Very worrying article in today’s Guardian technology section. We all know that spam levels are constantly increasing but this article says that 91% of email is now spam. It then goes on to put at least some of the blame on the people who connect completely unprotected PCs to the internet. These PCs then get attacked and taken over by Trojan horse or worm programs which place many of the PC’s resources at the resources of unscrupulous people who can then use the PC for various nefarious purposes. These networks of compromised PCs (or “botnets”) are increasingly being used to send spam. And there are literally millions of these PCs out there. Which means huge amounts of spam.
ISPs and PC vendors need to do a lot more work to educate people into protecting PCs that are connected to the internet. Currently it seems that the vast majority of PC owners have no idea of the problems so they just carry on regardless. The article contains a guide to checking to see if your PC is being controlled in this way. Everyone with a PC connected to the internet[1] should be encouraged to go through this procedure and then to install decent firewall software.
[1] Well, at least, those running Windows. Computers running Linux or MacOS aren’t immune, but they aren’t often targeted as so many people run Windows that it offers far greater returns.
I think there’s a fundamental problem with the approach of educating people. Many computer users don’t know anything technical, and they don’t care. They never will. Why should they? It’s all about abstraction, and security should be abstracted away below the level at which the user operates.Trying to get users to look after their own computer security is a losing battle; it just won’t happen.In my view, the only way to drive up standards in security is to totally rethink it. Take it away from the user’s responsibility, as much as possible, because users – by and large – couldn’t care less. Windows Vista perhaps takes the first steps down this path, but it seems like a sticking plaster solution.Unfortunately I don’t have the answer (if I think of it, look out for products from Howlett Security Solutions!), but a radical overhaul is needed. After all, you write that Linux and MacOS aren’t immune either, so the whole system is rotten.