×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Let Big Brother Hawk Anti-Virus Software

Soulskill posted more than 4 years ago | from the universal-cyber-health-care dept.

Government 405

Frequent Slashdot contributor Bennett Haselton writes with his idea for mass adoption of anti-virus software: "If the US government did more to encourage people to keep their computers secure — by buying TV ads to publicize free private-sector anti-virus programs, or subsidizing the purchase of anti-virus software — we'd all be better off, on average. That's not just idealistic nanny-statism, but something you can argue mathematically, to the point where even some libertarians would agree." Read on for the rest of Bennett's thoughts.

This requires a discussion of "positive externalities," which may seem pedantic to you if you remember the concept from econ class, in which case you can skim the next five paragraphs. When you buy anti-virus software, some of the benefits accrue to you — less risk of your data being lost to a virus, or of annoying spyware infecting your computer with pop-up ads — but some of the benefits also accrue to other people. Prior to anti-virus software being installed on your computer, your machine might have been infected and taken over by criminals who used it to send spam. Or it might have helped to propagate the virus to other people. (Note: I am using "virus" to incorporate related things like "worms" and not worrying about the distinction.) Or you might have thought there was a problem with your computer, not realizing the problem was caused by a virus, and wasted time calling the tech support line for your computer manufacturer or for some other product on your computer. (If the company charges for tech support, then you're paying the cost of your call rather than passing those costs on to others, but if the call is free, then the costs have to be passed on to the company and hence indirectly to their other customers.) When you install anti-virus software, the chances of all these things happening are reduced, and those are the benefits that accrue to others — positive externalities, in economics jargon.

The key assumption is that you can put a price on all of the positive externalities generated by a given person installing the anti-virus software. It's different for every person, but it always adds up to some value, something that is not microscopic, but also not fantastically larger than the purchase price of the anti-virus program. It's on the order of adding 1/100,000th of a penny's worth of value to the lives of 100 million other people, for a total positive externality of $10.

To see that this is a reasonable assumption, suppose that if I had a choice between living in a world where all 100 million other Internet users in the US had no anti-virus software installed (using round numbers to make things simpler), and living in a world where all of the other users in the US had anti-virus software installed, I would pay $10 more per year to live in the latter, counting only the benefits to me and not factoring in any altruistic desire to help protect fellow citizens. (I personally would pay a lot more than $10 because I use the Internet so much, but the average might be closer to $10. Also, what I'd really like is for more people in certain other countries to install anti-virus software — China comes to mind — but I'm leaving them out of this discussion because it would be harder for the US government to encourage that.) When everyone else in the US is using anti-virus software, the benefits are returned to me in various ways, such as it being easier for me to send and receive e-mail because there aren't so many botnet-infected machines sending spam. (This is independent of my decision as to whether to buy anti-virus software for myself or not.)

Now, once I've decided I'd pay $10 more to have all my fellow Americans install anti-virus software, I could draw a graph (while my friends are out snowboarding with their girlfriends) with "how many other US users have hypothetically installed anti-virus software" on the x-axis, and "how much would I pay to live in that world" on the y-axis. At the point on the graph where no other people have anti-virus software, I'm willing to pay $0 to live in that world. (Well, of course I'd pay a lot more than $0 to be alive in any world, but I'm comparing other worlds to that one, so I'm just using $0 as my baseline.) At the point on the x-axis where all 100 million other users have installed anti-virus software, I'm willing to pay $10 to live in that world instead. What does the graph look like in between those points? Well, I can assume it's upward-sloping — the more other people install anti-virus software, the better it is for me. I could also adopt the simplifying assumption that it's a straight line — so I would pay $3 to live in a world where 30 million other people have anti-virus software installed, $6 to live in a world where 60 million other people have it installed, etc. It's not really a straight line, because when the first 50 million Americans install anti-virus software, that still leaves 50 million others to get infected and do damage, but when the next 50 million install it, that has eliminated all the unguarded computers in the US, and made it a lot harder for viruses to spread, at least within our borders. In other words, the line representing the quality of life to me as a function of how many other people installed anti-virus software, would rise more slowly in the range 0-50 million than it would rise in the range 50-100 million. But as long as the curve doesn't make any sudden jumps — for example, I know that the 30-millionth person installing anti-virus software isn't suddenly going to make my quality of life go up by $1 — I know the curve generally has to rise smoothly. So for a really rough approximation I'll treat it as a straight line.

If the graph is a straight line with the value $0 when nobody else installs anti-virus software, and $10 when everybody else installs anti-virus software, then each additional user installing anti-virus software creates an additional benefit to me of 1/100,000th of a penny (so 1/100,000th of a penny, times 100 million, comes out to $10).

You may think it's ridiculous or meaningless to say that someone else installing anti-virus software can benefit me to the tune of 1/100,000th of a penny. I myself can't wrap my head around it. But I can use the necessary properties of the graph — that it starts at $0, ends at $10, must curve upward, and doesn't make any sudden jumps — to reason that it should be approximately true.

And then, if each other US Internet user derives an average of 1/100,000th of a penny's worth of benefit when you install anti-virus software, then the total benefit that you confer on other people by installing the software, comes out to 1/100,000th of a penny times 100 million, or $10. And that's not even counting all the spillover benefits to users in other countries each time an American installs anti-virus software, something that we could consider a kind of off-the-books foreign aid. (Even if we would really like for it to be reciprocated by all users in countries like China installing anti-virus software as well.)

This is actually not hard to reconcile with people's attitudes toward installing anti-virus software. It's recommended as something you should do not only for your own protection, but also as something you should do to be a "good Netizen" so as not to impose inconveniences on other people. If your installing anti-virus software only conferred about 1 penny's worth of total benefit on the rest of the world, nobody would bother exhorting you to do it as a kind of civic duty. On the other hand, if your installing anti-virus software conferred thousands of dollars' worth of good on the world (or, equivalently, not installing anti-virus software exposed the rest of the world to thousands of dollars' worth of risk or damage), then people would not only be exhorted to install it, it would probably be required by law, like functioning car brakes. The kind of pressure that we see today to install anti-virus software — gentle prodding but not outright compulsion — feels commensurate with a value between $1 and $100 of the benefits that a person confers on the rest of the world by installing it.

But this logic also means is that we are missing an opportunity to make everybody better off on average, by actually subsidizing the purchase of anti-virus software for some people who otherwise would not have bought it. Suppose each user confers $10 worth of positive externalities on other American Internet users when they install anti-virus software. Now first consider the case of an a program like Norton Anti-Virus which costs $40.

For anybody who personally values their own anti-virus protection at $40 or more, great — they'll buy the software, they get the value they want from it, and everybody else gets the positive externalities of that person's virus protection, for free. But consider the people who value the anti-virus software at somewhere between $35 and $40. With no government rebate, they won't buy the software.

But now suppose the government offers a $5 rebate (funded by a tax on all 100 million Internet users) to anyone who buys anti-virus software. Everybody who would have bought the software before, will obviously still buy it now that the government rebate has effectively lowered the price to $35, and now, all the people who value the software between $35 and $40 will buy it as well. For each person who purchases the software at the new price of $35, the following is true:

  • The person who bought the anti-virus software is better off — they valued the software at at least $35, and they got it for $35. (Otherwise, they wouldn't have bought it.)
  • The taxpayers who subsidized the purchase are better off. Each rebate cost the taxpayer one-hundred-millionth of $5. But when that user installed the anti-virus software, they conferred $10 worth of total benefit on all other Internet users in the US, so that benefits each Internet-using taxpayer one-hundred-millionth of $10. So they're ahead.

If this seems fanciful, we're still in the domain of standard economics textbook stuff. When positive externalities are involved, the free market by itself will usually not reach the optimal outcome; by adding in some government subsidies, you can achieve an outcome that leaves everyone better off than they were before (even after subtracting the cost of the taxes to fund the subsidies). Call them "subsidies even a libertarian could love." Steven Landsburg's books The Armchair Economist and More Sex Is Safer Sex, and Tim Harford's books The Undercover Economist and The Logic Of Life, explain the logic of externalities probably better than I can, and give other interesting examples. When I say "subsidies even a libertarian could love," consider that Landsburg once wrote that George W. Bush's tax plan was unfairly burdensome to the rich, because "it seems patently unfair to ask anyone to pay over 30 times as much as his neighbors." That's pretty, uh, libertarian. But even Landsburg has argued, in More Sex Is Safer Sex, that LoJack anti-car-theft devices should be heavily subsidized by the government, because they create positive externalities — when more people buy LoJacks, thieves are deterred from stealing everyone's cars, because there's no way to tell whether a particular car has a LoJack installed or not. To the extent that anti-virus software creates positive externalities, it should be subsidized as well.

A modified version of this logic applies even to free anti-virus programs like AVG Anti-Virus. AVG is only "free" if you don't count the costs of finding out about it in the first place, then downloading it, installing it, and leaving it running. All of these add up to costs that, for whatever reason, have led to many people choosing to run nothing at all, rather than to run AVG even though it's free. If the government ran a campaign announcing the rebates for purchasers of anti-virus software, they could also use the campaign to recommend certain free programs -- thus effectively offsetting the "costs" by providing a "subsidy" for those programs in the form of free advertising.

When I ran this past some people for comment, two respondents, Steven Landsburg and Esther Dyson, independently recommended versions of a popular alternative idea, which was to penalize people directly for spreading computer virus infections. Landsburg commented:

I certainly think there are huge externalities here, and they derive from the fact that idiots who don't know what they're doing insist on administering their own mail clients. I don't have a mail client on my machine precisely because I am one of those idiots and I don't want to be responsible for a virus grabbing my address book and running with it.

So I have long thought that mail clients should be taxed and/or (if it were technologically feasible) that individual users should be fined heavily if viruses spread from their machines (or send spam from their machines).

Esther Dyson suggested something similar:

One method to consider is — rather than subsidy — requiring the ISPs to post a bond for their customers and assume responsibility for their actions. They can ask their customers in turn either to buy an antivirus package, to sell one that the ISP will offer for free, or to post a bond guaranteeing that they know what they're doing and will do no harm. The ISP is then liable for the misbehavior of its customers and may forfeit the bond if some specified level of disruption is caused by its customers.

In theory, this works better than my idea because it precisely targets the undesirable behavior: We don't really want to penalize people for not running anti-virus software, we want to penalize people for not running anti-virus software and imposing costs on others as a result. It's not possible for 100 million people to charge one person 1/100,000th of a penny each for the inconvenience and risk that person creates by not installing anti-virus software, but it might be possible for one recipient of the virus to seek to punish the person who gave it to them.

However, I think this scheme would have more practical problems:

  1. You can only penalize the virus spreader if you know exactly who was responsible for passing it on to you. This works for old-school viruses that spread as e-mail attachments, but not for worms like Code Red that probe the network looking for other machines to infect — if you're infected as a result of a remote IP address probing your machine, it's unlikely that you would ever find out exactly when or how it happened, much less the owner of the IP address that infected you.
  2. If you found out that a friend spread a computer virus to your machine, you'd probably be under a lot of pressure from your friend not to turn them in.
  3. For people who did get taken to court for spreading viruses, there would be overhead costs associated with processing the case, over and above the actual fine that may be levied against the individual. (If the penalty happens outside the court system — for example by ISPs keeping the bond posted to them by a customer — at least some of those customers will probably feel wronged and sue the ISP, generating court costs either way.)
  4. If someone accidentally spread a virus to a large number of other machines, that could make their total liability far greater than what they could actually pay.

The idea of fining or otherwise punishing people for accidentally spreading viruses is something I've thought about too, but usually in a moment of venting. As Steven Landsburg dryly says, "Your solution (subsidized antivirus software) might be more effective, but mine would be more satisfying (to me)." I think the option of punishing people for propagating viruses is something that should be explored in more detail, but I can't offhand think of any solutions that would avoid the problems listed above. The fact is that anybody with an Internet connection has the potential to do enormous damage if their machine gets infected, and in most cases it would be too hard to track the harm back too them, and too harsh to make them pay the real cost of the damage.

On the other hand, the option of a government publicity campaign to get people to install anti-virus software — at least the free ones, which should be a no-brainer — is something that seems like it should start bringing benefits right away. Government advertisements for free programs would require the least amount of paperwork to set up, because all the government would have to do would be to produce the TV ads and buy the airtime. (Other proposals, such as subsidies for non-free anti-virus software, or paying people outright to install anti-virus software, would require more overhead to implement. That doesn't mean they shouldn't be tried, but go for the low-hanging fruit first.) Now, what the ads should look like would be a question for advertising experts, but I would really hammer home the point: "Go to this government website and we have a list of recommended FREE anti-virus programs. These are not 'free trials' for something you have to pay for later. They are FREE. If you're not using anything at all, at least go get one of these." Along a list of the non-free programs for people who want even more protection, and links to third-party reviews of those.

More generally, I think that government-funded action to encourage better computer security is something that has not been given enough consideration. I think this is partly due to hostility to anything that smacks of government intervention (because of, among other things, numerous times the US government has attempted to censor the Internet), and partly because of an assumption that the free market will provide the best solution by itself. But if the government is actually on the right side of an issue — the side of promoting better computer security — then there's no reason to be petty and foul up their campaign just because we're still resentful that they once tried to make the Internet into a no-cussing zone. Hey, if the government thugs start to care more about computer viruses than about Internet porn, then they're learning! Give them a pat on the head and help them get the word out! And meanwhile, economic theory predicts that because of the externalities problem, the free market by itself won't lead to the optimal number of people using anti-virus software or keeping their computers secure. That's precisely the situation where a government-funded push toward more computer security can bring everyone more benefits than it costs. If you wear a Ron Paul t-shirt, but you found out about free anti-virus software software from a state-sponsored TV ad, nobody has to know.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

405 comments

What about the standard way ? (5, Insightful)

godrik (1287354) | more than 4 years ago | (#27845351)

that is securing operating systems and educating users so that they don't install viruses ? This can also be push forward with tax dollars and would be more useful IMHO.

Re:What about the standard way ? (4, Insightful)

Benanov (583592) | more than 4 years ago | (#27845417)

Going to have to agree with that.

All this talk about positive externalities and encouraging large numbers of people to do something might be better served by the government requiring higher minimum security standards for operating systems and charge pigouvian taxes to software makers who don't meet those standards.

Sadly this only works in the ideal world.

Lobbyists would destroy it (to the point where Windows 95 would pass) and the only people who would be hurt would be Free Software authors and SMBs who don't have enough representation.

FWIW most ISPs offer "free" anti-virus; most of the time it's McAffee or Norton. That and really virus scanners are a bandaid to poor security.

They're effectively a blacklist (with some mostly ineffective greylist heuristics), and blacklists aren't really useful against continual new threats.

Re:What about the standard way ? (2, Insightful)

postbigbang (761081) | more than 4 years ago | (#27845489)

Although draconian, I say partition machines that are parts of botnets, those that distribute undeniable spam, and those that perform port probes. Yes, I know that spoofing makes that tougher, but it's a start so as to jolt people into taking responsibilities for their ownership in their own systems.

Route around the bastards, I say.

Re:What about the standard way ? (4, Insightful)

cayenne8 (626475) | more than 4 years ago | (#27845573)

Just one problem with all these suggestions.

This is not something the Federal Govt. is mandated to do?!?!

Where in the constitution would be the mandate for the feds to promote something like this? I know people try to squeeze everyting into the 'general welfare' statement, but, c'mon, this is a 'reach' even for something like that.

De-Fense! (clap clap) (4, Interesting)

tepples (727027) | more than 4 years ago | (#27845709)

Where in the constitution would be the mandate for the feds to promote something like this? I know people try to squeeze everyting into the 'general welfare' statement

From the Constitution:

The Congress shall have power to lay and collect taxes, duties, imposts and excises, to pay the debts and provide for the common defense and general welfare of the United States

Other countries have used military botnets. Therefore, a campaign against botnets might even count as "defense", in addition to the "welfare" and "commerce" arguments that others have made.

Re:What about the standard way ? (5, Funny)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#27845753)

If I were pushing this plan, I wouldn't try "general welfare", I'd go for "security".

Just loop "blah, blah cyber-terror yada blorg emerging network-centric threatspace blah, yadda, rogue state espionage etc. soforth pedophile super hackers drone bloviate organized crime identity theft" until everybody's eyes glaze over. At that point, anybody who opposes the measure is a shifty-eyed pedo-terrorist who wants the chinese to hack the pentagon. Problem solved.

I'm not sold on the idea; but it would be an easy sell.

Re:What about the standard way ? (3, Interesting)

tepples (727027) | more than 4 years ago | (#27845583)

They're effectively a blacklist (with some mostly ineffective greylist heuristics), and blacklists aren't really useful against continual new threats.

I can think of four ways to keep viruses and worms from spreading: operating system security, blacklists, greylists, and whitelists. Blacklists and greylists in mainstream antivirus software for Windows are less than perfect, as you point out. Whitelists implemented in non-free operating systems (such as Authenticode and game console lockouts) have tended to be unfriendly to microISVs and free software developers. This leaves OS security. OLPC's web site describes Bitfrost [laptop.org] , an interesting security layer that provides finer-grained security than is seen on most Linux or Windows desktop installations without depending entirely on lists. For instance, an app's installer can request directory scanning privileges (P_DOCUMENT_RO) or network privileges (P_NET), not both.

Yes, and quis custodiet, anyway? (4, Insightful)

Geoffrey.landis (926948) | more than 4 years ago | (#27845527)

I agree with the comment about positive externalities, which is a factor not always well understood by the libertarian-leaning computer community, but the problem is that I can't see a good argument that the government would do this well.

Frankly, working for the government, I would say that the government's understanding of computer security is negligible. Their advertisements would consist of warnings telling you to use non-rememberable twelve- or more character passwords with upper lower number and symbols, and to change all your passwords every ten days to a different non-rememberable twelve- etc password, and then warn you to never go to any website that isn't on the official government approved list, because you might get phished.

An alternate suggestion would be, go after the spammers and the malware distributors. Malware is getting distributed because people are making money off of it. Follow the money, and shut it down, and malware will go back to being a hobby of a small community of nerds.

Re:What about the standard way ? (2, Insightful)

mc1138 (718275) | more than 4 years ago | (#27845595)

They'll just make a better idiot. I'm not saying anti-virus alone will do it, but I've found through practical experience that trying to educate users really only works with those are willing and able to learn. A vast majority of computer users are click happy and impatient willing to click anything and everything to get on with their day.

Re:What about the standard way ? (1)

hedwards (940851) | more than 4 years ago | (#27845907)

Right, which is why I suggested a license way back. People complained that I was being elitist, but come on. The only way that we're going to be able to cut down on the spamming, scamming and other cyber crimes is through making sure people are educated and towing the line.

It doesn't do me much good to behave responsibly when so many people are not doing so. Ultimately those people that have malware and virus infected computers cost me time and money.

Re:What about the standard way ? (0)

Anonymous Coward | more than 4 years ago | (#27845731)

> educating users so that they don't install viruses ?

Yes, exactly!

Viruses are an entirely used-caused problem, much like spam. I've been using various personal computers since the 70's, never use anti-virus software, and have yet to get any virus or malware. It isn't that hard.

At work they make computers run some anti-virus suite, and I consider it malware. There is no way on earth that I'd ever run something like that on one my own computers.

This problem can be fixed by a combination of the carrot and the stick. The stick is: if your machine is on a botnet, you get disconnected from the internet. First time, one week. Second time, three months. Third time, two years. People will learn.

Re:What about the standard way ? (2, Informative)

EvilBudMan (588716) | more than 4 years ago | (#27845807)

Really, McAfee AntiVirus Enterprise Edition with all the goodies (anti-spyware) will get some honest files while missing most spyware. For instance it doesn't seem to like port scanners which is good for clients I guess? Maybe?

That sounds like something else the government already has to spy on you. Windows. The automatic delete feature will be added for *.mp3's and things like that with a government endorsed or enforced antivirus choice.

Hmmph. (3, Insightful)

Anonymous Coward | more than 4 years ago | (#27845357)

Frequent Slashdot contributor Bennett Haselton writes with his idea for mass adoption of anti-virus software:

Wow, somebody's buddy just got hooked up. Posting cretinous articles is one thing, posting a contributor's own cretinous musings is quite another.

Here's an idea -- Let's assume for a second that the majority of business and government uses a specific family of operating systems from $MONOLITHIC_CORPORATION. Since that corporation is pocketting billions upon billions of dollars, then why not have them subsidize the ads?

The burden should fall upon the corporations which support their operating systems which have been demonstrated to be gaping security holes which would make even the great Goatse prolapse with envy.

Re:Hmmph. (0)

Anonymous Coward | more than 4 years ago | (#27845785)

Here's an idea -- Let's assume for a second that the majority of business and government uses a specific family of operating systems from %MONOLITHIC_CORPORATION%. Since that corporation is pocketting billions upon billions of dollars, then why not have them subsidize the ads?

There... fixed that for you...

Otherwise I agree with you completely, why should the taxpayer foot the bill for Microsoft's idiotic marketing driven design decisions and general incompetence.

Re:Hmmph. (1)

pohl (872) | more than 4 years ago | (#27845945)

But the quote from Esther Dyson said the ISP is responsible, not the monolithic corporation who made the operating system.

And we all know the conventional wisdom that the structure of software doesn't have anything to do with security...it's all about popularity: any operating system would would be equally vulnerable if its market share were to grow to be as large as the one that currently dominates.

And you also forgot that the assumption that we all use the monolithic corporation's system is supposed to be a tacit assumption...which is to say, don't speak about it. Ssssh! It's a fight-club kinda thing.

Re:Hmmph. (1)

plague3106 (71849) | more than 4 years ago | (#27846021)

So it should be Hondas fault if I don't maintain my car and that leads to an accident? Windows is secure, the viruses being spread are doing so though user action.

This is ridiculous (0)

Anonymous Coward | more than 4 years ago | (#27845363)

Simply ridiculous. Antivirus software is just ineffective.

Re:This is ridiculous (4, Insightful)

tomhudson (43916) | more than 4 years ago | (#27845503)

It's worse -it's a disguised bail-out of Microsoft and anti-virus vendors.

It would help keep the idea alive that it's okay to sell virus-prone software. Why not use the same money to push for more development and higher adoption of linux or bsd?

Or create 2 internets - one for windows users, and one for people with a clue.

Re:This is ridiculous (3, Insightful)

montyzooooma (853414) | more than 4 years ago | (#27845749)

Or create 2 internets - one for windows users, and one for people with a clue.

That second internet isn't going to be very big.

Re:This is ridiculous (1)

Nutria (679911) | more than 4 years ago | (#27845959)

That second internet isn't going to be very big.

Good. It will be be a return to the days before the Eternal September, and before Usenet was nothing but spam and viruses.

Re:This is ridiculous (0)

Anonymous Coward | more than 4 years ago | (#27845791)

No, advertising is not bailing out. Giving massive, long-term, unqualified, low-interest loans is a bail-out. Troll.

How about ads against Microsoft and their shit (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#27845385)

I'd love to see the governments put ads on TV and newspapers against using anything bearing the name "Microsoft".

I'd support that.

Nope (4, Insightful)

Anita Coney (648748) | more than 4 years ago | (#27845391)

"to the point where even some libertarians would agree."

Maybe he meant to write librarians, but no true libertarian thinks that the government should purchase ads for McAfee and Symantec.

Re:Nope (1)

hansamurai (907719) | more than 4 years ago | (#27845553)

The only software I want to subsidize is for my in-laws, so I don't have to fix their computer anymore.

And actually I did just that last October by installing Ubuntu 8.04, haven't had a call since.

Re:Nope (1)

Anita Coney (648748) | more than 4 years ago | (#27845689)

"And actually I did just that last October by installing Ubuntu 8.04, haven't had a call since."

God, I nearly did the same thing to my in-laws. It's like their PC is a spyware/malware/virus magnet.

Almost (1)

Benanov (583592) | more than 4 years ago | (#27845915)

I converted my parents to Ubuntu. Dad loves it. :)

My brother and in-laws remain untouched, although I do have a "refuge" box stashed at the in-laws for when I didn't bring a laptop and need an available machine.

Re:Nope (1)

gfxguy (98788) | more than 4 years ago | (#27845619)

I'm a libertarian and I agree that government spending millions of our tax dollars on ads would save some users from their own stupidity.

That doesn't mean I think they should do it, it just means I agree that the government spending millions of our money to promote something will, ultimately, to some extent, promote it.

But you're right, no "real" libertarian would suggest this is what the government should do.

Right to keep and bear AVG (1)

tepples (727027) | more than 4 years ago | (#27845745)

no true libertarian thinks that the government should purchase ads for McAfee and Symantec.

What do true libertarians think about state sponsorship of defense? Could software that implements a malware blacklist be considered arms to defend yourself against foreign military botnets?

Re:Nope (1)

Benanov (583592) | more than 4 years ago | (#27845835)

Most libertarians try to shield themselves from the negative influence of the outside world (as it applies to their freedoms).

After all a secure computer system is pretty much a prerequisite for high levels of privacy.

Re:Nope (2, Interesting)

darkmeridian (119044) | more than 4 years ago | (#27845859)

That's not true. Libertarians believe that government should not interfere absent a market failure, or defined instances where the free market will not work properly. Libertarians would support the SEC, to some extent, to cure the problem of asymmetric information. The SEC regulation regime is basically founded on truthful and standardized disclosure of material facts.

Libertarians would regulate pollution because there are negative externalities. A business can spend $10,000 to install pollution control systems, or dump toxins into a creek for free, causing $10,000,000 in damages to the surrounding area that no one would know about until it was too late. Without government regulation, businesses would pollute because they don't have to pay for the suffering of others from their pollution. Consumers are on the Internet without knowing how to secure their systems. It's causing everyone else to get spammed and DDOS'd but the nitwits don't care because their computers still work. It's time for the government to walk in and take some sort of action to reallocate the responsibility onto those parties best situated to prevent costs.

Re:Nope (1)

jockeys (753885) | more than 4 years ago | (#27845935)

agreed. let's look at this realistically: it would wind up being nothing more than state-sponsorship of a few select producers of AV. it stands to reason that the bigger the lobby group, the more attention that corporation would receive.

do we really want our tax dollars buying ads for McAfee and Symantec?

Can't Pay Me (0)

stewbacca (1033764) | more than 4 years ago | (#27845395)

You can't pay me enough to infect my computer with the crappy anti-virus software out there. Until AV software does more good than harm, I'll just continue on spreading my germs.

I took the author's advice and skimmed, but does he seriously advocate penalizing people for using their computers without AV software? Can we penalize people for spreading the flu, because they didn't wash their hands? Is this some sort of perverted blaming of the victim, or did I skim too quickly?

Re:Can't Pay Me (1)

geekoid (135745) | more than 4 years ago | (#27845985)

AVG is pretty good. Small foot print and it doesn't spread crap all over your computer.

I have read F-Secure is also pretty good.

BORING!!! (0)

Anonymous Coward | more than 4 years ago | (#27845397)

Did I mention BORING!!!?

Thought Masturbation (0, Flamebait)

SuperKendall (25149) | more than 4 years ago | (#27845433)

but I'm leaving them out of this discussion because it would be harder for the US government to encourage that

Oh, so you really had no point at all. Thanks for sharing.

AV = worthless, which CEO said it? (0)

Anonymous Coward | more than 4 years ago | (#27845435)

Someone link to that story that was on Slashdot several months ago about some industry big-wig going public with his opinion that anti-virus software is worthless and only slows down computers. (an opinion I share BTW)

Anti-Virus Software (3, Funny)

Anonymous Coward | more than 4 years ago | (#27845441)

Why not just hand out ubuntu cd's?

Dept. of Veterans Affairs uses VistA (1)

tepples (727027) | more than 4 years ago | (#27845797)

Why not just hand out ubuntu cd's?

For one thing, the veterans' hospitals keep medical records using the VA's Computerized Patient Record System that runs on Vista [wikipedia.org] .

Why not just a Windows tax? (5, Interesting)

Telephone Sanitizer (989116) | more than 4 years ago | (#27845467)

If the government imposed a flat tax, Mac and Linux users would end up taking up a disproportionate amount of the burden for the risks that they pose.

Let's just tax Windows.

Take a third of the proceeds to subsidize antivirus software and awareness ads and use the rest to pay people to switch to a better OS.

It could work!

Re:Why not just a Windows tax? (1)

$RANDOMLUSER (804576) | more than 4 years ago | (#27845681)

Indeed. Or to take TFA's argument one step further, perhaps the gubment should give Microsoft money so they could make an operating system that was secure.

Re:Why not just a Windows tax? (1, Insightful)

ausekilis (1513635) | more than 4 years ago | (#27845815)

Except that Linux and Mac users aren't immune to viruses, they just aren't the big target. In fact, if you are working in a secure environment, *every machine* must have antivirus software installed, if it's available for the OS. To say that they would take a disproportionate amount of the (financial) burden is false. As those OS's gain more market share, or gain position in large targets (corporate servers), they too will become larger targets.

Norton AV for Mac [symantec.com]
They do have SAV for Linux, just hidden behind obscure web design... so here's a Helpdesk page [symantec.com] instead.
McAfee offers Linux/Solaris as well as Windows too.

Define "Better OS" (1)

Voyager529 (1363959) | more than 4 years ago | (#27846029)

Believe it or not, I applaud the efforts of FOSS programmers. If I wasn't dependent on several Windows-only software apps to get my work done, I'd be running Linux right now. The problem is simply that I've got clients who aren't going to wait for me to figure out how to get Adobe Premiere/Encore/Lightroom/Mixmeister/ACID/Sound Forge/Mediashout/AutCAD to run properly in WINE. It's not that I'm a huge fan of Windows, but I am dependent on Windows-only apps to make my living. I'll admit that Linux has definite advantages, but if I spend more time getting the apps to work that make me money, then how much superior is it for me? Not everyone uses solely Office and Internet Explorer on their Windows machines. I can't possibly be alone.

I browse the web with Firefox, NoScript, and Flashblock. I run Avast on a regular basis. I have UAC enabled on Windows 7. I have properly locked down my router. My software comes from store shelves and vendor websites, not Pirate Bay. I don't run Limewire, period. Personally, I consider that to be a fairly responsible setup for a Windows user. Am I in the minority of Windows users? sure. Should I be required to pay a tax solely because the OS I use to make my living is abused by others?

Shilling? (1)

Syncdata (596941) | more than 4 years ago | (#27845471)

Yes, because right now, after bailing out the financial system, and the auto industry, some industries, like the multi billion dollar security sector, are feeling left out. Where's our share of the grift?

You Seem to Forget a Generation (1)

eldavojohn (898314) | more than 4 years ago | (#27845485)

If the graph is a straight line with the value $0 when nobody else installs anti-virus software, and $10 when everybody else installs anti-virus software, then each additional user installing anti-virus software creates an additional benefit to me of 1/100,000th of a penny (so 1/100,000th of a penny, times 100 million, comes out to $10).

I have four living grandparents non of which own or use a computer much less the internet. While you may claim that it benefits them in some way, they don't give a damn. I think you have a good argument but why not tax internet connections from ISPs instead? You know, like there are home owner taxes there could be internet users taxes that tax specific people. Sure, now you're paying $12.50 instead of $10.00 but at least my retired grandfather isn't paying for your Slashdot habit.

I'm certain there are people my age who are working yet chose not to have internet and that is their right and I do not think they should be paying for our virus problems.

Re:You Seem to Forget a Generation (1, Insightful)

Anonymous Coward | more than 4 years ago | (#27845895)

You seem to forget that they interact with computers indirectly -- when they buy from a store with a card or use the bank to cash a check the information goes through computers. When they pay their electric bill or call your cell phone, computers.

Unless they live off the land with an aquifer, no electricity and are ignored by the tax man because they've spurned Social Security your grandparents interact with computers even if they don't know they do.

people should have to buy a anti-virus license ... (0)

Anonymous Coward | more than 4 years ago | (#27845493)

to put a computer on the internet. Without a license a computer is pretty dangerous to society.

I also think the OS makers should be forced to create sandbox technology around all user installed processes the prevent them from executing outside of well-defined profiles. The default profile should be similar the java sandbox in the web browser. No (or very limited) local file system access, no internet connection except to one domain. All activities should be logged (every file accessed, every network connection made, every registry key accessed, etc).

Re:people should have to buy a anti-virus license (1)

anonymousmeatbag (1412737) | more than 4 years ago | (#27845723)

I also think the OS makers should be forced to create sandbox technology around all user installed processes the prevent them from executing outside of well-defined profiles.

Users do not install viruses. Viruses install themselves trough gaping security holes / backdoors. There is no reason for an OS to allow an application to download and activate *any* application without user approval.

All activities should be logged (every file accessed, every network connection made, every registry key accessed, etc).

Sorry, that is unacceptable. Logging is not needed, is waste of storage space and intrusion of privacy.

Dancing bunnies (1)

tepples (727027) | more than 4 years ago | (#27846009)

Users do not install viruses. Viruses install themselves trough gaping security holes / backdoors.

During the Trojan War, the people of Troy were said to have installed dancing horses [wikipedia.org] , which came pre-infected with the special forces of Greece. Nowadays, users install dancing bunnies [codinghorror.com] , which come pre-infected with viruses and worms and other sorts of malware.

No thanks for an Internet License (4, Interesting)

IndustrialComplex (975015) | more than 4 years ago | (#27845899)

And thank you for proving exactly why I wouldn't support such an initiative.

It would give the government the go-ahead to truly regulate the internet for our own good. It would be for the children, against the terrorists, and ... progressive.

You would be giving the government the authority to limit your speech in the guise of protection. Very likely worthless protection with a whole helping of surveillance and record keeping.

Then, when you step out of line, your license is not renewed. Or, more likely, since you run Linux, a dangerously mutable untrustworthy operating system, you wouldn't be granted a license at all.

No thanks, I don't need or want a license to exercise my rights.

the day is mine (0)

Anonymous Coward | more than 4 years ago | (#27845495)

I have been tagging this guy's stories "ohnoitsbennett" for a long time. Finally it shows up!

Can we get Jon Katz back?

Just have the media sensationalize it ... (2, Interesting)

xmas2003 (739875) | more than 4 years ago | (#27845517)

As we saw recently, tons of media coverage about the swine flu caused a dramatic change in people's behavior and basically destroyed the Mexican tourist market ... even though it didn't seem much worse that the "average" flu ...

Re:Just have the media sensationalize it ... (1)

geekoid (135745) | more than 4 years ago | (#27845927)

Correction:

Even though on hind sight it doesn't seem to be worse then the standard flu.

Wheh something that new and virulent comes up, you must put caution first. While it don't happen often, occasional something appears that's very deadly. You do not want to wait until 1000 people get it before beginning to prepare. The risk is too high.
Of course, there was some over reaction. Here in Oregon a child 'probably' has it and the closed the school district for 2 days and the school for a week.
I wonder how much of it was safety and how much of it was an excuse for cost savings?

Remember, the Spanish Flu started off as a mild flu, then after summer it killed 28% of people infected.

the problem is not (2, Insightful)

nimbius (983462) | more than 4 years ago | (#27845525)

the fact that people dont use antivirus software. the problem is windows is an OS that tends to get brutalized every week or two by a new virus, and the manufacturer does not appear to care.

a better idea would be to make an incentive for OS vendors to build a better product.

Re:the problem is not (1)

Microlith (54737) | more than 4 years ago | (#27845733)

Microsoft can't solve PEBCAK without taking control over the computer completely out of the user's hands.

Are you willing to give them that level control?

Re:the problem is not (1)

dufachi (973647) | more than 4 years ago | (#27845801)

Fine the OS vendor for every virus that infects its OS.

M$ would be the most secure OS on the planet in a matter of weeks. I seriously think they do not fix the issues to support the Anti-Virus/Anti-Malware aftermarket; which they are now members of (OneCare).

Re:the problem is not (1)

Blakey Rat (99501) | more than 4 years ago | (#27845809)

Windows is pretty damned secured at this point. Well, Vista and Windows 7 are. The problem is:

1) Most Windows install are running software that isn't, for example, Adobe Reader or Sun Java. The only virus I've gotten in the last ten years of using Windows was the Vundo virus, on my work computer, through Sun Java. Make sure you're holding the right company to task: I'm certain that at this point there are far more security holes in popular third-party applications from companies like Adobe than in Windows itself.

2) Windows users have been actively discouraged by many technical communities (especially you, Slashdot) from upgrading their XP machines to more secure OSes. Vista might have backwards-compatibility issues with older software, but it's a hell of a lot more secure than XP is a lot of ways-- IE runs in a sandbox, sensible default permissions. IMO, the technical community should always encourage less-technical users to upgrade to more secure products. (That includes service packs, and upgrading IE versions. Even if you hate IE, newer versions of it are much better than older-- tell your friends and relatives to upgrade IE *then* download Firefox.)

3) Many Windows users are perfectly willing to give spyware/viruses permissions to run. No matter how many protections are in Windows (and other OSes), eventually you're going to have to give users the ability to install new software-- when push comes to shove, sooner or later, Windows is going to show "Allow or Cancel" and the user's going to hit "Allow." And remember the virus a few years ago that required users to download a .zip file from their email, type in a password to extract it, then run the resulting .exe file?

Number 3 there is going to be a tough nut to crack-- if you can secure a computer used by this type of user, you deserve a Nobel.

Re:the problem is not (0)

Anonymous Coward | more than 4 years ago | (#27845917)

1. Download .zip
2. Extract .exe
3. Run .exe
3. ???
4. Shit bricks!

Re:the problem is not (1)

godrik (1287354) | more than 4 years ago | (#27845853)

Well, I have already read several comment that tends to say the problems comes from windows. I am not sure windows is the (only) problem. Don't get me wrong I'm am a faithful user of linux, but I believe the problem is mainly user related. And I do not believe linux would do much better than windows if targetted by malware writer:

1/ Users are going to install the crap that they believe is nice such as "emoticon packs" or "the new application to know who banned you from MSN".

2/ Linux users tend to believe their operating system is virus free. The last pwn2own showed that firefox is still not bug-free and those bug can imply arbitrary code execution. If firefox does not run in a sand box (or similar protection), the problem will remain. Linux noob will tend to install package from source or do stupid things they read online. This will install virus as well.

You could say that some virus would be installed but will not reach root privilege. You do not need to have root privilege to be pain in the ass. you can compromise all openoffice document using script (as in MS Excel), you can access password in firefox (even if it is protected by a master password, at some point the user will use them). Well, all your user data are compromized.

However, gaining root privilege is usually easy: First, most people only have one account on the machine which use su, sudo or gksudo to perform administration under their X server. If you have a malware running while you use those, you're screwed. If you use a separate account to perform those task, transfering data between users can become a problem. Even if you do not transfer data, the operating system is not bug-free. Most of the time, several services run under root, there are a couple a suid binary in the system. Or there can still be kernel issues.

I am not sure that Linux is currently much more secure than windows. I believe it is more secure, but in only a marginal way. Notice that I did not said anything about Mac OS X, since I do not know it well. But I am sure the same question arise.

Re:the problem is not (1)

geekoid (135745) | more than 4 years ago | (#27845873)

By not allowing people who sell computers to also sell or recommend an OS.

That would give an opportunity to the market.

Re:the problem is not (1)

jvd (874741) | more than 4 years ago | (#27846019)

I think it's a bit irrational to only blame the OS vendors.

Although I, of course agree that software companies should build secure software from the get-go you also have to understand that much of the blame also goes to the user. They shouldn't be opening (or clicking for that matter) ANYTHING and EVERYTHING that passes through their mailbox or instant messenger.

And I believe that to prevent bad or unideal user actions a good AntiVirus/AntiSpyware suite comes handy. Aside from instructing users on good practices.

So, in short, I believe that the government sponsoring healthy and good practices in their computing experiences is a very, very good idea.

Reporters minimise threat (1)

whoever57 (658626) | more than 4 years ago | (#27845533)

The other day, I heard a discussion on BBC Radio 4 in which an expert basically suggested that the threat from viruses, worms, etc., was not so severe. He stated that it would be impossible to kill the Internet in the UK, because doing this would require cables to be cut.

It seems to me that he was ignoring many treats, such as corrupting the routes published by key routers and the fact that many threats don't involve a complete meltdown of the Internet. Lesser threats were mentioned earlier in the discussion, but the later statements would make people think that the threats form viruses, etc. was overblown -- especially since the later person commented that the former who mentioned these personal threats worked in the industry and hence had a reason to exaggerate them.

Many people would come away from that discussion thinking that there was nothing to worry about and that they probably don't need anti-virus software.

Re:Reporters minimise threat (1)

geekoid (135745) | more than 4 years ago | (#27845845)

It is overblown.
Both it's severity, and it's 'damages'

Re:Reporters minimise threat (0)

Anonymous Coward | more than 4 years ago | (#27845977)

Both it's severity, and it's 'damages'

New punctuation update "~" at the end of a line to indicate sarcasm. http://harns.blogspot.com/ [blogspot.com]

Let me suggest that you don't make comments about punctuation when you can't correctly select "it's" or "its" (hint -- in the example above you should use "its")

Causation & Fines (3, Interesting)

CajunArson (465943) | more than 4 years ago | (#27845571)

One problem with trying to penalize people who spread viruses (at least on a tort theory) is the problem of causation, since you have to be both the cause-in-fact and the proximate cause to be liable for a tort. Here's an example of what that means and why it could be difficult to blame any single person for the spreading a virus, except maybe for the person who unleashed it in the first place:
      Say there's a worm like Conficker that is very prolific and is being spread by many different means over the open Internet and where there are many exposed hosts. Say that for whatever reason I get infected, but that I happen to have detailed logs of the network traffic I received that shows that one A. Dumas who lives in Blackacre owned the IP address that I got my infection from. Say that further, this isn't some fluffy case where Dumas can claim it wasn't his computer or that he wasn't using it, instead Dumas was indeed sloppy and got himself infected with Conficker negligently. The problem is that while Dumas is the direct cause of me getting Conficker, he is likely going to be able to claim that he was not necessarily a but-for cause, meaning if he didn't infect me, somebody else would have. To make matters worse, with a worm like Conficker it would be likely that the "somebody else" would infect me in a very short period of time, possibly only minutes or seconds, after Dumas did it.
      So the end result could go two ways depending upon how a court would look at causation. Some courts might let Dumas off from liability since you really couldn't prove he was the but-for cause, but instead only one random cause amongst millions of possibilities. Other courts would say that yes, Dumas is the cause, but that the damages would be whatever the cost to me is of having Conficker... for 5 minutes or however long I would reasonably had an uninfected computer but for Dumas's infecting me. That would likely lower the damage amounts greatly, and make suing somebody else pretty unattractive.

    Of course, Tort law isn't the only way to handle this. The government could always come out an slap fines on people and the only thing they need to prove is that you were spreading the virus. I'm pretty pro-security, but I frankly think that would be a very bad idea that would lead to losses in freedoms much greater than anything people on Slashdot would imagine. If you are paranoid that some international phone calls were being intercepted before, imagine what it would be like when it is necessary to monitor everybody's network traffic to prove who had a virus and when they had it. Further, imagine all the insane regulations that would follow. For those of you naively thinking that this would somehow lead to Windows being banned from the Internet, think again. Given how the government works it would likely lead to any OS except for Windows and OS X being banned from use entirely. The reason would be that only Apple & Microsoft could effectively afford to pay the massive "licensing fees" and hire armies of lawyers to cut through the red-tape needed to get government approval to connect to the Internet.... not a pretty scenario at all.

Libertarians don't support taxes. (1)

Nitage (1010087) | more than 4 years ago | (#27845585)

Why don't the anti-virus companies just use some of their revenue to advertise or to provide private subsidies to home users (or schools etc)? Same effect on AV adoption as the government subsidies, without the need for taxation or the need for the government to subsidize any paticular product (and all the corruption and bribes - sorry lobbying and 'campaign contributions' that go with government pork).

Yet another door for malware (1)

erroneus (253617) | more than 4 years ago | (#27845609)

If the government sponsored public service announcements advising antivirus protection, every attempt would be made by malware distributors to make their malware look even more like antivirus software than before and would likely be made to resemble norton/symantec or mcafee software products.

Interestingly enough, some people here are already preaching "abstinence" by suggesting people learn what not to do with their computers and where not to go on the internet.

There will always be amazingly stupid people using computers and getting on the internet just as there are amazingly stupid people driving motorized vehicles on the freeways. Cars are safer to operate and require less knowledge. The problem is that there is a "software product" business alive out there that depends on people wanting to install every bit of software they can find.

While most people are generally against the idea of a "limited Windows" I am rather for it. It would be precisely those sorts of controls that would prevent people from installing and running too much software. There will always be the "greasers" who will want to use other operating systems or otherwise use windows without limits and that's fine -- I am not afraid for the educated and knowledgeable users out there. What I am afraid for are those who don't know they need limits. Those are the same people who buy viagra online among other things.

Microsoft should give Windows away for FREE but make it limited and very locked down. People would then need to pay for the right to run without limits.

Will regulation fix the issue? (1)

Glass Goldfish (1492293) | more than 4 years ago | (#27845617)

Let's say we have every single consumer operating system pass rigourous security tests before it is sold to the public. Will that decrease the number of infections or will the malware industry simply take longer to compromise the more secure systems? There is a concept about locks that no lock is fool proof, the better locks merely increase the time to compromise it.

I am deeply against penalizing the average citizen for having their computer run government approved security software. Most people barely understand their computer. The security within the operating system could lead an average user to believe that their system is secure. It's not someone having a gun stolen from their unlocked house and being sued by the victim shot by it. It's someone breaking into your house and using a blowtorch to get into your gun cabinet and then using that gun to shoot people.

WTF? (1)

Cyberax (705495) | more than 4 years ago | (#27845627)

Since when a computer without AV software is somehow 'insecure'?

Is author so thoroughly conditioned that he can't even imagine that it's perfectly possible to use Windows without getting viruses?

Negative Externality First (2, Interesting)

Bob9113 (14996) | more than 4 years ago | (#27845629)

I'm all for educating users about the harm they are causing by using insecure operating systems and engaging in dangerous behavior.

However:
subsidizing the purchase of anti-virus software

Don't dip your damned hand into my pocket and hand money to McAfee before we first educate these people. Then start holding them accountable for the damage they cause. Then, and only then, as a last resort if nothing else works, can we talk about holding their hands because there is no other way out.

I support methadone clinics, but first I support putting junkies who steal in jail. Same thing here. People are wantonly engaged in destructive behavior and you propose that we first harvest the positive externality, before addressing the negative externality of their destructive behavior. I am a strong believer in externalities and the balancing thereof. But let's start with the negative side, with holding the junkies accountable for their behavior.

Re:Negative Externality First (1)

geekoid (135745) | more than 4 years ago | (#27845813)

Also, it's the woman's fault she got raped, she wore a short dress!

Stop blaming the victim.

I went to the extreme to make a point.

However, yes you are correct, don't subsidize the purchase of anti-virus.

Education about how to behave would be good as well as education on the Virus Risk between Windows, Apple and Linux would be nice as well.

Your detractors are idiots (0)

Anonymous Coward | more than 4 years ago | (#27845659)

The cost of executing court cases against 80% of internet users would be pretty high.

In any case, this is somewhere governments just don't need to go. Do we penalize people who brought Swine Flu back from Mexico? Do we penalize people who pass other contagious diseases? "Clearly" they just needed better hygiene. The problem is people administering their own hygiene when they are not professionals. See where I'm going with this? Society has to be based on the assumption that not everyone is an expert in any given field. Further, the blame for viruses should lie squarely with virus writers, not with their victims for God's sake!

Thanks for an excellent and thought-provoking article.

Break out the anti-gummintists... (0)

Anonymous Coward | more than 4 years ago | (#27845663)

Note: For this reply, imagine for a second a faulty animatronic display at the local museum, where the voice emanating from the tinny speakers has grown faulty over countless years of mindlessly repeating the same tired, tired mantra...

[unintelligible warble]n't want the GOVERNMENT telling me what to do! I am not a number! I am a free man! Governm... governm... governm... [clicking sound]ight to not ru[click] my right to not do a thing abou about about my computer's security my right my right my right my right [click] and if anyone else gets hurt it's their fault because they it's my right my right my right my right my [unintelligible warble to cutoff]

Many More (0)

Anonymous Coward | more than 4 years ago | (#27845671)

Is Slashdot's "Many More" feature annoying anyone else? I want to see all the stories that make it to the front page, not a select few.

Where do I turn it off?

!= Libertarianism (1)

jasonditz (597385) | more than 4 years ago | (#27845685)

State subsidies for antivirus programs are going to have all sorts of unforeseen and undesirable consequences. Beyond the whole spending money they don't have thing, virii are predominantly a Windows problem.

By making anti-virus software a matter of public policy, the government will be encouraging people to use Windows ahead of alternatives, whose achilles heels are not being masked by government action. PSAs about the efficacy of free anti-virus programs is also going to further the illusion that Windows is (or at least can be made) a safe experience.

The only safe Windows experience is abstinence, and we don't need DC telling our kids otherwise.

Anti-virus, anti-malware, anti-... (4, Insightful)

knarf (34928) | more than 4 years ago | (#27845687)

OK, here's a comparison to chew on:

You are getting overweight, feeling wheezy, have bad breath and sometimes feel like your heart is beating irregularly. Feeling uncomfortable with these facts and symptoms you consult a doctor. After a short conversation you tell the doctor that you eat out at McDonalds every day.

Now the roads diverge:

scenario A)

The doctor tells you that you should take a diet pill every day, should use mint drops to cover your bad breath, should come back once per month to have your heart checked and get someone to assist you when you feel wheezy.

scenario B)

The doctor tells you that eating at McDonalds every day does tend to do these things to people. A burger every now and then does not do harm but if you only eat burgers you tend to develop these problems. He tells you about alternatives to McDonalds where more healthy food is served, advises you to cook a meal for yourself once per week, to get some exercise and to quit frequenting McDonalds.

Which doctor would you rather have?

And if your answer is 'A', then would you want the government to sponsor diet pills and mint drops as well?

If there is a cure for the disease then why only treat the symptoms?

Re:Anti-virus, anti-malware, anti-... (1)

PoliticalGamer (1548891) | more than 4 years ago | (#27845971)

The difference between this and anti-virus software is that not owning anti-virus software hurts other people, being fat and unhealthy does not (or at least not as directly). I would not want the government to sponsor diet pills for this reason; it only helps fat people who are taking the pill. However, anti-virus software helps everyone.

Re:Anti-virus, anti-malware, anti-... (0)

Anonymous Coward | more than 4 years ago | (#27845981)

Now the roads diverge:

I don't understand. Where's the car?

Huh? What do you mean by this is not a car analogy?

National Security Threat (2, Interesting)

longrangebunnykiller (1517193) | more than 4 years ago | (#27845737)

More generally, I think that government-funded action to encourage better computer security is something that has not been given enough consideration.

Although I'm no fan of AV s/w - I completely agree. At what point does a T-1 connected grandma become an officially recognized threat to national security? The U.S. at least, seems about one attack shy (using history as a guide) of such a designation...

Government purchase options (1)

RichMan (8097) | more than 4 years ago | (#27845739)

If the governments would refuse to buy insecure software then the software makers would have a big reason to make their systems secure.

The government needs to lead not push the people.

The government requirements would create a secure purchase option which people could select.

profiteering (4, Interesting)

bcrowell (177657) | more than 4 years ago | (#27845761)

One big problem with this proposal is profiteering. Any time government offers to inject some money into the private sector, powerful commercial interests will line up to feed at the public trough. We saw it in the Iraq war, with Halliburton. We're seeing it with banks that are gaming the federal bailout system, maneuvering so that they can be subsidized without accountability. And it's always the most politically well connected private interests that are able to play this game successfully, e.g., it sure didn't hurt that Halliburton was in bed with Dick Cheney. So if this proposal were enacted, I predict that Symantec, for instance, would make out like bandits, while zero money would flow to ClamAV

Another problem is that this kind of thing takes on its own momentum, and tends to continue indefinitely long after its justification is gone. We've seen this with farm subsidies, which were meant as an emergency measure to try to help family farms survive the Great Depression. Now it's just a subsidy to agribusiness. As far as antivirus software, IMO it's already long outlived its usefulness; it's become a kind of snake oil, a kind of difficult-to-remove malware in and of itself, used by people would would rather pay $40 for a bandaid rather than taking proper security precautions.

And yet another problem is that this kind of thing subsidizes dumb behavior. In the case of antivirus software, it subsidizes MS's poor design of its operating system, which makes it more vulnerable to viruses than MacOS or Linux. It also subsidizes dumb behavior by users who click on executable email attachments from strangers.

As far as the economic justification, I don't buy it for a second. Since I don't run Windows, I don't suffer a lot of direct negative economic effects from viruses. The effects I do suffer are small and indirect. Mostly I get a negative effect because I get spam from botnets. However, I don't believe for one second that increasing adoption of antivirus software by some percentage will have any significant effect on the amount of spam I get from botnets.

What an idiot (1)

geekoid (135745) | more than 4 years ago | (#27845767)

First off, pretty much every average users PC has cmoe with AV software for years. IT ahsn't helped.

Guess what? it will never help. Even the bast AV software is weak sauce.

No, people need a hardware solution built into there net card. One the checks for unwanted behavior..perferable with jumper setting. Yeah, you read that right, jumper settings. Make them have to do something besides clicks a few lying links or buttons to turn off the physical security.

That's how to lock down bots.

You can also have it do the virus and trojan scan on the way in.

The only thing the government would help on in this issue is education.

I have never had a virus on a computer I have owned that I didn't write.*

Why? wise use of hardware and computer sense.
I ahve a wife and two young kids.
They are all educated on what not to do.

I don't think this is the problem people scream about.

*I did security work

Re:What an idiot (0)

Anonymous Coward | more than 4 years ago | (#27845941)

Do you not see the contradiction?

First off, pretty much every average users PC has cmoe with AV software for years. IT ahsn't helped.

Guess what? it will never help. Even the bast AV software is weak sauce.

So far so good.

No, people need a hardware solution built into there [sic] net card. One the checks for unwanted behavior..perferable with jumper setting.

Why would this work better? Because people can't turn it off? Your assertion, then, is that AV software doesn't work because people disable it?

While that may be true, AV software doesn't work for many better reasons.

Oh and as far as:

I have never had a virus on a computer I have owned that I didn't write.*

How would you know if you had?

would you trust them? (1)

FudRucker (866063) | more than 4 years ago | (#27845771)

while i do agree with the early posters suggesting making OSs to be secure and impervious to viruses and other misc. malware and trojans, but knowing the governments track record of poking their nose in to places it does not belong = invasion of privacy when its not warranted i would prefer to use an OS that is not vulnerable to the virus du jour.

Where in the hell is this a function of government (1)

Shivetya (243324) | more than 4 years ago | (#27845805)

I am so tired of people doing whatever they can to justify the newest benefit to themselves or others they feel need help.

Two issues.

IT IS NOT YOUR MONEY.

Where in the hell is it in the Constitution that this is a function of government.

That is the problem with people today. Anyone can find a justification for their piece of someone else's pie. Get it ? Your demanding that other people's money be spent on a problem you perceive.

And people wonder how we end up with trillion dollar deficits. Not only is the public full of ignorant greedy people so is the government

Acutal government tax cost? (0)

Anonymous Coward | more than 4 years ago | (#27845827)

While I don't disagree with the value of spreading anti-virus software; I would be concerned that if the government thought it needed, say $5 per user, it would actually need $10-$15 to cover the overhead, then seeing this as a chance to raise more taxes, would add another $30.

Gah... (1)

yoshi_mon (172895) | more than 4 years ago | (#27845855)

MS was found guilty of abusing their monopoly in the OS market because they 'integrated' IE the system.

Yet for years we have had to deal with the consequence of that because of any value was done because of it.

Telling people that they need to go spend more money on software seems to really be missing the point.

Let ISP's do it (1)

PoliticalGamer (1548891) | more than 4 years ago | (#27845887)

Many ISP's also provide cable. They could easily advertise free anti-virus in order to provide benefits to their own users. Actually, many already do this. A number of ISP's provide free anti-virus upon signing up

People are lazy, don't care, and don't think (1)

Maarek Stele (7770) | more than 4 years ago | (#27846001)

it won't happen to them.
And others frankly just don't know.
that's why none of this happens. Also, anti-virus programs expire. people also don't know about the free ones.

So put it this way.

It's survival of the Fittest... even for computer owners.

Stupid liberalism (0)

Anonymous Coward | more than 4 years ago | (#27846003)

You don't subsidize ads for anti-virus software.

You subsidize computer repair services. Services that are provided locally, by local techs who pay local taxes and provide local jobs.

And we should start breaking some windows like the Chinese are doing. During the next census simply inventory the household computers and declare them obsolete. Require that each household be forced upgrade 75% of their machines within 60 days.

Alternative Protection? (1)

blcamp (211756) | more than 4 years ago | (#27846027)

Oookkkaaayyy... where can I get software that can protect me from an overbearing and overreaching government?

(I love this nation, but will never, ever, put my faith and/or trust in any government.)

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...