Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

PEBKAC Still Plagues PC Security

ScuttleMonkey posted more than 6 years ago | from the you-can't-fix-stupid dept.

300

Billosaur writes "ARS Technica is reporting on a study release by McAfee and the National Cyber Security Alliance (as part of the beginning of National Cyber Security Awareness Month) that suggests when it comes to PC security, the problem between the keyboard and the chair is even worse. PEBKAC has always been a problem, but the study highlights just how prevalent it has become. 87 percent of the users contacted said they used anti-virus software, while 70 percent use anti-spyware software. Fewer (64 percent) reported having their firewalls turned on, and only 27 percent use software designed to stop phishing attempts. Researchers were allowed to scan the computers of a subset of the users, and while 70 percent claimed to be using anti-spyware software, only 55 percent of the machines of those users scanned showed evidence of the software."

cancel ×

300 comments

And the solution is... (5, Interesting)

It doesn't come easy (695416) | more than 6 years ago | (#20844233)

I use Avast free home edition anti-virus program and that's it. No firewall (and I turn off the "firewall" that comes with XP) and no anti-spyware programs. And in more than 3 years I have had zero malware of any sort on my computers running XP.

The secret of my success is that I also don't use Internet Explorer (except for the Windows Update website, cause Microsoft makes me). That one step protects me from >95% of the malware. The other 5% is handled by Avast and Firefox. And I don't download and install "free" programs and games.

Boycott Internet Explorer (and all of the loss of security, privacy, and control of your own computer that goes with it), use Firefox and a good anti-virus program, and don't do stupid things on the net and you're golden.

Re:And the solution is... (1)

someone1234 (830754) | more than 6 years ago | (#20844257)

How do you handle your mail?
Do you ever visit unknown sites with animations, pdf etc?

Re:And the solution is... (1)

It doesn't come easy (695416) | more than 6 years ago | (#20844387)

The thing is, I have a good set of plugins installed in Firefox that checks a lot of things with web sites. For example, I run NoScript, which checks quite a few things about a web site these days. And I use AdBlock Plus. And so on. And I have a private email account, not a free one from Yahoo or anyone else. Not to say I don't use Yahoo every now and then but it is always a throw-away account and it is rare that I do that.

Are you sure? (4, Insightful)

winkydink (650484) | more than 6 years ago | (#20844277)

...And in more than 3 years I have had zero malware of any sort on my computers running XP.

That you know of. A lot of zombie-related malware is intended to be very stealthy.

Re:Are you sure? (3, Interesting)

garcia (6573) | more than 6 years ago | (#20844323)

That you know of. A lot of zombie-related malware is intended to be very stealthy.

They aren't stealthy enough to go through a logged firewall w/o being missed. IMHO, that's the best defense to any network -- paying attention to what the fuck is going on with your connection.

Re:Are you sure? (1)

winkydink (650484) | more than 6 years ago | (#20844607)

But the OP said he didn't use a firewall, just Avast.

Re:Are you sure? (1)

It doesn't come easy (695416) | more than 6 years ago | (#20844335)

I periodically monitor traffic on my home network and all the traffic I see is explained.

Re:Are you sure? (5, Insightful)

Rycross (836649) | more than 6 years ago | (#20844357)

Yeah, and there could be a huge Linux virus epidemic. Its just stealthy enough that its not being detected! Seriously, its become standard to retort to claims of malware free with Windows with "Nuh uh! You probably just don't know you have it!" which is stupid if only for the reason that such a claim isn't reasonably falsifiable. I know that a lot of malware is designed to be stealthy, but a lot of computer professionals know how to root this stuff out, and theres no reason to think that the grandparent is not capable of detecting it.

I've never been infected by malware. And I have confirmed this every time I've been challenged on that point. Doesn't stop people comming out and saying that I really am infected, I just can't detect it.

Re:Are you sure? (2, Insightful)

webmaster404 (1148909) | more than 6 years ago | (#20844487)

No, there won't be a major Linux malware epidemic. For these reasons:

1. The average user won't be running as root so when you are there, theres nothing you can mess up enough to make the system unusable
2. Linux was designed with the Internet in mind, Windows wasn't, for example, binary files must be flagged to execute them before they execute making it nearly impossible for you to just "visit a webpage" and be infected
3. The code is open and more people will be finding out security flaws before crackers do, also there are faster patches then Windows and you can patch it yourself.
4. There are enough differences to make there be just about impossible to make a script to infect the core portions such as there are many different web browsers, lynx, elinks, Firefox, Konqueror, Galeon.... and many programs can run in non-interactive mode making hiding malware harder.
5. The base of developers grows proportional to the base of users, where as MS has to hire more people, Linux programmers don't need to get paid and can be from ANY country, ANY age, ANY religion etc. to contribute code.

So no, there is little threat of malware in Linux the way it is in Windows.

Re:Are you sure? (4, Insightful)

Rycross (836649) | more than 6 years ago | (#20844599)

You need to work on your reading comprehension. I wasn't claiming that Linux was vulnerable. I'm saying its assanine to respond to someone claiming to be malware free by saying "No, you just don't realize you're infected."

I mean, go on, prove to me right now, without a doubt, that your Linux box is not infected by some rare virus that people haven't seen and don't know how to detect. And just to head you off, claiming "Linux doesn't have viruses" isn't a valid response. After all, maybe you're one of the lucky first people to be infected, and you just don't know it yet! See how convenient this is? You can't prove that you DON'T have a virus short of taking a dump of the bits on the physical platter and doing a diff.

Theres ways to be reasonably sure (as in, 99.999999%). There's no reason to believe that the poster that started the thread was not able to be reasonably sure.

But since you brought this up, tell me how you're going to prevent "Dear stupid user, please install this trojan as root to get your free cursors!" without taking control of the user's own computer away from him or her. You do realize thats how a lot of Windows malware is getting out there right now, don't you?

Oh and just so you know, there are trojans out there for Linux. One of the systems at my old job was cracked. Luckily the admin noticed that someone was trying to get a rootkit on his system. These cracks often involve software installed on the Linux system with incorrect security settings, as I believe was the case here. But thats the point: the security of the system ultimately falls upon the user not doing stupid things, which is impossible to guarantee without taking control of the computer away from said user.

Re:Are you sure? (3, Informative)

kwark (512736) | more than 6 years ago | (#20845297)

You are wrong on some points

1. you don't need to be root to cause trouble to others.
2. the executable flag doesn't control if things are runnable:
$ gcc -o hello ./hello.c
$ chmod a-x ./hello
$ /lib/ld-2.3.6.so ./hello
Hello World!
3. maybe.
4. we are talking about PEBKAC here, it involves some social engineering to get
5. I personally doubt it, the more mainstream linux becomes, the relative number of developers among them will drop.

But I hope you are right (maybe I'm just pessimistic).

Re:Are you sure? (2, Interesting)

winkydink (650484) | more than 6 years ago | (#20844659)

Storm has, by some estimates, infected over 10 million machines. Vint Cerf, speaking at the World Economic Forum, estimated that as many as 25% of all computers on the internet are infected. How many of those do you think are running a/v? How many of the users of those infected machines that have a/v actually think they are infected?

I've sat at a conference of computer security researchers where it was discovered that one of the attendees was infected. So, it can happen to the best and brightest too.

Re:Are you sure? (4, Insightful)

Rycross (836649) | more than 6 years ago | (#20844713)

It can, but if that attendee actually bothered to look for malware, do you think he would have been unable to find it?

The point is that theres no reasonable response to "You may have malware, but you just can't detect it." I mean, if we posit the existence of undetectable malware, or at least malware undetectable by the poster, then what you have asserted is nearly impossible to disprove. Its simply lazy to respond to "I don't have any malware," with "You do, you just don't know it." Its like saying "Nuh uh! I WIN!"

If the above poster has actively looked for malware and has not found any, then its reasonable to assume he is not infected, unless you can prove otherwise.

Re:Are you sure? (4, Interesting)

suv4x4 (956391) | more than 6 years ago | (#20844711)

Seriously, its become standard to retort to claims of malware free with Windows with "Nuh uh! You probably just don't know you have it!" which is stupid if only for the reason that such a claim isn't reasonably falsifiable.

It may be stupid but it's not wrong. I'm a developer and the kind of guy who sets his firewall as limited as possible, has anti-virus on, doesn't download "Free Smileys!!!" software, and in fact I'm very careful about doing things on my computer that may affect my security.

I thought I was clean, I looked clean, and the PC worked like clean. Until one day I the anti-virus detected a popular keylogger installed on my system (4 years ago). That was on top of that during a full-drive scan, not resident alert, who knows for how long was this thing running, and where it came from.

Bottom line is, the infection status isn't something easy to assess, especially if you're not very experienced in the area and especially if you consider that you're virus free by default.

The only way to not push your luck is know what you're doing, and turning your firewall off deliberately is equivalent to not knowing what you're doing.

If you ask me now, since I wiped my disk twice, and changed all my passwords and reinstalled everything since, am I virus free? I'll tell you yes.. but I'll NEVER be 100% sure in my answer, since I could easily be wrong.

It's not different on a Linux server by the way, so this is not a Windows vs Linux argument AT ALL.

Re:Are you sure? (2, Insightful)

Rycross (836649) | more than 6 years ago | (#20844753)

But you did detect it, when you bothered to scan your machine. Theres always the chance that if you run a full scan against your OS and come up clean, that there is some undetected malware there. But is it reasonable to assume that?

#1: I'm malware free.
#2: No you're not, you just don't notice it.
#1: Well, I rebooted into safe-mode, ran two anti-virus scans, some rootkit detectors, spy-ware detectors... all came up negative. My harwdware firewall shows no abnormal traffic...
#2: Maybe the virus also infected your firewall and hides itself from the scanners! Theres no way to know!

I mean, at what point is it reasonable to say that a computer is likely clean, or most assuredly clean?

Re:Are you sure? (2, Insightful)

suv4x4 (956391) | more than 6 years ago | (#20844923)

This is a complex system. It's never so perfectly running so you can claim "everything is all right so I'm clean" today.

Why is my disk spinning all the time? May it be malware? Oh yes, the indexer is doing this...
Why are my apps starting slow? May it be malware? No, after drfragmenting they start faster again... or is the malware now inactive?
What are those connections in my netstats? Well just about 40 apps I have which all absolutely need to phone home for updates, latest news, patches, and god knows what else. Did I verify each single one of those? What if I missed a tiny little trojan mailing my passwords somewhere in China?

Same with rootkit revealers: they reveal suspected entries, and have false negatives, and false positives. you can never be quite sure. I've ran Mark russinovich's rootkit revealer (and still do from time to time) and there are always a bunch of entries that show up on my system.

However looking up on the Internet it turns out all of those are legitimate... But what if the rootkit author uses weaknesses in legitimate software to hide his OWN malicious activites in the same exact locations?

So, all in all, this is why I can't say 100% I'm virus free. I just do everything I'm supposed to do to stay virus free. Guarantees are impossible on either sufficiently complex system.

You know, "any sufficiently complex technology shall be regarded as magic"...

Re:Are you sure? (3, Insightful)

garnetlion (786722) | more than 6 years ago | (#20845165)

its become standard to retort to claims of malware free with Windows with "Nuh uh! You probably just don't know you have it!"

That's because it's become standard for lusers to waltz into tech support with claims of "Nuh uh! I don't have any malware on my machine!" then be proven wrong about 3 seconds into a Spybot scan. I'm not saying you do, but it's a claim I've heard enough times not to take at face value.

Re:Are you sure? (2, Interesting)

Brigadier (12956) | more than 6 years ago | (#20844455)



this is the truth. At my company we are considering going back to cloned drives that get re-cloned once a month. even with spybot,windows defender, company firewall, and f-secure people still get infected.

Re:Are you sure? (1)

It doesn't come easy (695416) | more than 6 years ago | (#20844675)

Two things your company could do. First use Firefox not IE. Second, don't use Outlook (I bet your company uses Outlook for mail and calendering). I have to admit that Outlook is the best mail program for integrating with Microsoft products but it is also a primary vector for malware. If you move your office apps off of Microsoft products, your malware problems will go away. You heard it here first.

Re:Are you sure? (1)

daeg (828071) | more than 6 years ago | (#20844765)

I do this and it's great. While not on a set schedule, I randomly re-image drives after hours. I back up the drive first because there is inevitibly some file someone misplaced where they shouldn't have. They love me for getting a "brand new" computer. And then buy me free lunch when I painstakingly [read: easily] type a few cp commands to pull their file off the backup. It takes hours of my time [read: about 30 seconds] to rescue that Powerpoint file they just HAVE to have.

Re:And the solution is... (1)

TheReaperD (937405) | more than 6 years ago | (#20844329)

"and don't do stupid things on the net"

Well, shucks, that leaves out 95%+ of my user base. Any more ideas?

The hardest part about being in IT is trying to protect users (and our systems) from themselves. And they tend to get pissy if you block ActiveX scripts in their Outlook because they NEED to have those *cute* animated smiley faces. *sigh*

OS design is *still* in its infancy (2, Insightful)

Alwin Henseler (640539) | more than 6 years ago | (#20845057)

The hardest part about being in IT is trying to protect users (and our systems) from themselves.

There's a number of separate issues here:

1) IMHO, it's impossible to protect users from messing with their own data, IF you want to make systems useful. A good option could be a versioned filesystem on a remote server (outside direct control of the user), where old versions of his/her files could always be retrieved. Without that, a user that says: "delete file XYZ on my local drive" will just do so, regardless of whether that was the intended or sensible thing to do.

2) It's next to impossible to make the complex software systems of today 100% bug-free. So you always have the chance that some program fucks up (remotely triggered, on purpose or otherwise), and screws up user data. A sensible (automated?) backup strategy should protect you from this one though.

3) And then there's the OS kernel, core libraries, hardware drivers, bootup files etc. This should be the easiest part IMO. It should be possible to have systems where users can fuck up their own data, and sometimes get hit by crappy/malicious programs, but where the base of the system remains functional and reliable, regardless what happens to everything running on top of it. When I consider it's about 25 years ago I first got familiar with the concept of a personal computer, I am really *AMAZED* the IT industry hasn't even reached this point. Is it really *THAT* hard to design software systems where users can add & remove 3rd party packages or update non-essential components, without endangering the core functionality of the system? That's not a user friendliness vs. security, but an overall system design issue.

My Theory: XP can work, but not with kids (4, Interesting)

spagetti_code (773137) | more than 6 years ago | (#20844407)

Similar here, but I've run XP, *no* AV, *no* anti-spyware etc for 4 years. I do have a firewall/wireless hub for the house. I browse with Firefox only, and thats kept up to date and has Adblock and NoScript. My mail is scanned (although quite a few nasties sneak through).

My wife is computer illiterate, but she knows she's only supposed to open a small set of attachments and sees me about the rest. She knows not to open anything she doesn't recognize.

4 years, no viruses/spyware etc. I've tried a couple of those online scans and they came up clean.

However, now the kids are starting to use the PC.... I've switched to Ubuntu. I not convinced I can set up an XP machine that can't be infected by them.

That switch was a *major* pain. Switching MSmoney to gnucash, losing Photoshop, copying outlook mail history to evolution, loss of PDA syncing, blah blah blah.

Re:My Theory: XP can work, but not with kids (1)

It doesn't come easy (695416) | more than 6 years ago | (#20844559)

I see we are like-minded :). I have (literally) tried for years to get my wireless card working in Linux on my old laptop that just died and never succeeded and so never switched it to Linux (because having a laptop that can't do wireless seems like an affront to nature to me). If you look back at some of my older Slashdot posts, you'll see a few rants and raves about it. Forced to replace my laptop, I was also forced to buy the "OS" Microsoft calls Vista; however, this time I made sure to get hardware that will run Linux and in a few short weeks (when I can find the time) I'll be switching the new laptop to Ubuntu as well. Woohoo.

Re:My Theory: XP can work, but not with kids (1)

suv4x4 (956391) | more than 6 years ago | (#20844629)


However, now the kids are starting to use the PC.... I've switched to Ubuntu. I not convinced I can set up an XP machine that can't be infected by them.


You could've tried installing a good firewall (ZoneAlarm isn't exactly the most efficient one, but it's easy to use and free), and dropping to a non-admin account.

By definition, you can't infect system files in non-admin mode. Some software may not run, or not run properly, but I'd give that a shot, since you can't run any of your Windows software *at all* under Ubuntu anyway.

Also remember: Firefox doesn't make it always safe, can you open WMV in Firefox? Well guess what, WMP can open pages with suitable parameters. And those pages will open in an embedded IE inside the player, INSIDE Firefox. Same applies to many other media players, IM-s like ICQ and Skype, and so on.

Re:My Theory: XP can work, but not with kids (1)

Rycross (836649) | more than 6 years ago | (#20844677)

By definition, you can't infect system files in non-admin mode.

Sure you can, if you combine your malware with an elevation of privileges exploit.

Re:My Theory: XP can work, but not with kids (4, Insightful)

suv4x4 (956391) | more than 6 years ago | (#20844799)

Sure you can, if you combine your malware with an elevation of privileges exploit.

Since 99% of Windows XP-s out there run in admin mode all the time, I'm pretty sure none of them is particularly well doing in the privileges exploit area.

Also this is the user level. Getting privileges higher than the current user isn't so trivial to exploit, since typically the entire browser will run at that level, including any add-ons and plugins. You do need to exploit an app running under admin, and if there's no such, you can't exploit anything.

Re:My Theory: XP can work, but not with kids (1)

spagetti_code (773137) | more than 6 years ago | (#20844785)

By definition, you can't infect system files in non-admin mode
Running as a non-admin certainly does reduce the chance for an infection, but I still can't convince myself that they can't download something that could infect something. Good comments about Firefox vulnerabilities though. Thanks.

Re:And the solution is... (1)

BigDogCH (760290) | more than 6 years ago | (#20844469)

"use Avast free home edition anti-virus program and that's it. No firewall (and I turn off the "firewall" that comes with XP) and no anti-spyware programs. And in more than 3 years I have had zero malware of any sort on my computers running XP. "

I believe the opposite to be more useful, but to each their own.......... No anti-virus, no windows patches. Instead, run a strict firewall, use software you trust, and use your machine as a limited user whenever possible (though XP does make this difficult).

If you strictly control your network, and the software running on your PC (especially don't use IE or Outlook, be sure to use strict rules in whatever browser you use), you should be fine. In an entire lifetime of this, I have only had one virus/spyware problem.....from a user inserted a boot-sector infected floppy into an my windows 95 machine.

Personally, I have had more problems with windows updates than anything else.

Re:And the solution is... (1)

It doesn't come easy (695416) | more than 6 years ago | (#20844623)

no windows patches

It's interesting you should mention this. Lately, I get this feeling of dread every time I let my computer check for updates (it's on manual update, something else I always recommend). It always crosses my mind that the computer may not start back up after installing the latest Microsoft patches. Doesn't that make you feel gooooood all over....

Re:And the solution is... (1)

Dmala (752610) | more than 6 years ago | (#20845291)

I do pretty much the same, although I tend to install most of the updates, and I don't have the patience to run XP as a limited user. I've always had my boxes behind a Linux-based or hardware firewall.

I've never been hit by a virus, and I've been hit by spyware only once. Sadly, it was entirely my fault. I had switched over to IE to view a site that wasn't rendering in Mozilla (first mistake) and a popup appeared asking if I wanted to run an ActiveX control. I reached for "Cancel" but somehow hit "OK" (alcohol may have been involved). It took me almost four solid hours to rip that little fucker out completely. Needless to say, on the rare occasions when I run IE, I'm much more careful.

Re:And the solution is... (1)

jgarra23 (1109651) | more than 6 years ago | (#20844579)

Noscript [noscript.net] Is a great plugin for Firefox in this case as well. I too have never used a firewall or anything else except for Firefox & Avast & I've had no problems whatsoever.

Unfortunately a little common sense goes a long way and most people have even less (common sense) than that.

Re:And the solution is... (1)

cp.tar (871488) | more than 6 years ago | (#20844831)

Unfortunately a little common sense goes a long way and most people have even less (common sense) than that.

As I read the summary, the very same thing crossed my mind.

Well, duh, I don't run any software to detect phishing attempts for me. Am I any more at risk?

Of course I'm not; I can very well detect them on my own.

Besides, what would running such software prove? Would I somehow be miraculously unable to be terminally stupid?

Re:And the solution is... (1)

earnest murderer (888716) | more than 6 years ago | (#20844651)

And I don't download and install "free" programs and games.
I think this is the real reason you don't have trouble.

I haven't had a virus "hit" since about 1995, sent to me on a floppy disc via my employer (word macro virus). But then I live behind a router, update whenever MS tells me too and avoid seedy places on the net. I used firefox for a long while but have gone back to IE (a debate for a later time). Updating when MS wants to is a big part of that. Most of the exploits out there had long been patched by the time they hit the front page. The rest, since I know better than to visit freenaked.sluts.sl0283nhdhs.2893.ebay.ru haven't ever been a problem.

I've not bothered to even put AV software on my vista box (not used for work), all I use it for is playing games and "safe" activities. I think, really, that that is the number 1 anti virus tool. If I want to see pictures of Anna Kournikova naked I'll check out the stileproject forums.

Re:And the solution is... (1)

It doesn't come easy (695416) | more than 6 years ago | (#20844729)

No doubt not installing the adware laden free programs helps a lot. However, I sometimes deliberately click a link that I know to be malware to see what will happen and (most of the time) it simply fails to do anything because it can't start one of the OS included ActiveX controls. The other times (usually a download) Avast catches it or I'm smart enough not to run that EXE file. And of course I have the file extensions displayed (hiding "known" file extensions is another stupid Windows trick that I always turn off). The protection comes from the fact that Firefox doesn't do ActiveX (at least not without a plugin).

excuse me? (1)

QuantumG (50515) | more than 6 years ago | (#20844695)

zero malware of any sort on my computers running XP.
How can you make that claim? Because you haven't noticed it?

Use Free Software. Re:And the solution is.. WRONG. (0, Flamebait)

Erris (531066) | more than 6 years ago | (#20844865)

That you have to know such details is evidence of the complete security failure of non free software vendors [slashdot.org] .

Worse, you are wrong. You can avoid IE because it's embedded in many applications and it's far from the only hole you need to worry about. In most tests [slashdot.org] there is no operator, just a default install plugged to the net.

Free software is not perfect but it's much better than windows. While windows takes 12 minutes on average to become part of someone's botnet, GNU/Linux systems typically take months. Even if this is only due to the "popularity effect" it's not likely to change because there are so many different GNU/Linux distributions that vary build options and order of software load. GNU/Linux will never be the kind of easy monoculture target that Windoze is and it's users will always be better off.

Re:And the solution is... (2, Insightful)

dc29A (636871) | more than 6 years ago | (#20844921)

The secret sauce is to not run Windows as administrator. You don't even need anti virus programs.

(1) Don't run Windows as administrator. This is the most important thing you can do to secure your Windows PC.
(2) Use Firefox or Opera, if FF, use AdBlock+ and NoScript addons.
(3) Use common sense. If you "Click here to win 20000$" sounds too good to be true. Yup, it is probably an invitation for malware.
(4) Avoid downloading awesomevideo.exe when surfing for pr0n (or cracks/serials). In fact, treat every executable you download as a virus. Use a VM to test them. Free virtualization is available and is easy to use.
(5) Use a router with built-in firewall (most have it anyways).
(6) If you are really paranoid, do your surfing inside a VM.

Re:And the solution is... (3, Insightful)

jon_joy_1999 (946738) | more than 6 years ago | (#20844989)

I find that most users who are the opposite of you (I have one friend who doesn't even have any of the XP service packs installed) don't understand computers, the internet, or other humans, because they "have better things to do" like posting on myspace, or txtng there frenz mang. the one without any of the service packs installed gave me her computer to fix. I counted at least three popup advertising programs, and one virus with just the task manager. I downloaded SBS&D and found 67 other problems. they were mainly from "free" screensavers and those stupid internet exploder toolbars. I told her that the internet is like downtown san francisco: if someone is offering you a rolex watch for free, chances are it isn't a rolex, or it isn't free

Re:And the solution is... (1)

pilgrim23 (716938) | more than 6 years ago | (#20845041)

I see one major issue; The internet is a interlink of many computers of many makes and types... One vendor's software on that mesh of machines was designed from the get-go without thought one of security. One vendor. Unfortunately, that vendor is the major software vendor of the world in terms of machines using their product. Regardless; if that vendor was either removed from the Net or, made financially libel for damages to other computers on that net caused by their negligence, me thinks this issue would resolve somewhat quicker.

Frisson pews (2, Funny)

Helen Keller (842669) | more than 6 years ago | (#20844239)

GnmmmehfriSTTGnn!

PIBTCAMVTT (1, Insightful)

Anonymous Coward | more than 6 years ago | (#20844243)

The problem is between the computer and Microsoft via the tubes.

Not just microsoft... (1)

SuperBanana (662181) | more than 6 years ago | (#20844611)

The problem is between the computer and Microsoft via the tubes.

Bullshit; it's not just Microsoft. A long-standing complaint of mine about Apple Mail is that it does not show the true URL in an HTML email via tooltips or any other method. The only way the user has to see the URL is to copy it, then manually paste it into the address bar in Safari or Firefox. So, "Click here to login to your account" is impossible to verify without extra work.

It'd take one engineer about 10 minutes to code in such a display, and they can't be bothered. But OH BOY, in Leopard, I'll get fancy pre-formatted emails to use for sending vacation photos!

Similarly, for all the fuss about how secure and better Ubuntu is, you have to recompile Netatalk with custom options (and the instructions provided don't work) to enable secure login. Why? Because of OpenSSL/GPL licensing issues that have existed for several years. Has anyone bothered to rewrite the hundred or so lines of Netatalk code to use GnuTLS instead? Nope!

PS: For those of you about to tell me "use samba", Netatalk handily outperforms samba and supports full MacOS filenames.

Survival of the fittest? (1)

karlto (883425) | more than 6 years ago | (#20845253)

Does it strike anyone else here as strange that the user is blamed for the virus/spyware/phishing? The user didn't create the problem, so PEBKAC is false. These numbers merely report how many of the poor sods aren't capable of defending themselves against the attacks of those with questionable moral fibre. Now not only are these users having difficulty with using their computers, they are being blamed for the actions of those causing the trouble.

Amazing! (0)

Anonymous Coward | more than 6 years ago | (#20844245)

Researchers were allowed to scan the computers of a subset of the users
Extremely remarkable that 55 percent of the people dumb enough to let some random person come in and run stuff on their computer actually had an antivirus installed (admittedly, it was probably installed by some other person they let screw with the computer).

Can I get a "Well DUH!" (5, Insightful)

Chas (5144) | more than 6 years ago | (#20844307)

Nothing is ever, EVER going to be idiot-proof.

Because idiots are both highly prolific and highly creative.

Unless the world standardizes on a single platform, and never, EVER changes it again, this is always going to happen.

It's a matter of "that's not how I learned it" or "I never learned it", and they wind up making the systems do things they aren't supposed to.

It does, however, go to show you that even hordes of security professionals can't be collectively omniscient.

As always, "security" is a PROCESS, not an endpoint, not a product.

Re:Can I get a "Well DUH!" (1)

s20451 (410424) | more than 6 years ago | (#20844403)

On the other hand, we could solve this problem tomorrow by forbidding any user-installed or user-downloaded program to run with root privileges. The rest of the security problem would be solved by having all software digitally hashed and signed by its author, and verified by some trusted third party. Unfortunately this would put an end to hacking and Free software. So as long as unqualified amateurs can run arbitrary code, we will have this problem. It's kind of a corollary to Murphy's law.

My personal opinion is that the day is coming when software development will be restricted to professionals with qualifications. I will go further and predict that, within the next 10 years, a spectacular electronic attack will occur that will cost lives, disrupt the internet, and significantly damage the economy. After that, the call to professionalize the software industry will be irresistible. The comparison will be made to medicine, law, or structural engineering, where it is illegal to practice without a license, since errors in those fields will harm the public.

Re:Can I get a "Well DUH!" (2, Insightful)

Chas (5144) | more than 6 years ago | (#20844587)

"On the other hand, we could solve this problem tomorrow by forbidding any user-installed or user-downloaded program to run with root privileges."

Pedestrian to a jumper on a ledge: "I forbid you to jump."

Jumper: Eeeeeeeeeeeeeeeeeeeeeeee! *SPLAT!*

You can forbid all you want.

You can codify it in corporate rules.

You can come up with all sorts of intricate technical controls to enforce it.

Some idiot is STILL going to find a way around it.

Re:Can I get a "Well DUH!" (1)

s20451 (410424) | more than 6 years ago | (#20844639)

Of course, what I mean is to forbid at a very low level in software or (preferably) in hardware. That is, the end user does not get the root password, ever. Only qualified professionals get the password. (And, before you take me too literally, the "root password" is also an analogy for a hard-core security model.)

it is not a user fault (4, Insightful)

siddesu (698447) | more than 6 years ago | (#20844495)

as computers have become more powerful and versatile and the software more complex, the average user has a choice -- either become a nerd who follows all news, and spends large portion of their time learning about new technologies, how they are integrated, what risks are there, etc.; or ignore the problems, _trust the vendors_ to mostly do the right thing, learn the part of the interface they care about and react if they get hit. it is just not realistic to expect a user to know a lot about computers, as it is unrealistic to expect that a sick person can successfully self-medicate themselves to health.

so, while the problem is between the chair and the keyboard, it is between the chair and the keyboard of the people who create the software, and not the people who use it. mostly.

Re:it is not a user fault (1)

Knara (9377) | more than 6 years ago | (#20844601)

become a nerd who follows all news, and spends large portion of their time learning about new technologies, how they are integrated, what risks are there, etc.

I endorse this choice, as it would lead to more dates for moi.

Re:it is not a user fault (1)

siddesu (698447) | more than 6 years ago | (#20844913)

lemme guess, you're dating that virtual 3D porn star at 0x8142d38?

Re:it is not a user fault (1)

Knara (9377) | more than 6 years ago | (#20845221)

A GentleNerd does not kiss and tell.

Re:it is not a user fault (0)

Anonymous Coward | more than 6 years ago | (#20844963)

Can I get an AMEN, brothers?!

Of course its the fault of the developer when stupid untrained idiots can't figure out how to operate their software! While we're at it, it's obviously the fault of car designers that their vehicles cannot be driven safely by a three-year-old, and the fault of university professors that not everyone understands quantum physics, and it's obviously the fault of God that the human body is too complex for a sick guy to self-medicate themselves back to health.

Can I get an AME... brothers? Hey! Wait! Where are you all going?!

BTW that last part is why your analogy blows up in your own face. People aren't expected to self-medicate themselves back to health, that's why we have trained doctors who undergo years of schooling and monitored practice before being allowed to run amok. Based on your own analogy you should have drawn the conclusion that users should be vigorously trained before being allowed to use computers unsupervised, not that developers should somehow make sometimes very complex tasks simpler so that any idiot can do it.

That, or God should have made the human body so simple any idiot can fix it.

Re:it is not a user fault (1)

siddesu (698447) | more than 6 years ago | (#20845101)

no, it is not the fault of the developer. it is, as it says there, mostly the fault of the vendor, the one who puts the steering wheel in the hands of the user. when cars are made, they undergo rigorous tests, because vendors have liability for bad products. software vendors, especially those who shell out shit to end users explicitly deny responsibility for faults of their products. the developer is rarely a vendor, and IMHO those developers who are also vendors are usually taking better care of their users than vendors who employ developers.

Re:Can I get a "Well DUH!" (1)

Watson Ladd (955755) | more than 6 years ago | (#20844633)

Capability based desktop is actually almost idiot proof.

Re:Can I get a "Well DUH!" (1)

proxy318 (944196) | more than 6 years ago | (#20845235)

"Nothing is foolproof to a sufficiently talented fool."

- Silvermoon's Law

I would say (1)

chuckymonkey (1059244) | more than 6 years ago | (#20844311)

that this really is not news to the crowd that hangs out here on /. We promote good security so much because we already know what the above mentioned article states. It is nice to have some numbers, although I'm always skeptical of "facts" on the interwebz.

human error (0, Offtopic)

User 956 (568564) | more than 6 years ago | (#20844327)

when it comes to PC security, the problem between the keyboard and the chair is even worse.

And the problems are magnified even more depending on what kind of chair you're using. [digg.com]

PEBKAC Combined with a Nightmare of an OS, Sheeple (4, Insightful)

Zombie Ryushu (803103) | more than 6 years ago | (#20844345)

If you combine PEBKAC with the nightmare OS that is Windows, you see the dark and terrible Hell that has been created. Granted, it is true that alot of people who use computers don't deserve them, but everyone feels they are entitled to them. Really, the majority of people haven't earned the right to use computers, because they have no discipline to do so. But they will anyway, because there is money to be made. Its like giving Guns to chimps.

I started on Tandy 1000 286s, and Commodore 64s, so I have that discipline, that experience, I learned how to walk before I ran, and ran before I flew. But that just isn't the way our world works.

Do realize that the actions these insecure people with irresponsible habits take affect the lives of millions of people through scams, and DoS attacks.

perfect business plan, yeah! (2, Funny)

Uksi (68751) | more than 6 years ago | (#20844499)

Can't wait for the "disciplined computer user" licenses, we can lock all those computer illiterate retards out!

Re:PEBKAC Combined with a Nightmare of an OS, Shee (0)

Anonymous Coward | more than 6 years ago | (#20844809)

This is so true, so very true

Re:PEBKAC Combined with a Nightmare of an OS, Shee (2, Insightful)

dc29A (636871) | more than 6 years ago | (#20845025)

the nightmare OS that is Windows
What's wrong with XP SP2 security wise? Or Vista? or Windows 2003 Server? Care to elaborate? No really, what is this big nightmare about Windows security post XP SP2?

Just because the users are stupid and run Windows as administrator, doesn't mean the OS itself is insecure [amazon.com] .

PS: I am posting this from my Kubuntu Feisty machine.

Re:PEBKAC Combined with a Nightmare of an OS, Shee (1)

Zombie Ryushu (803103) | more than 6 years ago | (#20845213)

I don't want to talk about that because I'm not the most qualified person in the area to comment on the issue. I have my perceptions, I'm probably going to shoot myself in the foot by proceeding further and embarrassing myself.

the blame game: pass the buck as always... (5, Insightful)

jdogalt (961241) | more than 6 years ago | (#20844353)

So let's see, it's not software that is broken and buggy, but rather the problem is the users that 'inadequately' act as an insanely complex added layer of security, managing a bunch of brain-numbingly-unrewarding security layers.

This article reeks to me of a security industry that is proactively trying to cover its ass, primarily because of the fact that the only reason they thrive is because microsoft 'needs' to keep it's source closed, and the public 'needs' an illusion of security.

Sorry, but I've recently gone through about my 5th runaround of giving selinux-Enforcing an honest try, and realizing yet again what an utter pile of useless shit it is (for the vast majority of Fedora users at least). (review my past comments which I won't argue over again... or just laugh as setroubleshootd tells you how the solution to your problem is to reboot and force a relabel... pulling in hardcoded path state from /etc/selinux/....)

Wake up and smell the insecurity folks and get used to it. Don't say anything within earshot of a mobile phone's mic that you wouldn't feel comfortable with any telecom employee overhearing... or anyone those employees might give network access to...

It's a brave new world. Don't give me this shit that the users are to blame.

Re:the blame game: pass the buck as always... (1)

porkThreeWays (895269) | more than 6 years ago | (#20844737)

Scoffing at the low number of users running anti-virus is misplaced. Anti-virus software gives a false sense of security. Real security is just being careful what you do. I've never run anti-virus software and my computer is fine. I know dozens of people who run it and get viruses constantly. I think the problem is assuming you actually need anti-virus software rather than the low number of users running it.

Where the error is found (0)

theatrecade (1080063) | more than 6 years ago | (#20844365)

The error can be found in the operating system please remove all traces of the virus called Microsoft anything. Install linux, Freebsd and then rtfm! You will see your intrusions drop to 0%

Interesting.... (1)

R00BYtheN00BY (1118945) | more than 6 years ago | (#20844367)

ARS Technica is reporting on a study release by McAfee and the National Cyber Security Alliance (as part of the beginning of National Cyber Security Awareness Month) that suggests when it comes to PC security, the problem between the keyboard and the chair is even worse. PEBKAC has always been a problem, but the study highlights just how prevalent it has become. 87 percent of the users contacted said they used anti-virus software, while 70 percent use anti-spyware software. Fewer (64 percent) reported having their firewalls turned on, and only 27 percent use software designed to stop phishing attempts. Researchers were allowed to scan the computers of a subset of the users, and while 70 percent claimed to be using anti-spyware software, only 55 percent of the machines of those users scanned showed evidence of the software.

This Slashvertisement rates a 4.2 out of 5 (5, Insightful)

xxxJonBoyxxx (565205) | more than 6 years ago | (#20844417)

...a study released by McAfee...87 percent of the users contacted said they used anti-virus software, while 70 percent use anti-spyware software. Fewer (64 percent) reported having their firewalls turned on, and only 27 percent use software designed to stop phishing attempts.


This Slashvertisement rates a 4.2 out of 5.

It caused many readers to wonder, "if McAfee has an all-in-one package that can handle all my anti-spyware, firewall, anti-virus and phishing needs?". However, McAfee was unable to get the actual product it was trying to pitch in its press release on Slashdot.

Well done (though not perfect) - another high-five to my those PR pros!

Re:This Slashvertisement rates a 4.2 out of 5 (2, Insightful)

Lumpy (12016) | more than 6 years ago | (#20845277)

But McAfee does do all that. by consuming 98% of your computers processing cycles and making every file operation go through 30 or more operations first, malware does not have any computing resources left over for them to run.

Wrong metric. (0)

Anonymous Coward | more than 6 years ago | (#20844423)

They're trying to suggest that AV installation rate suggests the users are incorrect...

But no AV protects against threats that don't fit their filter. Only the user is capable of detecting new threats, before signatures are updated.

Personally, I run no AV, or any other 'security' features on my Windows (gaming) boxes, and never have a problem. (Occasionally downloading a scanner if I suspect something.. only to discover an OS "feature" was the real issue.)

Their assertion is accurate - most of it likely is due to terrible users, but their metric is completely wrong.

Perhaps the real problem... (1)

Uksi (68751) | more than 6 years ago | (#20844435)

is that with our computers today, all that it takes a run-of-the-mill PEBKAC to screw things up.

One day, we'll look back at PC security of today and laugh at the crap one had to go through just to not have your typical PC go down in flames.

Just a thought.

PEBKAC? Why not PBKAC? (1)

httpamphibio.us (579491) | more than 6 years ago | (#20844437)

Anyone care to explain how this acronym works?

Re:PEBKAC? Why not PBKAC? (1)

Kaenneth (82978) | more than 6 years ago | (#20844483)

problem EXISTS between keyboard and chair

Re:PEBKAC? Why not PBKAC? (0)

Anonymous Coward | more than 6 years ago | (#20844551)

PEBKAC is English, whereas PBKAC is Slovakian.

Re:PEBKAC? Why not PBKAC? (1, Informative)

Anonymous Coward | more than 6 years ago | (#20844563)

Problem Exists Between Keyboard And Chair...

Re:PEBKAC? Why not PBKAC? (1)

phoebus1553 (522577) | more than 6 years ago | (#20844621)

Pick your poison:
Problem Exists ...
Possible Error ...
Probable Error ...

I'm sure you could come up with more, but those are the 'official' entries as I've heard them.

Re:PEBKAC? Why not PBKAC? (1)

locokamil (850008) | more than 6 years ago | (#20845129)

Problem exists between keyboard and chair

Bogus perspective (0)

Anonymous Coward | more than 6 years ago | (#20844453)

I love that we're blaming the security problems caused by crappy architecture and coding on the users (the implication I take from PEBKAC in this context). Not only are we incapable of fixing the security problems the way they ought to be fixed, our patches to them (firewalls, antivirus and antispy software, etc.) require constant maintenance as well, and even then they don't work that well.

Sure, it's a hard problem. But I think it's ridiculous to blame security issues (beyond their downloading and installing spyware manually) on users.

PICNIC (5, Funny)

Saint Stephen (19450) | more than 6 years ago | (#20844457)

Problem in Chair, Not In Computer. PICNIC.

That's the phrase I heard used to describe this condition.

Wetware Interface problem (1)

zoomshorts (137587) | more than 6 years ago | (#20844977)

Loose nut between the keyboard and chair. Please use the correct terminology :)

Error # (0)

Anonymous Coward | more than 6 years ago | (#20844465)

ID 10T

So (0)

Anonymous Coward | more than 6 years ago | (#20844477)

So. I dont use anti-pishing software but then I dont just click on shit either.

PebKac always reminds me of Ipecac (1)

BlueshiftVFX (1158033) | more than 6 years ago | (#20844519)

I am sure there is a Ipecac joke in here some how but I can't think of one off the top of my head. by the way the family guy episode with the Ipecac drinking contest always makes me nearly piss my self laughing. http://www.milkandcookies.com/link/33774/detail/ [milkandcookies.com]

Re:PebKac always reminds me of Ipecac (1)

locokamil (850008) | more than 6 years ago | (#20845175)

My girlfriend and rewound and played that clip at least 10 times.

We laughed all the way as well.

I think we may have problems...

Blame The User still plagues PC security, too (1)

Estanislao Martnez (203477) | more than 6 years ago | (#20844523)

Yes, users don't understand computers very well, that's true. Computer companies, however, should build this into the design, and minimize the amount of understanding and knowledge that users need to deploy to use computers. Blaming the users for the failures of the software industry is lazy, dishonest and self-serving.

I think this headline should be... (1)

RoscBottle (937276) | more than 6 years ago | (#20844593)

... the official /. version of "In other news water is still wet".

Antivirus is a Virus (1, Interesting)

pQueue (1091881) | more than 6 years ago | (#20844597)

Every antivirus software I've ever installed acts exactly like a virus. It runs processes I can't kill which spawn new processes, it can't be fully uninstalled, it takes lots of resources, it trys to phone home all the time, and annoys me with popups. Is there any good anti-virus scanner for windows that doesn't change the registry and can be run on individual files or directories when you direct it to? All of the ones I've tried want to take over your system.

Re:Antivirus is a Virus (2, Insightful)

ShinmaWa (449201) | more than 6 years ago | (#20844843)

The problem is that if the user can kill it, so can the virus. A lot of viruses have anti-anti-virus routines built in them to detect and disable anti-virus software from detecting and disabling THEM. It's a warzone out there.

Because of this, anti-virus software embeds itself very deeply in the system and runs with ring 0 privs to prevent virii from subverting them.

Re:Antivirus is a Virus (1)

pQueue (1091881) | more than 6 years ago | (#20845223)

Having anti-virus software embed itself deeply inside my system isn't the solution I'm looking for, despite added security of doing so. I suspect others feel the same. That leaves us with no intermediate solution that I know of, except for web-based virus scanners where you submit a file.

I sincerely hope someone can point me to virus scanner that works on demand only and doesn't modify my system.

Weird stats. (1)

ZombieRoboNinja (905329) | more than 6 years ago | (#20844649)

None of this info really seems useful or reliable.

13% don't use antivirus... how many are Mac or Linux users?

30% don't use anti-spyware stuff... how many are running OSX or Linux (again), or are browsing with scripts and other stupid things turned off?

73% don't report using anti-phishing software... doesn't IE have that on by default now? So the users are almost CERTAINLY misinformed about this one; they've got protections running they don't even know about.

Same for firewalls. I know both OSX and Windows XP and Vista have software firewalls, and I think the Windows one is on by default. (I recall having to manually activate the OSX one, for some reason.) So how many of those users just don't know they have a firewall running, or that the shiny shield icon in the "security" panel is called a "firewall"?

Anti-virus advertisement (1)

Sigma 7 (266129) | more than 6 years ago | (#20844693)

This looks like an anti-virus advert (or a close variation thereof.)

In my history of major computer usage, I had three "infections" that I had experience with. Of these three, I do admit I was a little foolish with one of them, but they have all been purged entirely. The anti-virus or anti-spyware only served as a reactive approach, and weren't effective in preventing the software from entering in the first place (in spite of the AV software displaying a warning that a program was infected.)

The only way to prevent virus infection - don't blindingly auto-execute whatever enters your system, and don't blindingly allow changes to the startup configuration.

Re:Anti-virus advertisement (0)

Anonymous Coward | more than 6 years ago | (#20845227)

don't blindingly auto-execute

"blindly".

In other news, study finds 70% of problems are... (1)

MeditationSensation (1121241) | more than 6 years ago | (#20844703)

...caused by n00bs!

I disagree (0)

Anonymous Coward | more than 6 years ago | (#20844771)

Am I the only one who disagrees with the premise of the article? I don't run an anti-virus program because there are virtually no virus programs attacking Linux. I am not part of the "only" 27% that use anti-phising softare because I don't need a computer program to tell me not to click on "We're closing your account unless you give us your password" emails. I'm also curious about the articles discrepancy between 70% of users claiming to have an anti-spyware program vs 55% "show[ing] any evidence" of such a program. I claim to have an anti-spyware program installed, Konquerer, which doesn't use ActiveX nor Java (except for select sites), nor will it download, compile, and run as root arbitrary programs some random site wants to serve me. But I'd bet money that McAfe would count me with the "no user" site.

And worst of all, according to both the article and the Slashdot summary, I am a "problem" user due to not properly securing my system.

I disagree.

Microsoft should give us all refunds... (1)

tyroneking (258793) | more than 6 years ago | (#20844917)

... for the crappily insecure, services tied to ports, admin rights for all, Windows that they've been selling (or rather imposing on to) people who buy PCs. I mean they stuck IE in there and added wizards for connecting to the Internet right? But they never bothered to fix all the security holes. Why should I have to pay for AV and firewall - THEY should pay - so I want my money off them. Who's with me?
I mean they don't sell cars without brakes do they?

ah yes, PEBKAC revisted. (1)

Adambomb (118938) | more than 6 years ago | (#20845005)

1) posts concerning stupid user anecdotes, and the perils of stupid users
2) posts concerning elistist administrator mentality concerning users and the perils of treating users as the problem
3) posts concerning effective training
4) that ac who always posts that longass vulgar post.

Thank you and goodnight

idiot proof computers (1)

theeddie55 (982783) | more than 6 years ago | (#20845031)

new news, people break computers, anyone who thinks they have an idiot proof computer program just hasn't met the right idiot.

no math nazis? (1)

hurfy (735314) | more than 6 years ago | (#20845255)

Looking at the article i would assume n=378 is the number of participants. If so isn't that a little on the low side no matter how they are picked?

A subset of this would have a pretty big margin of error would it not?

Most studies i recall use more than 1000 people to get to 3% error, not knowing the subset (or the set for sure) wouldn't a margin of error nearing 10% be entirely possible?

This would seem to invalidate the whole thing pretty much (in case the MacAfee tag didn't do that already!) This would leave the only significant info being some of the anti-phishing and anti-spam stuff.

So...

More people say they have anti-phishing and anti-spam than do. Kinda redundant since the only dangerous spam is phishing.... and avoidable without software.

and

A lot of people have outdated AV. This has been the case for almost 20 years....

Had a few problem on office machines that could not run our software,windows,AND AV all at the same time but nothing major.

Personally no problems except for Michelanglo that turns up on my old disks every now and then that tries to infect my 386 (CPAV 1995) and got my XT again :(

geek elitism strikes again (0, Troll)

kbox (980541) | more than 6 years ago | (#20845263)

Slashdot is a bit like having a site for steam engine enthusiasts who sit around talking about how the average user doesn't grease his flange compression ringlets between fly wheel alignment cycles, And then having a good old laugh at them while at the same time being a smug prick.

These people may have more malware, but i bet they get laid more often.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...