Users Worldwide Feel Internet Is 'Safer'

buzzardsbay writes "Baseline Magazine is reporting on a study by Cisco that teases out the differing attitudes about online security among users across the globe. For instance, remote workers worldwide think the internet is getting safer ... except the folks in Italy and Germany. These folks also have a lot of faith in their corporate IT departments as 51 percent said their work computers are more secure than their personal PCs, and nearly half (45 percent) believe they are more vulnerable to malware and hacks when they're working outside their corporate perimeter. Irony of ironies, the Brazilians hold Net security in the highest regard."

Re:

[hedwards]

Obviously, these people are looking for safer ways of getting to mugged whilst searching for kiddie porn.

Safer than what?

[morgan_greywolf]

The Internet is safer than what? Skinny dipping in the Everglades after dark?

Re:

[calebt3]

Considering the average American, it's more like (to quote my brother) "Chunky Dunking" than "Skinny Dipping"

Re:

[alittlespice]

Safer now that 5 cables to the middle east have been cut

Re:OMFG!

[Kjella]

Users worldwide are idiots. The net is drastically more hostile now than it was 10 years ago. right now you have so much crap, scams, fraud and other nasty running about only a drooling moron would think...

Actually I found that there was more such crap 10 years ago, when the Internet economy was supposed to turn everything up-side down and gullible people fell for it in droves because is was new and unknown. And most of all, the tools were crap. There were Outlook worms that'd spread by looking at it, RPC worms, IIS exploits (ok this is getting Microsoft-bashing but they were the dominating software supplier), these days it seems they need to sucker the user into doing something stupid. Plus these days you at least have privilidge separation so you can try to sandbox things.

These days the ones that were once bitten are twice shy, and if you run a decently updated box with no random cracks from the Intarwebs chances are slim you'll have any problems. Just recently I read that the online banks were starting to decline proposals to increase security - it was rare enough that simply paying up if people got swindled made more sense. In short, I think the people left that are getting suckered for the most part are the ones that'd get suckered by phone, by mail, by fax or any other way you'd get in touch with them.

Re:OMFG!

[PitaBred]

You haven't done much end-user support, have you? People still install Bonzi Buddy, etc. because they want a furry, cute "friend" or whatever screensavers they can find, and click yes to every prompt because they know that way things will work.

The Internet isn't much safer, the users are just as clueless, and water is still wet. The only thing that's improved is defense against automated attacks, which while a very good thing, is still just the tortilla on the enchilada.

Re:

[jellomizer]

More secure doesn't mean absolutly Secure. 10 years for your measurement isn't really a good frame. It is like saying driving a was was far safer back in the early 1900's. Where only a few people owned cars and if they did they drove them very carfully because they were cheap and a luxery item.

The same with the net back in 1998. Most people use dialup AOL was the king of internet and many people though they were using the internet while never leaving AOL servers. The Buffer Overflow hack was just newly d

Re:

[sm62704]

Users worldwide are idiots.

You couldn't be more right.

I'm in danger every day. When I drive my car I'm in incredible danger. I could die, or worse, be confined in a wheelchair for the rest of my life. If you work construction you are in the most dangerous profession there is. If I'm in a bar I'm in danger of some drunk [kuro5hin.org] busting a bottle over my head. If I walk outside I can get struck by lightning. If I cross the street I can be hit by a car.

Danger? I don't think that word means what you people on the intern

Ignorance is Bliss

[Barondude]

How many of those people surveyed have PCs sending out SPAM behind their backs?

Re:

[Sorthum]

Precisely. As long as their computer still does what THEY want when they want to do it, it couldn't POSSIBLY have problems! It's spewing out crap to other users? Not my problem, mate!

Most malware infections are fixed because it slows the box down to a crawl and degrades the user experience; if the malware authors can fix that, people will NEVER get their stuff fixed.

Re:

[CastrTroy]

That's why dualcore processors are nice. If you limit the malware to only running on one processor, the user would probably never figure it out. I think that most malware authors try not to monopolize the resources. The problem is that if you have one piece of malware, you probably have a whole bunch of it installed. Once you get lots of malware, that's when you're machine really starts to slow down.

Re:

[LaskoVortex]

Well, at least I know the idiot mod who can't recognize humor isn't going to spend that point where it could really do some damage.

Ripe for the plucking?

[KublaiKhan]

Seems as though if the ruckus about 'cyberwar' and all the espionage supposedly being carried out online is correct, then all these home users whose security is apparently less effective than their corporation's security (though how effective this corporate security is, opposed to its perception, is a matter of question) would be ripe for use as local proxies, hosts for various malware, or local monitoring of 'net traffic for an enterprising spy.

Next program by DHS: Be patriotic, install our red white and

Wouldn't the irony of ironies be

[ZanySpyDude]

if the Nigerian Princes felt the net to be a perfectly secure place?

Re:Wouldn't the irony of ironies be

[gEvil (beta)]

You do realize that if we all did our part to help these princes out, that eventually there wouldn't be any more Nigerian princes in need of help, right? So pitch in! The only way we'll get these Nigerians to stop bugging us is if we get all their money back to them.

Re:

[J0nne]

ignore this post, I accidentally modded parent overrated instead of funny, so I'll post to undo that.

Stupid ajax interface! Select boxes without confirmation buttons or an undo feature? Really?

Re:

[harry666t]

You just tried to mod this post funny. Cancel or Allow?

Re:

[whitehatlurker]

Would it be ironic if your posted got modded "insightful"?

Re:

[J0nne]

Would it be ironic if your posted got modded "insightful"?

No. If it got modded overrated, it might be ironic, or at least a bit funny. But insightful? nah.

Re:

[Chosen Reject]

Toby: Didn't you lose a lot of money on that other investment, the one from the email?
Michael: You know what, Toby, when the son of the deposed king of Nigeria emails you directly, asking for help, you help! His father ran the freaking country, okay?

Re:

[flaming error]

Wouldn't the irony of ironies be ...

if this study was conducted by Cisco Brazil [lightreading.com]?

what does safe mean?

[sam_paris]

You are only as safe as the measures YOU employ to protect yourself. Your email may be hosted by the most secure company in the world but if your password is "password" or "firstnamelastname" or "123456789" etc then all their security measures are meaningless.

Likewise, if you're running unpatched versions of XP you could have the most secure password ever yet it's meaningless when you have a rootkit with a keystroke logger that's sending your password to a script kiddy in Russia.

Perhaps people "feel" safer because the marketing departments of certain companies... (Microsoft) tell them they are..

Re:

[Sciros]

how did u no my password??

Re:

[sam_paris]

I'm in your account taking your moniez :'(

Re:what does safe mean?

[Phylarr]

I think this story is meaningless without someone explaining what was meant by "safe." Did they ask people if they felt safer from malware, or did they ask if they felt safer when buying something from an online retailer? These are very different forms of safety.

Also of note is that the article consistently confused the issue of whether people said they felt safer or whether more people said they felt safe.

On a related note, according TFA, France holds net security in the highest regard, not Brazil. Brazil showed the greatest improvement in people who hold it in high regard. I think. The article was so poorly written that I can't even say for sure if that's what it was saying.

Re:

[maxume]

Day to day, something like '123456789' is only just a little worse than something like 'ujN7EVkh'. I mean, if the attacker doesn't think to try it right away, it probably isn't going to be at the beginning of an automated search.

And really, if an email host were storing unsalted hashes and that file got stolen, they aren't secure, and if they are allowing thousands of unsuccessful login attempts per day, they aren't secure.

Re:

[angryfirelord]

Likewise, if you're running unpatched versions of XP you could have the most secure password ever yet it's meaningless when you have a rootkit with a keystroke logger that's sending your password to a script kiddy in Russia.

In Soviet Russia, script runs kiddie!

Re:

[gotzero]

I was going to have a witty reply for this, but my computer beat me too it sending out 50,000 e-mails about hot stock picks in the time it took me to read the comments...

Not quote there......

[iknownuttin]

Dude, good try at Karma Whoring! Especially with, "We have the Telcos and CableCos making it worse by violating net neutrality." That was good. You mentioned "Net Neutrality". Here's my suggestion. Say," I bought a Mac and voted for all politicians that want Net Neutrality and I run Linux on ALL other boxes! Ron Paul 2008!"

Go from there with your own creativity.

I must have missed something.

[RandoX]

Why is the comment about Brazilians ironic? Anyone want to enlighten me?

Re:I must have missed something.

[Niten]

Because when you have a brazillion PCs to keep track of, maintaining any semblance of security becomes orders of magnitude more difficult.

Re:

[dim5]

nice one. too bad my mod points just ran out.

Re:

[Deanalator]

You owe me a mouthful of coffee, and a new keyboard.

Anywho, to GP, a very large portion of network attacks come from Brazil. I would say that a widespread knowledge of network security is what is allowing people to feel safer, as opposed to Germany, which recently outlawed research in the field. Then again, I am a security researcher, so I have a bit of a bias :-)

Re:

[Deanalator]

I heard it with 4 Brazilian :-)

Re:

[deadeye766]

Perhaps because Brazil is murder-tastic. Check this out...

http://www.boston.com/news/world/latinamerica/articles/2006/09/25/brazil_murder_rate_similar_to_war_zone_data_shows/ [boston.com]

Re:

[Anonymous Coward]

Because tons of zombies, spam and other shit comes from Brazil. There are blackhole spam lists that block pretty much all of Brazil because they are so infested.

Noooo! It's a Brazilian WAX

[EmbeddedJanitor]

Not a Brazilian WAN.

Perhaps it's a double irony in that TFA's Google Earth feed got hacked and Nigeria/Brazil got swapped.

Re:

[crabpeople]

because /^Received: .*dsl.brasiltelecom.net.br.*$/ REJECT

and many MANY others...

Re:

[keeboo]

because /^Received: .*dsl.brasiltelecom.net.br.*$/ REJECT

By using such "kill'em all" rule, you're either incompetent, or your e-mail server is irrelevant.

widespread negligence, incompetence and Corruption

[keeboo]

Brazilian home PCs are infested with all the kinds of stuff simply because the users do not care at all.. This alone is not enough, though, since pretty much everyone around the world behave like that.

The problem is that ISPs simply don't care.
I work at the Brazilian Gov't and even security reports from me are bluntly ignored by those ISPs.

You may try to report to CAIS [www.rnp.br] (which is supposed to be "the" security network center in Brazil for the national academic network) and you know what? You'll receive and acknowledge response and that's it, nothing else will happen.
The only time they do something were in cases such as fake Paypal pages, I believe because there was money involved.

An example on how things work here:

Once we complained to CAIS about this scum [funpar.ufpr.br] from this university [www.ufpr.br] which were deliberately sending their spam (not an infected machine sending random viagra messages) and guess what CAIS did.. Exactly, nothing.
I suppose that junk is related to some project they've managed to get public money from, because we complained so many times and nothing were done (there's _always_ something fishy involved).

Until I picked up the phone called that university directly and told them I would block them completely unless they stopped that spam.
The guy who answered me simply started to say he would talk to the Rector, to politicians XYZ and who knows else, and implied that I could get into trouble.
To shorten the history.. In the end we've managed to stop that junk. But see how much did it cost.

I know so many rotten histories on Brazilian Internet, from the gov't side, from the private companies... A book could be written about that.

I *used* to think the internet was safe.

[SynapseLapse]

I use Linux, I keep my stuff patched/firewalled/well passworded (is that even a word?).

You feel secure for a while, then you get duped into clicking on a goatse/rotten.com type link. *shudder*

Really, that's what bothers me more than anything else. The occasional "Find sexy singles in your area ads" don't really bother nor register to me anymore. However the occasional gore (The disgusting kind, not the ex-vp kind) that lurks on the Internet really gets to me.

The goggles - they do nothing!

Block the shock with HOSTS

[imtheguru]

Works on all OSs (well almost) and user editable.
Here's one example. http://someonewhocares.org/hosts/

Cheers.

Re:

[calebt3]

(The disgusting kind, not the ex-vp kind)

There's a difference?

Re:

[CSMatt]

You can always just look at the status bar to see where a link points to.

Erm, it's not that trivial.

[imtheguru]

With services like tinypic and tinyurl and links crafted to use Google's 'inurl:' coupled with 'i'm feeling lucky', it is difficult if not impossible to predict where a link will resolve to...

On the other hand, perhaps you can decipher cryptic links by staring at your status bar, in which case, more power to you.

Cheers.

Re:

[CSMatt]

If it's a TinyURL link, insert "preview" in the subdomain and TinyURL will tell you where the link points to.

The Internet is Vast...

[nonsequitor]

and getting vaster every day. Most security is worthless. Its good enough to prevent a majority of threats from getting through, sometimes. The only thing protecting users is the size of the internet combined with the fact that most of them do not have anything of value stored on their computers. The only thing Joe Sixpack has that Evil Hacker wants is his credit card number, which let's face it, is not enough to retire off of. The only other things that can be taken from Joe Sixpack are his resources; CPU and bandwidth. The net result is you would still have to grind out a living as an Evil Hacker, or get into freelance corporate espionage. So yes, the internet seems safer, mainly because its bigger, not because it is technologically more capable of stopping the bad guys from getting you.

(I apologize for rambling, I'm sick in bed hopped up on meds)

Re:

[gutnor]

"The only other things that can be taken from Joe Sixpack are his resources; CPU and bandwidth."

You get that right ! Internet is 'perceived' safer because almost no recent virus/trojan/whatever format your disks ... In the late 90's, if Joe sixpack spent 1 day online, the local script kiddies would nuke his win95 (winnuke), trash his disk(virus of the day), or make fun of the user while he is using it (backorifice)

Today, you will get a few mostly inefficient keyloggers (they are almost always targeted at US

Re:

[CSMatt]

The only other things that can be taken from Joe Sixpack are his resources; CPU and bandwidth.

You forgot about his porn.

yes it is!

[recharged95]

When you can lie, cheat, steal, have virtual no responsibility for your actions in VR worlds aside from "pay more $$". And the worse case is you can be flamed or 'used' by the RIAA (which so far is a slap on the wrist to 99% of folks out there).

Of course it'll be safer.

5 lines are cut

[Tiber]

Iran is without internet access. Of course it's safer!

Safer than what?

[R2.0]

Tourists in Rio during Carnival? A Hunting trip with Dick Cheney? Driving with Ted Kennedy?

Yeah, you probably won't be harmed, but that doesn't mean it's "safe"

Random Thoughts

[milsoRgen]

While I feel the internet has gotten a whole lot shittier with laws encroaching onto our once pristine wild wild west style play ground. I personally don't feel any less safe. There are risks out there of course, just has there has been for a long time now. But by practicing the same techniques I have for ages I'm fairly confident in my box.

If anything I might be slightly more confident as these days. I've always been a hardware geek and as case mods have come down in price and the software to support them has matured, I now have instantaneous access to system resource utilization and temperatures through various means that allow me to gauge my computer utilization with a glance, contrast that to the task at hand and you know when things are being accessed outside of your control. The cost of a hardware based SPI firewall is within anyones range. Also memory prices are so cheap you can afford the extra 128+ required to leave a software based firewall, anti-virus and network logger running.

And I always delve into windows to ensure maximum resources are available for gaming. So along the way I get to know windows on a level most never do. So all it takes is a quick glance at which processes are running to keep me feeling okay about things.

Really the only thing that worries me are rootkits, but I ran those scanners once in a while. However I don't really know how much faith I should be putting in them... Either way a competent user shouldn't have to much to worry about.

With that being said, I don't think I would put quite as much faith in network security at work, granted the admin's are paid and trained to do what they do. But they also, generally, have an increased workload and many other responsibilities.

Re:

[choongiri]

So all it takes is a quick glance at which processes are running to keep me feeling okay about things.

Good job those rootkits are so well behaved and don't try to hide from the process list then, isn't it?

Re:

[milsoRgen]

Good job those rootkits are so well behaved and don't try to hide from the process list then, isn't it?

Not quite sure what you mean by that, but I did go onto say that rootkits are about the only worry I have these days, and even that one is marginal.

CHMOD 777

[Republican Gun]

Too many amateur websites out there giving permissions away to scriptkiddies, Islamo freaks, and russian mobsters. Where do you think that Bank of American spoof page is coming from?

Felling safe

[Wowsers]

Feeling safer depends what you're running. I use XP and Linux, feel a fair bit safer when using Linux.

What the applications may be doing in the background when using Windows is another matter. Connect to get an update of a package, and oh by the way, lets send some encrypted "anon" user data, or you need to enable a feature for the package you paid for, and the only way to do it is to do it online - and who knows what that sends about your system (enabling some CODEC'S in Adobe Premier Elements springs to m

I remember the time when most networks...

[Yaa 101]

Did not have any firewall or other measures.

Internet in my perception became unsafe when all the trash came online.

obviously thanks to vista

[bigtimepie]

the internet is safer

cancel | allow

From the gut

[Tribbin]

Listen to your guts.

My guts tell me that my data is safe.

When I saw this...

[uxbn_kuribo]

My reply was "Safer than WHAT, exactly?" I've come up with a list of things that are safer than the internet: Harlem. Bagdhad. Suicide Machines. Unwashed store produce. Seriously, considering you can't even trust the companies that claim to produce anti-malware (some of which actually install malware), and there are millions upon millions of more idiots out there than there was 10 years ago... how can you say it's safer? I remember back in 1997, when you could log onto IRC or a Q2 server on Thanksgiving

ISP's and worms

[rastoboy29]

It does seem to me that my last two ISP's, Time-Warner and Comcast, despite all their numerous faults, do a pretty good job of keeping worms in check on their networks.

Mind you...I could be deluded.  But for various games I cannot get to work through my router I have to run XP without it, and even with my balls hanging out there I haven't had any trouble..that I know of.  I do run Ethereal that way from time to time and it seems pretty trafficless except for ARP's and such.