Re: [SC-L] re: Why Software Will Continue to Be Vulnerable
Bill Cheswick wrote: Probably like many of you, I'm the local friends-and-family computer fixit guy. > My father has repeatedly asked why he should care that his computer is totally > owned. I've told him that his CPU engine is blowing blue smoke all over the > Internet, > but that doesn't help. I think people would care if they knew, but they don't know. > An outbreak of user-obvious malware might change the equation, but I am not > suggesting > that someone run the experiment. I think just about the only time I've been called out to lay hands on someone's computer in the last two years (with one exception I can think of), the problem has been malware/spyware. I.e. it had misbehaved to the point where it was untolerable. The browser no longer works, the machine grinds to a halt, the screen goes wonky (screwed up the video drivers), it's popping porn ads at the kids, etc... So my assertion is that much of the malware is very obvious. I'll avoid the temptation to rant at the poor quality of the malware/spyware code itself. I'll also add that I think this is the current big problem for Windows users. Windows itself (XP+) has become reliable *enough*, and the hardware reliable enough (or cheap enough to suffer a forklift upgrade), that it works great... except for the damn malware. The typical reaction I get is incredulity that there are people who sit around all day writing this stuff (malware/spyware.) Any consideration that there's a fault with the OS that allows it in is waaay down the list. So if MS can find a way to make the effects of malware unobservable, then they just about have that market sewn up. Ryan
Re: [SC-L] re: Why Software Will Continue to Be Vulnerable
It appears that the "user-obvious malware" would need to reach the anterior insula to make a difference in computer security. >From Business Week -- "Why Does logic often takes a backseat in making decisons?": "The National Hockey League and its players wrangle over a salary cap. The impasse causes the season to be canceled. Everybody loses. What went wrong? According to the new science of neuroeconomics, the explanation might lie inside the brains of the negotiators. Not in the prefrontal cortex, where people rationally weigh pros and cons, but deep inside, where powerful emotions arise. Brain scans show that when people feel they're being treated unfairly, a small area called the anterior insula lights up, engendering the same disgust that people get from, say, smelling a skunk. That overwhelms the deliberations of the prefrontal cortex. With primitive brain functions so powerful, it's no wonder that economic transactions often go awry. "In some ways, modern economic life for humans is like a monkey driving a car," says Colin F. Camerer, an economist at California Institute of Technology." http://www.businessweek.com/print/magazine/content/05_13/b3926099_mz057.htm?chan=mz&; -gp Quoting Bill Cheswick <[EMAIL PROTECTED]>: > > >Here's a depressing survey > > I found it utterly unsurprising. The bad guys almost never erase hard > drives, or > do other terribly inconvenient things to the machines they own. They simply > run in the background, mostly, and the users don't understand the issues. > > My father has repeatedly asked why he should care that his computer is > totally > owned. I've told him that his CPU engine is blowing blue smoke all over the > Internet, > but that doesn't help. > > An outbreak of user-obvious malware might change the equation, but I am not > suggesting > that someone run the experiment. > > ches > > >
[SC-L] re: Why Software Will Continue to Be Vulnerable
>Here's a depressing survey I found it utterly unsurprising. The bad guys almost never erase hard drives, or do other terribly inconvenient things to the machines they own. They simply run in the background, mostly, and the users don't understand the issues. My father has repeatedly asked why he should care that his computer is totally owned. I've told him that his CPU engine is blowing blue smoke all over the Internet, but that doesn't help. An outbreak of user-obvious malware might change the equation, but I am not suggesting that someone run the experiment. ches
