On Sat, 9 Oct 2004, Sean Donelan wrote:
Why don't people want to fix their computers? And even worse, why are so many people unsuccessfull fixing their computers?
I had a thread on this a month or two ago (i think it was nanog).. the simple answer that I find is they just dont care and/or are incapable. They dont care in that for many people, providing the computer still works, you're not getting charged (like you would be for pbx hacks) and they dont consider their PC to be critical to their daily lives they have no motivation to find the information and start to care. And they are incapable in that many recent worms/malware have spoofed being from authorities such as banks, microsoft, their ISP and they cannot distinguish between real and spoof and therefore ignore it when windows pops up to tell them they need to install the latest security patch. Coupled with this, they dont understand what virus scanners, firewalls, security patches are and think that by having one of these it will (a) be an all round security solution (b) not need their intervention to setup and maintain it.
If virus writes are smart enough to infect their computers with one-click, perhaps the good guys can come up with ways to fix their computer with one-click.
Of course the good guys are constrained by the law which the bad guys arent, we have seen instances of worms designed to close holes on computers but they are illegal (and didnt work). Also, the good guys always seek user authorisation (eg the window which pops up asking you if you want to install the latest dat) and I suggested above this is problematic for several reasons (user confusion, not wanting to install at that moment etc) .. the bad guys just go ahead and infect - and usually their payload is tiny compared to the Mbs we have to download each month in defenses. And of course, the final blow .. our OSes and apps will inevitably have holes in them, thats a consequence of complexity and I'm not sure how you can overcome that even with much more stringent testing and programming rules.. some of these hacks are pretty damn clever, abusing systems and having one system exploit a weakness in another system (eg using IE to circumvent OS security levels) in ways their designers never imagined and catered for. You only need to find one chink in the systems to produce malware but you need to find all the bugs to produce security apps. Steve