PEBKAC Still Plagues PC Security 300
Billosaur writes "ARS Technica is reporting on a study release by McAfee and the National Cyber Security Alliance (as part of the beginning of National Cyber Security Awareness Month) that suggests when it comes to PC security, the problem between the keyboard and the chair is even worse. PEBKAC has always been a problem, but the study highlights just how prevalent it has become. 87 percent of the users contacted said they used anti-virus software, while 70 percent use anti-spyware software. Fewer (64 percent) reported having their firewalls turned on, and only 27 percent use software designed to stop phishing attempts. Researchers were allowed to scan the computers of a subset of the users, and while 70 percent claimed to be using anti-spyware software, only 55 percent of the machines of those users scanned showed evidence of the software."
And the solution is... (Score:5, Interesting)
The secret of my success is that I also don't use Internet Explorer (except for the Windows Update website, cause Microsoft makes me). That one step protects me from >95% of the malware. The other 5% is handled by Avast and Firefox. And I don't download and install "free" programs and games.
Boycott Internet Explorer (and all of the loss of security, privacy, and control of your own computer that goes with it), use Firefox and a good anti-virus program, and don't do stupid things on the net and you're golden.
Re:Are you sure? (Score:4, Interesting)
They aren't stealthy enough to go through a logged firewall w/o being missed. IMHO, that's the best defense to any network -- paying attention to what the fuck is going on with your connection.
My Theory: XP can work, but not with kids (Score:5, Interesting)
My wife is computer illiterate, but she knows she's only supposed to open a small set of attachments and sees me about the rest. She knows not to open anything she doesn't recognize.
4 years, no viruses/spyware etc. I've tried a couple of those online scans and they came up clean.
However, now the kids are starting to use the PC.... I've switched to Ubuntu. I not convinced I can set up an XP machine that can't be infected by them.
That switch was a *major* pain. Switching MSmoney to gnucash, losing Photoshop, copying outlook mail history to evolution, loss of PDA syncing, blah blah blah.
Re:Are you sure? (Score:3, Interesting)
this is the truth. At my company we are considering going back to cloned drives that get re-cloned once a month. even with spybot,windows defender, company firewall, and f-secure people still get infected.
Antivirus is a Virus (Score:1, Interesting)
Re:Are you sure? (Score:3, Interesting)
I've sat at a conference of computer security researchers where it was discovered that one of the attendees was infected. So, it can happen to the best and brightest too.
Re:Are you sure? (Score:5, Interesting)
It may be stupid but it's not wrong. I'm a developer and the kind of guy who sets his firewall as limited as possible, has anti-virus on, doesn't download "Free Smileys!!!" software, and in fact I'm very careful about doing things on my computer that may affect my security.
I thought I was clean, I looked clean, and the PC worked like clean. Until one day I the anti-virus detected a popular keylogger installed on my system (4 years ago). That was on top of that during a full-drive scan, not resident alert, who knows for how long was this thing running, and where it came from.
Bottom line is, the infection status isn't something easy to assess, especially if you're not very experienced in the area and especially if you consider that you're virus free by default.
The only way to not push your luck is know what you're doing, and turning your firewall off deliberately is equivalent to not knowing what you're doing.
If you ask me now, since I wiped my disk twice, and changed all my passwords and reinstalled everything since, am I virus free? I'll tell you yes.. but I'll NEVER be 100% sure in my answer, since I could easily be wrong.
It's not different on a Linux server by the way, so this is not a Windows vs Linux argument AT ALL.
Re:Are you sure? (Score:4, Interesting)
There is one possibility, and that is there was code slipped into the repository prior to the 6.2-RELEASE CD's being created (verified the sum of the CD's when I got them) which could be rooting my box. I don't have the time to be doing (is it Orange book?) procedures that will ensure this doesn't happen. I'm with Rycross, there are so many ways to be infected that saying your not is just setting yourself up for a fall.
Re:it is not a user fault (Score:3, Interesting)
so, to extend _your_ analogy, just as the genes -- the ultimate designers of the body -- take care of their 'product' in the case of sickness, so should the software designers and vendors take care of their product -- the software when it is sick. the user has other, better things to learn.
anyhow, out of here
Re:it is not a user fault (Score:5, Interesting)
In WWII, they had frequent aircraft crashes caused by pilots landing with the gear up.
They consistently attributed these accidents to "pilot error".
Then somebody took a look at the design of the cockpit, and realized that it wasn't designed in a way that would make it immediately obvious to a pilot whether or not the gear was up or down. When the cockpit was re-designed, the high rate of 'gear up' landings evaporated.
In other words, the designers were blaming the users for a design flaw. Happens all the time in the software industry these days.
I'm not saying that PEBKAC errors don't happen, or that idiots don't do stupid things. But I suspect that a large slice of the cases we classify as "user error" should really be called design error.
No! (Score:2, Interesting)
Aside from being moraly retarded, it still ignores the issue of human nature. All it would take is one person that has some of these "root passwords" to sell them, or leak them, and users machines could be compromised and they would not even be able to detect it. It will happen, sooner or later. You cannot say that the info won't be leaked, Social Engeneering, lapse of judgement, or outright theft could all cause the leak. Look at the recent history of leaks on
As I have stated above, your idea does not solve the problem, and is an insult to users of whatever product you make with this idea in mind. Further, for it to be effective you must get people to use it. How would you do that? Even good Software is not enough to compel users to switch if what they are using does the job at least medocore. Look at the number of people using Windows, and Office. This is evidence enough that people won't change. Would you have governments regulate that this security must be used? Certianly this scheme must be a DRM like scheme if it restricts the rights and privleges of users on their own machines. Would your "qualified professionals" support this? Let's just ask some of them here on
Your poorly laid out suggestion also ignores another key question: Who would determine which ones of us are "qualified professionals"?
If users don't control their own machines, Someone must. They will need this "root password" to to software upgrades, install trusted and usefull software (we can't let users do this or the point is moot), do system upgrades. If every nimbwit @ best buy's geek squad can get this access then systems will still be infected, because some of these people are dumber than most users we are trying to protect. They would, at the very least, use their access to unlock their home machines. Then they are victim to all the same tricks and exploits they are now. If you restrict it too much then people won't want to use your platform, and will either use something else or get very upset until things are changed. Of course then we need to decide who picks the "qualified professionals". I don't want you picking them, and I bet you don't want me to. Neither of us wants lawmakers to pick them. Microsoft wants Microsoft to pick them; others disagree sharply. This is another non-trivial issue your moronic idea fails to acount for.
In short:
Piss Off!
Re:Are you sure? (Score:2, Interesting)
Re:Are you sure? (Score:3, Interesting)
Whereas his lack of a firewall means that malware is actively looking for him. Based on the number of malware-indicating signs I get in my logs every day on my firewall, running on a dynamic IP on RoadRunner, I'd be very surprised if said malware isn't looking directly at his IP address many times a day, some of it using vulnerabilities he can't yet have patched for the simple reason that patches for it don't yet exist.