Linked by Thom Holwerda on Sat 11th Nov 2006 16:56 UTC, submitted by Governa
Windows Outgoing Microsoft co-president Jim Allchin posted a blog entry Friday apologizing for the confusion surrounding comments he made to reporters Wednesday about being so confident in Windows Vista's security that his seven-year-old son's PC had no antivirus software installed. Allchin acknowledged Friday that he wasn't as clear as he intended to be, saying he never meant to imply that Windows Vista does not need antivirus software, despite citing the example of his son's PC. "It's important for me that our customers are using the appropriate security solutions for the right situations, whether that's security functionality integrated in the operating systems, or add-on products," he said.
Order by: Score:
Hm
by Nelson on Sat 11th Nov 2006 17:07 UTC
Nelson
Member since:
2005-11-29

Regardless, I wouldn't be caught dead with an Antivirus.

They always seem to slow down my system and in the end do more harm than good.

In my mind, common sense is my antivirus.

Reply Score: 5

RE: Hm
by Kroc on Sat 11th Nov 2006 17:46 UTC in reply to "Hm"
Kroc Member since:
2005-11-10

If common sense is your antivirus, and you have no antivirus, does this mean you have no common sense?

It's not 2001 anymore, common sense isn't enough on Windows.

Edited 2006-11-11 17:48

Reply Score: 5

RE[2]: Hm
by Mitarai on Sat 11th Nov 2006 17:51 UTC in reply to "RE: Hm"
Mitarai Member since:
2005-07-28

I haven't used an antivirus since 1999 and till now I don't have any problems, FireFox is simple your best friend for someone using Windows.

Reply Score: 3

RE[3]: Hm
by Kroc on Sat 11th Nov 2006 17:58 UTC in reply to "RE[2]: Hm"
Kroc Member since:
2005-11-10

Nor have I had a virus for years, but I attribute that to having an antivirus in place (and common sense) to tell me that is so. Not all viruses make themselves known, and some hide in the most incredible places you'd never find them (like a super-hidden file in the recyclers that only a DOS prompt is able to see).

If you were a city planner, you wouldn't bother with safety barriers because it's common sense to not drive off of cliffs. That's not to say that - as with viruses - people drive off of cliffs on purpose.

Reply Score: 2

RE[4]: Hm
by helf on Sat 11th Nov 2006 18:05 UTC in reply to "RE[3]: Hm"
helf Member since:
2005-07-06

I haven't had a virus in years. Since windows 2k days... And that was because my brother used a cd someone gave him that was infected and it spread across our network at home.

We are behind a NAT router and I have the machines 'locked down' more or less. My little sister has an antivirus on her pc because she downloads willy nilly and i cant stop that. I run trendmicros housecall on my pc periodically (like 3 times a year), has yet to find any problems. No one in my family ever uses IE, outlook/express etc..

common sense can easily keep you from getting infected with anything.

Edited 2006-11-11 18:14

Reply Score: 3

RE[5]: Hm
by WorknMan on Sat 11th Nov 2006 18:12 UTC in reply to "RE[4]: Hm"
WorknMan Member since:
2005-11-13

common sense can easily keep you from getting infected with anything.

I don't think so. What if you download a legit program from the Internet, but the author inadvertently uploaded the setup file infected with a virus? You're pretty much screwed. Granted, these sort of things don't happen very often, but you never know.

So, I would say that running AV resident might be overkill for some people, but at the very least, you want an AV on your system so that you can use it to scan all incoming files. You can easily get a free one, such as AVG, so not like you have to pay for one.

And BTW: An email attachment will infect your system just as easily if it was launched from Thunderbird or some other mail app instead of Outlook Express.

Reply Score: 4

RE[6]: Hm
by helf on Sat 11th Nov 2006 18:16 UTC in reply to "RE[5]: Hm"
helf Member since:
2005-07-06

I use avg on my sisters tower ;)

I use gmail and pine off a shell account of mine for email. I never use other mail apps like thunderbird etc...

Reply Score: 1

RE[4]: Hm
by Adam S on Sun 12th Nov 2006 03:29 UTC in reply to "RE[3]: Hm"
Adam S Member since:
2005-04-01

Kroc, don't bother trying to convince anyone here that AV is necessary. Most people run an XP box behind a router and live happily, and therefore believe that AV is wasted CPU cycles. People who REALLY run Windows - farms of servers behinds firewalls that have to allow SQL*Net connections, incoming HTTP to their DMZ, VPN connections, etc, understand that AV is not an option, because you simply CANNOT know when the next zero day Windows exploit will hit.

Putting it simply: running without AV is reckless. Sure, you may not have had a problem before, but YOU DO NOT CONTROL Windows, and even with a router, you don't know what the next malicious attack will bring. One day, something may come along and teach them, but until then, Kroc, don't waste your breath.

By the way, I suspect that many people who /say/ they don't run as admin on windows are lying. Running as a user on Windows sucks.

Here's my personal rant on the subject: http://www.firsttube.com/read/Is-Antivirus-Software-Really-Necessar...

Edited 2006-11-12 03:30

Reply Score: 1

RE[2]: Hm
by Nelson on Sat 11th Nov 2006 18:04 UTC in reply to "RE: Hm"
Nelson Member since:
2005-11-29

I'm sorry but using Windows Defender and keeping up with the Updates, Windows Vista, UAC, and Common Sense will beat any crappy AV Symantec can spew out.

Even when I did use XP, I never had a virus. Maybe an occasional popup but never a virus. I don't surf porn sites or download random stuff from the Internet.

Common Sense is my antivirus, I don't download random crap from the internet and I know what I am running.

It might not be enough for you, but it's kept me secure all this time.

Until you can provide some factual information and/or statistics on how I can possibly get infected, you're wrong.

Reply Score: 5

RE[3]: Hm
by Kroc on Sat 11th Nov 2006 18:08 UTC in reply to "RE[2]: Hm"
Kroc Member since:
2005-11-10

Can you provide any statistics on if you've been infected? Are you going to trawl an online virus database and check every one against your system to verify that it's not there?

An anti virus app provides me with factual information that my system is not infected with known viruses - if you've never verified your system, how are you to know better than an anti virus app, which can verify against hundreds of thousands of viruses?

You can't verify that your system is virus free, just because nothing 'suspicious' is happening - there are 140'000 viruses that you don't know how they hide or function.

Reply Score: 5

RE[4]: Hm
by Nelson on Sat 11th Nov 2006 18:40 UTC in reply to "RE[3]: Hm"
Nelson Member since:
2005-11-29

If the accident where to ever happen, Vista has the system locked down completely by UAC (Sometime to an annoying extreme).

Also viruses leave a mess behind or spawn a process which Vista would show on my task manager and by reading my system logs I'd eventually find out.

The only problem is getting the virus out once it is in your computer. Thankfully, Vista includes an array of diagnostic tools and restoration utilities if anything does go horribly wrong.

The average user will probably need an AV (One that uses the Microsoft APIs, not one that exploits flaws in the kernel and in the end slow down your system) but I for the most part was speaking for myself.

Reply Score: 1

RE[2]: Hm
by StephenBeDoper on Sat 11th Nov 2006 21:28 UTC in reply to "RE: Hm"
StephenBeDoper Member since:
2005-07-06

It's not 2001 anymore, common sense isn't enough on Windows.

Common sense alone isn't, but combined with not using an Admin account constantly, it is possible to have a clean Windows system without running anti-virus software. Anecdotally, I use that method when I ran an Access Center a few years back, with about a dozen PCs running Win2k Pro. They were scanned every month or two with the TrendMicro online AV scanner, as well as AdAware and they invariably came out clean, except for the occasional tracking cookie.

The downside is that running as a non-admin requires jumping through more hoops than many users will tolerate. E.g., the only effective way I've found to run a filemanager as Admin is to use "run as" on iexplore.exe. And installing software that wasn't designed for NT can be a real bear - often the installer just spits out a "Access denied" error halfway through the install. So then you have to find the setup file (and make sure to right-click, Open the CD in My Computer, because double-clicking will just autolaunch the installer again) and use Run-As on it. And then more often than not, you have to manually add the Start menu/desktop shortcuts for non-admin users, and change the permissions on the app's Program Files folder so that non-admins can actually use it.

I was hoping Vista would fix that silliness, but it sounds like LUA just makes things more annoying.

Reply Score: 1

RE[2]: Hm
by PJBonoVox on Sun 12th Nov 2006 01:45 UTC in reply to "RE: Hm"
PJBonoVox Member since:
2006-08-14

Hey buddy. I don't use AV and have no problems, so I agree with the original poster.

Non-seasoned users should use it though. As long as it's not Symantec or McAfee ;)

Reply Score: 1

RE: Hm
by VenomousGecko on Sat 11th Nov 2006 20:41 UTC in reply to "Hm"
VenomousGecko Member since:
2005-07-06

What about worms? There is not much you can do if there is a flaw in Windows that YOU cannot control. If that is exploited by a worm, then you will be a victim. I would only run without AV if you made sure that you had a good security system in place that prevented inbound connections. To suggest that you can run Vista w/o AV without any other mechanisms to aid in security seems foolish given MS's track record.

Reply Score: 1

RE[2]: Hm
by JBillman on Sat 11th Nov 2006 20:48 UTC in reply to "RE: Hm"
JBillman Member since:
2006-11-09

Router / hardware firewall would stop it.

But how would the antivirus be able to stop the worm before you are affected??? Do you think the antivirus is good enough to figure that out? Or just wait till they update their signatures. It seems like it would only be good after the fact

Reply Score: 1

RE[3]: Hm
by WereCatf on Sun 12th Nov 2006 18:20 UTC in reply to "RE[2]: Hm"
WereCatf Member since:
2006-02-15

A router/hardware firewall *won't* stop malware from running on your computer or infecting it! It's completely stupid to claim that to people! First of all: if you surf to a website which infects your machine via some ad or such through a hole in your IE/FireFox/whatever, that program can make an outgoing connection and leave the port open for incoming connections...ZoneAlarm (for a good example) would help you spot suspicious apps running on your computer which try to make outgoing connections, but a separate firewall doesn't. And antivirus is used to prevent and/or remove such malware if you happen to get such from your IM apps/web browser/mail...

Reply Score: 1

RE[4]: Hm
by PJBonoVox on Sun 12th Nov 2006 21:14 UTC in reply to "RE[3]: Hm"
PJBonoVox Member since:
2006-08-14

WereCatf, I know that. However you can't speak for everyone.

I run behind a NAT router, and I am well aware that it won't prevent malware through attack vectors such as a web browser. However I _know_ that I'm seasoned at this. I've been doing it since the dawn of time and I can categorically guarantee you that I would know if I got hit by malware or a virus.

I have been, once, and I spotted it instantly. I know the behaviour of my machine like the back of my hand and was able to remove it using the tools available to me in Windows. Namely 'regedit' and 'explorer'.

I haven't reinstalled my Windows box for a long time, but I can go through every process and identify exactly what it does. I could do this for you if you want?

I do run AV, but only 'on-demand'. I scan things I'm really unsure about.

Edited 2006-11-12 21:17

Reply Score: 1

lol
by SK8T on Sat 11th Nov 2006 17:32 UTC
SK8T
Member since:
2006-06-01

lol that was a good decision of him,
otherwise no IT specialist could believe him.

Reply Score: 3

Antivirus
by JBillman on Sat 11th Nov 2006 17:58 UTC
JBillman
Member since:
2006-11-09

Neither do I use antivirus on Windows XP Pro there is no need if you understand how Windows works. The only thing I do use is a firewall. Most of the time it is common sense that stops you being infected. Remember to do the windows updates. Check your process list and services if anything seems strange then find out what it is. Check out the sysinterals site and get rootkit realver and autoruns.

Reply Score: 3

RE: Antivirus
by Kroc on Sat 11th Nov 2006 18:04 UTC in reply to "Antivirus"
Kroc Member since:
2005-11-10

Is this the advice people have to give!? What about Joe public, what about companies, what about people who don't have /time/ to be verifying their processes for potential problems.

I know how to unpick viruses from the disk and registry by hand, but grief, I don't want to be a complete anal-retentive control geek who has to check the service list and processes, I'd use Linux if I wanted to do that. I switched to a Mac so that I spent /less time/ trying to maintain my system and more time actually /using it/.

Reply Score: 2

RE[2]: Antivirus
by JBillman on Sat 11th Nov 2006 18:17 UTC in reply to "RE: Antivirus"
JBillman Member since:
2006-11-09

Well yes if you are a normal user then you do need antivirus. But most of the comptuer virus problems out there today are just commen sense. Don't open email attachments, be wary giving permission to a program that asks for it, stay on clean websites.

Reply Score: 2

RE[3]: Antivirus
by Kroc on Sat 11th Nov 2006 18:22 UTC in reply to "RE[2]: Antivirus"
Kroc Member since:
2005-11-10

Apart from poisened images, iPods/CDs accidently with viruses on them, day-zero attacks. If you've no antivirus, how would you know if you had a silent, process-hidden keylogger that installed secretly via a USB thumb drive, e-mail attachment or poisen image? You can't verify that with certainty.

Windows Vista has protected processes - viruses of the future are not going to be able to be /detected/ with common sense.

You might be able to prevent a virus with common sense, but you can't always detect and remove them with it, when that accident does happen one day.

Reply Score: 1

RE[4]: Antivirus
by JBillman on Sat 11th Nov 2006 18:34 UTC in reply to "RE[3]: Antivirus"
JBillman Member since:
2006-11-09

My view anyway is that the biggest threat to a normal user is adware than anything else, I trust using SpySweeper way more than Norton anyday each edition of Norton just seems to get worse and offers no real improvements. Antivirus works for old threats doesn't prevent the ones that just are discovered or are undetected.

For me anyway I reallly don't think the antivirus software right now is doing a good enough job to on detecting the threats. Most of the antivirus systems by default today detect viruses by signatures some do have the ability to detect patterns but still is poor.

The antivirus software of today probably can not or can poorly detect rootkit level viruses that are hidden from the windows api.

If you have real comptuer experience you can remove adware, and other malware installed on an infected comptuer if you take the time to figure it out. The goal of the malware is to make money off you not to break the comptuer.

Reply Score: 2

RE[3]: Antivirus
by l3v1 on Sat 11th Nov 2006 19:53 UTC in reply to "RE[2]: Antivirus"
l3v1 Member since:
2005-07-06

<stay on clean websites

Yeah, since you always know that a website is clean even before ever going on it, right ?

Most users are "normal" users, and many of them are sub-"normal" users. _Anybody_ giving the advice not to use antivirus (and/or firewall app) under Windows is just as guilty as the guy that wrote that virus and/or trojan, just as those suggesting that by using them you suddenly get magically immune. Comments like I-never-needed-I'm-still-clean and just-use-common-sense are pretty much useless for most users, and for anybody else for that matter.

Reply Score: 1

RE[3]: Antivirus
by starnix on Sat 11th Nov 2006 20:26 UTC in reply to "RE[2]: Antivirus"
starnix Member since:
2006-05-12

Stay on clean websites?

But.... The Internet is for porn. ( http://video.google.com/videoplay?docid=5430343841227974645 )
Why would you limit yourself from using one of the fundamental functions of the Internet just to be able to say "I don't use Antivirus."

Seriously though, The whole point of computers is automation. Why would I rather look at my process list and do all this other shit just to avoid using an AV program. Let the PC do it for you.

Reply Score: 1

RE[2]: Antivirus
by Havin_it on Sat 11th Nov 2006 18:51 UTC in reply to "RE: Antivirus"
Havin_it Member since:
2006-03-10

While I agree with this point in principle, I don't think it has to be that way. If you have an AV app they recommend that, as well as its realtime protection features, you also do a thorough scan now and again.

Most scanners I've used on my machine (XP, 2.6GHz Celeron, scanning a 30GB ATA harddisk) take up to an hour (some even more!) for a full scan. And as you're advised to leave the PC alone while the scan runs (and often the scan process is so resource-hungry it's not an option anyway), that's a big ol' chunk out of your computing experience.

Personally, I took a couple of hours one day to learn a bit about NT permissions on the web, applied what I learned to my XP box and chose not to bother with any antivirus 'solutions' thereafter.

What I actually did isn't really rocket-science either. First I made a Limited User account for everyday use, then I revoked the permission to "traverse folder / execute files" for that user from its user-directory. There we go: the Limited user cannot execute any foreign code. That only leaves being cautious about what removable media you shove in it, and there's no real need to run antivirus unless you know you've been subject to a vulnerability that can get past the above safeguards.

Reply Score: 1

RE[2]: Antivirus
by CuriosityKills on Sat 11th Nov 2006 19:34 UTC in reply to "RE: Antivirus"
CuriosityKills Member since:
2005-07-10

The advise which damn windows never cared was to create a sandbox so a normal user would be able to do everything except installing kernel mode drivers.

The average users should be able to install new programs however the OS should make sure that the install would only work for them and other users can't see the new program. If an admin installs a program then everyone can see the new program.

This way when i have to install a risky application, i can do that without worrying about possible worry of my application hijacking.

Then they should make a normal user account by default just for sandboxing so even an average user knows that if they want to run some crap, they do that in that particular account. Even if an application installs a keyboard hook in that account, it can only trace keystrokes for that user.

This is complex but that is true sandboxing. And it can solve many problems for windows users.

Reply Score: 1

RE[2]: Antivirus
by StephenBeDoper on Sat 11th Nov 2006 21:34 UTC in reply to "RE: Antivirus"
StephenBeDoper Member since:
2005-07-06

What about Joe public, what about companies, what about people who don't have /time/ to be verifying their processes for potential problems.

While the Joe Public question is valid, any company of significant size should have IT staff to secure their network in the first place and lock down onsite employee PCs.

Reply Score: 1

RE[3]: Antivirus
by eMagius on Sat 11th Nov 2006 21:45 UTC in reply to "RE[2]: Antivirus"
eMagius Member since:
2005-07-06

Unfortunately, locking down the PCs at employees' desks tends to cause a lot of ill-will towards IT unless the ship is tightly run by management. "Those damn IT power-trippers won't let me play this cool game my friend forwarded me!"

And we all know how well the pointy haired bosses run things. ;)

Reply Score: 2

RE[4]: Antivirus
by aaronb on Sat 11th Nov 2006 22:34 UTC in reply to "RE[3]: Antivirus"
aaronb Member since:
2005-07-06

I agree,

The company that I work for have useful options locked off...
Changing themes
Turning off the PC speaker.
Moving the desktop bar
Changing the background (I cannot focus on the screen if the background logo is too bright as a have headaches)

Useful Direct debit management websites are blocked. (voca.co.uk and BACS.co.uk)

Recently a strange set a permissions are set on all printers that make printing and scanning a challenging task. (No documents for you !)

No permission write to some networked drives, at the same time no options to save spools to any other place apart from the locked drives (No audit trail for you !)



This makes some tasks very inefficient and is due to "Those damn IT power-trippers" <-;
We can only hope that communication improves.

Reply Score: 1

RE[4]: Antivirus
by StephenBeDoper on Sun 12th Nov 2006 01:56 UTC in reply to "RE[3]: Antivirus"
StephenBeDoper Member since:
2005-07-06

Unfortunately, locking down the PCs at employees' desks tends to cause a lot of ill-will towards IT unless the ship is tightly run by management. "Those damn IT power-trippers won't let me play this cool game my friend forwarded me!"

Of course - like anything else, the end result will depend on a lot on whether or not there are competent people setting and implementing IT policy.

Reply Score: 1

RE[2]: Antivirus
by PJBonoVox on Sun 12th Nov 2006 01:46 UTC in reply to "RE: Antivirus"
PJBonoVox Member since:
2006-08-14

"What about Joe public"

Those people are most definitely _not_ reading OSNews.

Edited 2006-11-12 01:47

Reply Score: 1

RE: Antivirus
by devnull on Mon 13th Nov 2006 07:48 UTC in reply to "Antivirus"
devnull Member since:
2005-07-06

Right!? So you all day walking around in your pc fil;es and processes lists looking for suspicious files and processes. Nice.

Kinda a looks you:

1) get not much time for actually working
2 ignorrant
3) lying
4) stupid

In any case if you worked in my company i would:

1) kick you out
2) make sure you had a anivirus like Nod32 runnig
3) kick you out

Reply Score: 1

Endless debates
by pandronic on Sat 11th Nov 2006 19:12 UTC
pandronic
Member since:
2006-05-18

Damn, I'm really getting sick and tired of this endless arguments between people who use antivirus and people who don't. I haven't seen such a discussion ever reaching a conclusion and yet people start contradicting each other with every chance they get.

Let's sum it up: with common sense you rarely (if ever) get a virus, but if you are unlucky or don't pay enough attention you might get a virus, so you should keep AVG or some other free and lite antivirus nearby for emergencies.

In my personal experience - I didn't use an antivirus for a couple of years and didn't have problems, but then I decided to install NAV (Norton AntiVirus), after all, and ironically, I got my first virus after a very looong time (no, I'm not talking about NAV).

It was more like a trojan, actually ... I've downloaded some archive from a crappy site, my "internal" antivirus switched on when I saw the contents, but I said what the heck, NAV is protecting me - so I clicked on the file. Needless to say that it wasn't what I expected and that sorry excuse for an antivirus didn't catch it. My bad.

So, having a crappy antivirus can be as bad, because it induces a false sense of security, especially if you swich off (or don't have) the common sense. Now I'm scanning with AVG and Adaware from time to time, use Firefox and pay more attention, but I don't run a resident antivirus. In over a year from "the incident" I didn't have problems.

Reply Score: 1

Back off
by acobar on Sat 11th Nov 2006 19:59 UTC
acobar
Member since:
2005-11-15

He probably HAD to back off his assertion because of the troubles Microsoft could suffer if people started to use Windows Vista without AV and happened to get sensitive data affected. Probably someone of the legal office told him to do that. I almost could hear the noise of friction of the lawyers hands around the globe.

About AV or not AV, if you are an IT literate you can avoid it, but don't expect regular users to be as careful as you, they aren't.

Reply Score: 1

As someone said
by Shkaba on Sat 11th Nov 2006 20:47 UTC
Shkaba
Member since:
2006-06-22

This debate is so useless when you consider the following:

- I am a good driver
- I will not drive on an uneven road surface
- I will not use my cell phone or listen to the radio while driving

ERGO

I don't need insurance ...

Yeah right

Reply Score: 2

Allchin's original comments...
by Marcellus on Sat 11th Nov 2006 21:25 UTC
Marcellus
Member since:
2005-08-26

...were taken out of context.
...were taken out of context to bash MS specifically.
...were taken out of context to bash Windows Vista.

It's sad to see that he needs to clarify his comments in this way.
It's sad to see that anything an MS employee says is analyzed to hell with the purpose of finding anything at all to bas MS for.

I'm asking for the OSNews community to grow up.
I'm also asking for any OSNews commenter that comes from /. to go back where he/she/it came from and leave this place alone. We don't need your constant bashing of things that you don't have a clue about.

Edited 2006-11-11 21:25

Reply Score: 5

Professionals
by Finchwizard on Sat 11th Nov 2006 22:02 UTC
Finchwizard
Member since:
2006-02-01

A lot of the people that don't use Antivirus are professionals, they use common sense, they know what every process is on their machine.

They notice if there hard drive is working more than it should, and notice if there's bandwidth being used when there shouldn't be.

Antivirus is a good thing to have, but there are people out there that don't use it and are fine.

There's still standalone scanners you can download and check with every now and then.

Reply Score: 3

Allchin was misquoted
by spacebubble on Sat 11th Nov 2006 23:15 UTC
spacebubble
Member since:
2006-10-24

Nice to see OSNews reverberating the same misinformation:

ArsTechnica has a nice article about what AllChin did say:

http://arstechnica.com/news.ars/post/20061111-8199.html

Reply Score: 5

Phloptical
Member since:
2006-10-10

...open mouth and insert both feet.

Regardless of your OS affiliation, you have to admit that was a pretty irresponsible statement. Hopefully the media will run this retraction as much as they ran his original snafu.

Reply Score: 1

There is still a need for AV
by Phloptical on Sun 12th Nov 2006 00:34 UTC
Phloptical
Member since:
2006-10-10

John Q Public doesn't patch his PC nearly as much as he should. The 30 day trial of Symantec ran out a year and a half ago. The firewall only exists in his house if he has broadband with the free router, and even then it would only be active if it was on by default. If he's on dialup all bets are off. To make matters worse the "Spank the Monkey and win $1M" banner ads look attractive to him.

I could go on and on, but that's the state of 98% of PC users home security configs, regardless of the OS they're using.

Reply Score: 1

RE: There is still a need for AV
by Doc Pain on Sun 12th Nov 2006 02:45 UTC in reply to "There is still a need for AV"
Doc Pain Member since:
2006-10-08

John Q Public doesn't patch his PC nearly as much as he should.

This is because most of them think "Oh, I am a professional, I know all the pictures and I can click on them!" So a (false) feeling of security arises, which may finally result in opinions like "I cannot be infected, I know what I'm doing", "I didn't get a message box that says I'm infected, so I am not" or "Even if I'm infected, I don't care" - and that's dangerous. Such users can quickly become a danger for theirselves (their work and data on the computer) and for others.

I could go on and on, but that's the state of 98% of PC users home security configs, regardless of the OS they're using.

Yes, I agree. Therefore the distributors or developers of an OS should take care about the fact you mentioned above. I think Apple is doing good work in this case with their MacOS X, and I hope MICROS~1 made some relevant improvements in their "Windows XP" and "Vista" products.

As soon "Windows" users get infected and abused - and don't realize (!) this, their machines are used for spamming, data espionage and saboutage. That makes them affective for prosecution. Here in Germany, this "I don't know" or "I don't care" can be punished by law, if the abused machine is involved in criminal actions as named above. I don't know if this is the case in the US and other countries.

So, Joe Q Public, realize this: If you don't use proper AV software, you cannot say something about your infection status. "I don't know" is not equivalent to "I'm not infected" - refer to basic principles of logic.

Binary logic: { infected, not infected }
Trinary logic: { infected, not infected, don't know }

The means of diagnostics in "Windows" are poor. Because most (home) users have to deal with system administration theirselves, they seem to refuse to do so. I can't figure out the reason. Because people like car analogies, here's one: If I'm not familiar with car mechanics, I have to let a professional check the car in certain distances of time; he can find problems I won't notice myself. But I simply have to know a few things about my car (how to drive, where to put the fuel in etc.) in order to use it. (Here in Germany we have a thing called TÜV. After some years, every car owner has to get his car there. It is checked by professionals who are approved by state authorities. If the car is okay, they get a "stamp" on it. Without the "stamp", the car may not be run in the public traffic and has to be repaired or thrown away.) So has John Q Public, or he sould consider stop using a computer.

Edited 2006-11-12 02:52

Reply Score: 1

Phloptical Member since:
2006-10-10

After reading that I probably should have been a little more PC about John Q, and mentioned Jane Q as well. My sister was the source of the banner ad reference.

So in Germany, if you don't even know your system is a zombie you can still be prosecuted? Wow, does that suck. I now understand why you said either John Q (or Jane) know what they're doing with a computer, or don't own one.

That said, I know I should change the oil in my car every 3k miles...but I usually wait til 6k to do it. Good thing oil changes don't affect anyone in Germany.

Reply Score: 1

Doc Pain Member since:
2006-10-08

"After reading that I probably should have been a little more PC about John Q, and mentioned Jane Q as well. My sister was the source of the banner ad reference."

I don't think the banners are the major reason why one should use AV software and a firewall (hardware or software) together with "Windows". The main reason is: Viruses etc. work in the background. They don't give you a queaking pop-up saying "Hi Jane, your PC is infected!".

"So in Germany, if you don't even know your system is a zombie you can still be prosecuted?"

If your zombie PC is involved in a criminal action, yes, it's possible.

"Wow, does that suck."

No, it doesn't - from the point of the victims of data espionage and saboutage it's important that not only the attackers, but also their helpers get caught. Or would you like to live in a world, knowing your neighbour steals your confidental personal data and sells it to big advertising companies?

To come back to the car analogie from above (people like this), you're personally are responsible for your car to work properly. You simply cannot say "I don't know enough about cars" - then you've got to avoid driving it.

"I now understand why you said either John Q (or Jane) know what they're doing with a computer, or don't own one."

Maybe, I'm unfair to Joe and Jane, so I have to excuse first. But how can one insist on owning (or better: using) a PC when one does not know enough about it? A minimum, a simple minimum of knowlegde should be there. Car analogy: driving license.

"That said, I know I should change the oil in my car every 3k miles...but I usually wait til 6k to do it. "

If you know enough about your car (which is individual in some regards), you can do it on your own responsibility. But if an accident happens because you did something wrong, you can be sued for it.

"Good thing oil changes don't affect anyone in Germany."

If they're done in the US, surely not. :-)

What I want to say: Every PC user is responsible for what he's doing. Therefore, he should know a bit about what he's doing. Otherwise, he won't be able to come to a decision because of a lack of knowledge. And there are many things (practical virus behaviour, intrusion actions, remote control etc.) the user is not able to get knowledge of by himself. That's a fact.

Final car analogy:

Office: Ma'am, you've caused an accident. Didn't you see the red light there?
Jane: Red light? Where?
Officer: There, right above the street.
Jane: Hmm... ah yes, now I see it. Didn't notice it before...
Officer: The light means you have to stop.
Jane: I didn't know that.
Officer: Didn't you mind braking? There was traffic directly infront of you!
Jane: No.
Officer: But that's dangerous!
Jane: Not for me, I have an airbag.
Officer: And the victim of your shortsight?
Jane: I don't care.
Officer: Ma'am, you have to inform yourself about security in public traffic!
Jane: No, I don't want to. My car has to tell me. I bought it yesterday. It's very nice, it has many colours! It should deal with security issues for itself and let me just enjoy driving.

Edited 2006-11-12 03:26

Reply Score: 1

Need for an antivirus?
by WereCatf on Sun 12th Nov 2006 17:51 UTC
WereCatf
Member since:
2006-02-15

I don't bother to read all the 40+ comments here, but I'd say an antivirus is good to have somewhere around, and for average users it should be running all the time. Me, I really have no need for an antivirus since I don't use Windows for anything else than gaming. Win2k suffices for that. Though, this year I had one infection: I was installing win2k on an older machine of mine and I had forgotten to remove the network cable before installing ZoneAlarm...After installing ZoneAlarm it asked if I wanna give suspicious looking programs the permission to access internet. I booted to Linux, ran antivirus and removed the virus.

Oh, just a hint for people: I'd advise to get a bootable CD with some sort of live environment and an antivirus there. That way you always have a usable OS which you can use to remove viruses from your computer. Linux for example is a great choice for these things.

Reply Score: 1

I laughed so much at this thread.
by cyclops on Mon 13th Nov 2006 10:07 UTC
cyclops
Member since:
2006-03-12

Malware is a reality...its been a reality for an long time. Todays always connected computers; *funded* malware authors; Sophistication of new methods have made it a more serious threat.

The original article was a *vista* is soo secure, which served two purposes. It said non Microsoft malware spotting/removal tools are rubbish and you shouldn't use them; Vista is simply a better OS than XP.

Firewall and Virus Tools are Computer intensive tasks, which hasn't been very popular. Malware has got increasingly sneaky making it even harder to detect, and these tools have got increasing bad at detecting them. Making these things highly unpopular. throw in the fact that you often come pre-installed and you have to *pay* for them to keep working, and they are often painful when you want to do legitimate computing tasks, everyone would rather live without them.

What I have found funny is the superiority shown on this thread over an average computer user, with the Average Joe and *common sense* computing. Its important to say that common sense is actually rather hard to implement.

Malware removal/detection tools are just part and parcel of the modern computing experience. I find it difficult to believe that any user would *choose* not to have several that they use regularly.

The harsh reality is that with Vista is whether you use Microsofts Malware tools or you use some from a third party. I suspect very strongly that Microsofts tools will work more smoothly with Vista than any third party tool, regardless of quality, and I suspect most will prefer to live with that, than the situation we have now.

Reply Score: 1