trashed again. Maybe she just really likes being needed. Maybe this is PR trash planted by some Microsoft goon.
Maybe Mac and Linux folks are laughing like crazed loons after reading this "heroic" article.
Cherrios.
The aweful truth (Score:3, Insightful)
What matters is the combination of it all!
You have to do EVERYTHING to stay clean. No shady porn sites, no clickyclicky on shady mail, daily updates, up to date virus killer, well configured firewall,
"Gaaaaah... too much work!" is the answer you'll get from Joe Schmoe Average. "All I wanna do is surf, I don't wanna worry about system stability, Browser plugins and antivirus."
Well, all I want to do with my car is drive around. And still I gotta worry about red lights and directional lanes. Why the heck do I? It makes me slower and keeps me from getting right where I want to be!
Oh. Right. I enjoy being alive and have an operational car.
Re:True number or not, way too common.. (Score:4, Insightful)
Fight it, don't clean it off (Score:3, Insightful)
Who will define what is acceptable? We will, of course. We are the technological elite. It's time that we start making the parameters about what is acceptable behavior on the net.
So the spyware makers pay off the politicians to allow some country to engage in aberant conduct and give them a save haven? Shut off the country from the web.
It's time that we stop assuming that in the evolving information age that the politicians have more control over society than the technical elite. We control the web, and we need to take responsibility for the assholes and criminals who use it to prey on society. That means shutting down the 419 chuckleheads also.
We created the environment that allows viruses and spyware to exist. It's time that we and not the politicians put an end to it. And if what we do goes against some jerks 'right' to sell access to your PC for his own profit, then so be it.
Re:Seems like a statisticians nightmare (Score:2, Insightful)
It's funny you mention this. Last year (Sept, 2005), Consumer Reports had an issue dealing with personal computers. This is an actual quote from the article:
There is NO WAY those Mac results are accurate. I think what happened is that these Mac users got occasional pop-ups saying "Your machine is infected with (spyware|viruses). Protect yourself now by clicking here". So, they did and the problem "went away". As far as they were concerned, they were infected.
I wouldn't blame the users as they shouldn't have to know better. I would blame CR for a faulty survey - if you ask questions that either require specialized knowledge (how many Mac users know what spyware is) or could generate a false positive (such as a user confusing an infection with a pop-up), then you really aren't doing a good job providing accurate results.
- Tony
Re:True number or not, way too common.. (Score:4, Insightful)
It's not like the good old days when a virus just trashed your machine, so you had to act immediately. Now it just lies in waiting and uses your machine to launch attacks on others and collects personal information silently. People just don't care enough to fix spyware until it directly prevents them from using their precious web browser, email, and instant messenger.
Re:Here's a solution (Score:2, Insightful)
Maybe Mac and Linux folks are laughing like crazed loons after reading this "heroic" article.
Yes, we are. Seriously though, phishing is growing into a problem for *nix-users these days, and so far as I know, the only state in the US in which phishing is illegal is California (I might be wrong there, though). You'd think "well, they should be smarter" but the phishers can be very clever, such as sending you an email that looks for all the world like it's from your ISP. (Yes, I was smart enough to check with my ISP before clicking that link, but I'm not gonna blame the people who didn't think of that. After all, if looks like a duck and quacks like a duck.....) So no matter what OS you're using, you should be paranoid.
How to solve the spyware problem on Windows? Well, Peer Guardian [phoenixlabs.org] can help block tons of it. Besides anti-p2p, it has a spyware list and uses little memory to run in the background. It also updates itself automatically unless that is disabled. And you can keep only the spyware list checked to block, nothing else, if you want.
Another thing that can help is a router. I worked on a guy's computer that was loaded with spyware and had a few viruses to boot. He had a software firewall, Kerio I think, plus Avast antivrus and ran Ad-Aware twice a week. So why was he still getting all this crap? His ISP. They had no filters whatsoever. Their servers were set to allow anything to come through. Combined with an older computer with 128 mb RAM plus a fast DSL connection and it literally just couldn't keep up with all the malware pouring through from his ISP's servers. So he got a router and poof! After a fresh reinstall of Windows along with Avast, Ad-Aware, Spybot and PG his computer ran fine. But still.... from a *nix-users point of view, it seems ridiculous to have to spend so much money and effort just for basic protection that a more secure OS automatically provides.
But spyware is always going to be a problem on Windows because of MS's bad security model. If they fixed it so remote users can't install, run or modify anything on your computer without your express permission, it would go a long way towards fighting spyware and a lot of viruses - I know from experience that you don't need to download or click anything to get spyware or a virus, many download themselves straight to your computer. And Windows just lets them do anything it wants. This ability for a remote user to modify your system without needing permission is called a FEATURE by Microsoft, as demonstrated by Active X and the recently-patched .wmf vulnerability. People say "well if these *nix OSes were as widespread in use as Windows they'd have all the same problems", but if that were true, where are all the Unix viruses? If MS changed Windows so that it requires an admin to password to modify the registry, install anything, or for a remote user to run anything on your comptuer you'd see a marked improvement right away.
Easy for me to see! (Score:2, Insightful)