This article can also be found in the Premium Editorial Download "Information Security magazine: How to dig out rootkits."
Download it now to read this article plus other related content.
Home users: a public health problem?
Point To the average home user, security is an intractable problem. Microsoft has made great strides improving the security of its operating system out of the box, but there is still a dizzying array of rules, options and choices users have to make. How should they configure their antivirus program? What sort of backup regime should they employ? What are the best settings for their wireless network? And so on.
How is it possible that we in the computer industry have foisted on people a product that is so difficult to use securely, it requires so many add-ons? It's even worse than that. We have sold the average computer user a bill of goods. In our race for an ever-increasing market, we have convinced every person that he needs a computer. We have provided application after application--IM, peer-to-peer file sharing, eBay, Facebook--to make computers useful and enjoyable to the home user. At the same time, we've made them so difficult to maintain that only a trained sysadmin can.
And we wonder why home users have such problems with their buggy systems, why they can't seem to do the simplest administrative tasks, and why their computers aren't secure. They're not secure because home users don't know how to secure them.
At work, I have an IT department I can call if I have a problem. They filter my Net connection so I don't see spam, and most attacks are blocked before they get to my
This problem isn't going to go away as computers get smarter and users get savvier. Next-generation computers will be vulnerable to different attacks, and next-generation attack tools will fool users in different ways.
This was first published in September 2007