I love reading comments on technology oriented blogs especially when they start espousing how it should be, how it is in their homes or how Microsoft is screwing up everything they touch. Yup techies, especially those with years of experience under their belt are a fountain of knowledge and are more than willing to share it whether it is through exhaustive blog posts, or in the comments to those blog posts.
Today I was reading a post by engtech when my eye caught a couple of links to older posts by Jeff Atwood at Coding Horror where he talks at length about the self-interest of anti virus companies and how with proper care and attention; along with some funky software options like virtualization, antivirus programs were unnecessary. As interesting as the post was in itself the comments that followed it proved to be just as interesting; if not more so.
Now I’ve posted before on my feelings about how I think AV companies are no better than snake oil salesmen but I am also realistic enough to know that for the real world computer user and their families not having an AV installed turns their computer into a ticking time bomb.
It is things like this that perfectly illustrate; to me at least, how tech knowledgeable people have gotten to the point where they have lost sight of the reality of the larger world of real computer users. To assume that everyone will know; or even give a shit, what virtualization is in the first place let alone go to all the trouble of installing it and using things like VMware is a fool’s assumption. It’s hard enough to get them not to click on stupid ass email attachments from people that may or may not know.
I can’t even remember the number of machines that I have seen that have had AV software turned off, AV subscriptions so out of date as to be totally useless or even firewalls disabled because they didn’t like all those popup dialogs showing up all the time. These are the people you want to learn to make image backups or not click on that attachment from Aunt Mable or to fire up a virtual version of their OS so they can play WoW – give your head a shake.
Why do you think botnets are ravaging our systems. Why do you think that Sony wasn’t concerned about their rootkit DRM scheme. The reason things like this proliferate is because the real world user doesn’t give a shit past being able to download music where ever they can, surf for porn and clicking on any button just to get rid of those popups. Things like that succeed because normal everyday folks are using tools they don’t have the faintest clue about; and probably for the most part don’t care to learn anything about.
The crackers, phishers and other assorted script kiddies are playing a game of averages and as with Las Vegas casinos the law of averages is always in their favor. It’s in their favor because there are more real world computer users out there than there are geeks; and that isn’t like to ever change.
So for as much as those of us that work with computers in one fashion or another day in and day out like to think we have all the answers the fact is it doesn’t matter if we do or not. The fact is that as much as we would like to think we know how the computer world works the truth of the matter is that as long as we refuse to think like those real world computer users – especially when developing software – no amount of self-righteous chest beating of how things should be done will make one bit of difference.
Hey, like this post? Why not share it with a buddy?
Tweet
I think Jeff hits it on the head with this post from 2004: http://www.codinghorror.com/blog/archives/00011…
fundamentally everything we have to go through with antivirus software and firewalls is a workaround for the only security system that has ever worked — user access security and not running as administrator in normal usage.
The concept of having one account for installing stuff, and another account for running stuff is probably the simplest user habit to adopt — so long as running as non-administrator isn't completely unusable.
I think Jeff hits it on the head with this post from 2004: http://www.codinghorror.com/blog/archives/00011…
fundamentally everything we have to go through with antivirus software and firewalls is a workaround for the only security system that has ever worked — user access security and not running as administrator in normal usage.
The concept of having one account for installing stuff, and another account for running stuff is probably the simplest user habit to adopt — so long as running as non-administrator isn't completely unusable.
You're spot on with that advice, and with Bob as my witness, I've tried it. I'm such a tinkerer that I end up switching accounts every 10 minutes because I want to do something that requires admin privs….perhaps it's trying to tell me to quit fscking with stuff……
You're spot on with that advice, and with Bob as my witness, I've tried it. I'm such a tinkerer that I end up switching accounts every 10 minutes because I want to do something that requires admin privs….perhaps it's trying to tell me to quit fscking with stuff……
I have OneCare set up on my son's Vista machine, but I have to admit that I think it's a little weird to be paying Microsoft to stop virii on a Microsoft OS, don't you? IMHO – that's snake oil. It's like paying the guy who's drilling holes in your house to get rid of the mice.
Doug,
while I can agree with you about the strangeness I also think personally that if anyone should be doing the job of protecting the OS it is Microsoft. the problem is that they aren't allowed to do the job right because of the out cry of monopoly that gets raised every time MS steps outside of being just an OS or Office provider.
any time they even try to seriously look to security they get slapped around – remember the PatchGuard stuff (http://www.winextra.com/2006/10/25/patchguard-w…) I sometimes think that half the problems we half with Microsoft are nothing to to do with the company but more with the whining and crying of 3rd party software companies that cry foul every time MS looks in their direction – here's a hint make a better program and make it easily accessible for users to find .. start being proactive instead of riding on coattails.
I have OneCare set up on my son's Vista machine, but I have to admit that I think it's a little weird to be paying Microsoft to stop virii on a Microsoft OS, don't you? IMHO – that's snake oil. It's like paying the guy who's drilling holes in your house to get rid of the mice.
Doug,
while I can agree with you about the strangeness I also think personally that if anyone should be doing the job of protecting the OS it is Microsoft. the problem is that they aren't allowed to do the job right because of the out cry of monopoly that gets raised every time MS steps outside of being just an OS or Office provider.
any time they even try to seriously look to security they get slapped around – remember the PatchGuard stuff (http://www.winextra.com/2006/10/25/patchguard-w…) I sometimes think that half the problems we half with Microsoft are nothing to to do with the company but more with the whining and crying of 3rd party software companies that cry foul every time MS looks in their direction – here's a hint make a better program and make it easily accessible for users to find .. start being proactive instead of riding on coattails.