Hi All.

This is just a general security question. In the past week I have removed spyware and viruses from my sister's computer, my parent's computer, the guy from the hardware store's computer, and a friend of my sister's computer.

These four people only know how to do basic windows stuff, and know pretty well how to use programs like MS Word and know how to browse the internet.

The programs that were on these four computers were causing so much trouble it was unbearable.

If we keep going this direction, I think people will give up on the internet and decide it is too much effort. They don't want to be paying people to remove all these trouble programs and restore programs like Norton Anti-Virus.

If we keep going the way we are, the only people left on the internet will be people like you and me who know how to protect against this stuff.

Do you think we are going to still have the internet as we know it in a few years? Will people still use the internet despite all the trouble. Billions of dollars are lost/spent to protect and fix these problems, will it still be worth it to businesses a few years down the road?

Let me know your thoughts.

David

I have said it before and I will say it again. Education is needed. Just as you have to learn to drive a car and learn the rules of the road to get a drivers lic. one should have to do the same before they get on the internet.

I was at the home of an elder gent today. He had no anti-virus, no firewall and of course he had a worm as well as spyware and his browser had been hijacked.

He now has anti-virus software, a firewall and I did my best to protect him from spyware but it did cost him a couple of hundred dollars for my service.

Education is the key to stopping it but the question of how do we educate folks is still out there. The internet is not going anywhere. The problem will only get worse before it does get better is the sad part but that is the truth.

KTTD

I don't think the problems are going to get much better either simply because so many people insist on keeping the attitude "It can't happen to me" just like many other things in life....until it does happen.
Many of these people are choosing not to protect themselves; then can't believe it when they get hit with a virus, or get in a car accident...etc.
The basic attitude needs to change before they can be taught anything.
As far as needing to pass some sort of test before getting on internet....that would sure help stop alot of crap but I wonder how many ISP's would actually want to implement any such program. There is also the problem many people would have of paying more for internet services because of the increased overhead of any such program, especially for those people that do know what they are doing online, and do take the proper steps to protect themselves.
Too bad it isn't mandatory.

I'd throw in my 2 cents. Attitude indeed is the main problem, followed by excuses as "it's too much trouble to update all these programs" and other really dumb. Folks, let me tell you something, you don't know what too much trouble really is until you have one of these trojans on your computer and are trying to kill it. I don't think there will ever be a required test to get on the internet, as neat of an idea that it is. Blender is right, the cost of ISP service would surely be jacked up, and I have my doubts it would be less than 5 to 10 dollars.

Just think about now, at the normal rate of 21.95 a month for dialup, would you pay 31.95 for it? Not unless you were desperate and even then surely you'd think long and hard.

The very LEAST anyone can do is do a 5 minute search of any reputable forum on how to secure their browser. At least that would cut down on spyware. But no, they choose to ignore dangers that are clearly right in front of their face until they get bit, by then they are having to spend 100 dollars or more to have somebody fix it for them. Hmm, free programs for preventing such things or 100 or more dollars to fix them once they happen, choices, choices.

Another thing that needs to happen is do a little law-making concerning the internet. It truly is still the wild west out here. I know this is easier said than done, but it can at least be attempted. I have my opinions on why very little law exists, but that is a political speech and it doesn't belong here.

Ok, time for my pep rally, people of the world, stop sitting lazily in front of your computers with Pringles and a Coke watching cute little Shockwave cartoons and gawking at porn sites, and start learning about that mysterious box that beeps and comes with a TV screen.

It cost you a lot of money, now protect your investment. Quit spending 40 bucks an hour just to have a tech do simple things like installing anti-virus software, putting in memory chips (why haven't people figured out how to do this yet?), and just doing things that you can do just as well (if you'd just try it), for yourself and most of the time at no cost.

Now get out there, tame that box, don't let these hackers and spyware bully you, and learn! Just please, don't learn EVERYTHING, techs have to eat too :-) End of briefing, dismissed!

THE NOT-SO-GRIM REALITY:

The population of users out there is very much like the population of drivers, making Kevin's analogy to driver's learning the rules of the road very relevant.

You have folks that have no business being behind the wheel and they careen around in a haze until they finally get into the big wreck. For them, this will never change, they will simply fall right back into the same old haze until the next big wreck. (i have a few customers like this.) THANKFULLY, they are the small minority.

THen you have the vast majority, carefully as they can making their way, avoiding fender benders, making good decisions, even in heavy traffic, and they do it every day. But, they don't wear their seatbelts, they don't buy cars with air bags, and they've never really seen a big wreck. They don;t even know what one looks like. Until its their turn. Once educated, they learn from the experience.

Then you have guys like a lot of us: We are the truckers/dumptruck/forklift/bulldozer drivers of the world. We're not race car or stunt drivers. we make things work everyday so other people can perform at the office or download pictures of the new grandkids. We're workhorses, and we learn from our own mistakes as well as the mistakes of others and our skills are always being sharpened by experience. Every now and then we goof. But hopefully not too often, as "driving" is our livelihood.

I won't get all philosophical about the race car drivers, the stunt drivers, and the bank robbery getaway drivers (you know who you are). They're flashy, they've got good tricks, but they aren't making the world go round.

From a less philosphical branch, I can pose one simple answer to the orignal question in this thread: WILL THE INTERNET LAST.

being a business man, who has little kiddos to feed and a wifo to take care of, I can answer that with one simple phrase:

Will the Internet last?

AS LONG AS THERE IS PROFIT IN IT!

Remember, the horse-and-buggy industry only went out of business because something better came along.

that's my nightly soap box

AOSCLAY

Ugh, the cost of long posts, look at those typos and missing words, lol.

hehe, these posts always end up in the wrong spot, I was talking about the typos in my post :-)

hey DW226,

hope you're complaining about your post...
my keyboardmanship (?) is above reproach.

i cun spelle tu...

aosclay

I disagree withmost of what's been said here. The issues are legal and ethical, not technical. It seems to be accepted that it's OK to vandalize, steal, and destroy property if it's done by means of a computer, and that the only recourse should be to outsmart the criminals. Until we start treating crime by menas of computer as we treat other crime, things won't improve much. People who send viruses, hijack computers, and steal stuff should be locked up as any other criminal, and then some. That's the sort of change of attitude which has to occur. Lock 'em up and stuff the key sideways.

as long as they get the right person, and not
someone who didn't have updated antivirus /firewall software, and got a virus that took over. those people should get a warning the first time, an improper computing ticket on the second offence, and their license to surf revoked on the third offence.
Another solution;at the isp level before they sign someone up,
the isp should be required to check the
computer for proper protection. and have a site they have to visit monthly for an online inspection. so the isp could send out a setup cd with antivirus/anti trojan/firewall. that would install needed components.

I agree with the idea of an ISP setting up a "check site". But, again, this costs money and it will be handed down to the user level. Still, it seems to be the most feasible way to make sure people are protected. And yes, these idiots who send out viruses (intentionally) should be arrested and hauled off. After all, they aren't just irritating us, they are doing millions in damage to huge corporation systems.

Having a requirement imposed by the ISP would violate peoples privacy. Do you want them dictating what programs you have to use and what you can not use?

To help control problems caused by Worms and Virus, my ISP has had to block some types of pings within their network. I can no longer ping many sites or do a tracert command to help people determine what their problems are. Or why I can not access web sites.

The Internet will change and become more secure over time. It is too important of a tool for marketing and business. And businesses will not give up the easy access to you. One small bit of good news is that the Securities and Exchange Commission has sent a message that it "is not in the public interest" for regulated publicly traded companies to be engaged in Spyware and Browser Hijacking as part of their business model.

And be sure Billyboy sees a big profit out of this issue. Expect the next version of Windows to be a lot more secure, with a better builtin firewall, anti-virus and security features that block most browser hijacker and make it harder for programs to be installed on your system. Users will have to give up some of the features now used on web sites like automatic Active-X downloads. But it will make things better (and cost you a lot more.)

Wow. Lots of people posted. Here's my thoughts as to more secure network. All the different networks out there should monitor traffic. When a virus or hacker attempt or DDoS attack is made, that network or individual customer should be disconnected from the rest of the internet until the ISP or customer can guarantee that the virus is gone.

I think most people are unaware of the dangers out there. They read in newspapers "Hacker steals millions of credit card numbers from some big business" or "Virus attack shuts down major airport". You rarely see "Virus attack causes minor issues on John Doe's Computer". So I think people aren't aware of the risks and if ISPs and networks do as I suggested above I think people's computers would not become infected with Virus/Spyware/Browser Hijacks.

David

Completly unrelated note.

When all my computers are off, my modem and router lights still blink like mad. One time I decided to check it out, and it's viruses and worms trying to infect my computer.

The lights never turn off, that's crazy!

David

"And be sure Billyboy sees a big profit out of this issue."

Oh yes Billyboy does see dollar signs, he's also had his feet held to the fire long enough to finally come around about security. However, don't expect to see Windows become an extremely secure OS, not yet.

The firewall in LongHorn should be better, yes, but remember, this is a beta stage, and Microsoft changes plans a whole lot in this stage. I would imagine that in the end, only some of the features that have been listed for LongHorn will actually make it in it's first go round.

On the note of an anti-virus program built in with Windows, I doubt it. This seems to have become an area for ISP's, they are the ones incorporating AV with their software. Look guys, think about this, even with the security steps Microsoft said they will make, given their past do you really want more and more programs made by Microsoft to be incorporated into Windows? Do we really want to patch more Windows problems, how about having to patch an AV all the time?

It will be a long time before they get things "perfect". Anyway, the more they add the higher Windows will be in price, and we know it's high enough as is. Knowing what I know now, I also agree that it should be harder to install all this Active-X crap, but if there is no replacement to Active-X, that will make it much harder to work with sites, and that is just more complaints that will be heard from users.

KEEPING PERSPECTIVE:

I think it is a mistake to embrace the idea of leveling so much of the weight of responsibility on the ISPs. Afte all, if the burden of security and "clean" surfing is laid too much on your ISP, how will you connect to the Internet when the costs of meeting regulated security mandates drives them out of business? Nobody's in business to break even. They're in business to make money. Uping the operational cost of the ISPs isn't going to do anybody any good.

What you will wind up with is the Internet security equivalent of Canadian health care. Yes, it will be provided, it will be paid for by the ISP (and to some degree passed on to the user). But security isn't there business. There are entire companies dedicated to internet security concerns. You place the principle burden on the ISP and you will develop a system that is both substandard and cost ineffective. They won't be making money, and you won't get the security you want.

However, I can envision an evolution of this thinking. I could see a future where "high-security" ISPs might come into being for those in the general market willing to subscribe for a premium price. Then, like with healthcare, you get what you pay for. Your subscription is pricy, but your ISP is envoking tighter protections for its premium customers. In that scenario, you have an ISP with a willingness, need, and pay off for contiunally improving its services, as well as a continuation in the already thriving internet security industry to provide for those who don't want or can't get a premium ISP.

However, one stellar point has been made: For those perpetrating computer crimes, FRY THEM. Hit them with the big ugly stick and get serious about it! Why does the legislation seem to be happening in slow motion? Why are we just now talking about anti-spam laws, when that should have been handled years ago? Because it's INTANGIBLE. Your legislators can't wrap their fingers around it. Murder is easy to figure out. There's a dead body at the end of the crime. Theft? My stuff is in your possession. However, when someone hacks, cracks, hijacks, and passes out malicious code, there's very little tangible effect for a law maker to see. The computer isn't on fire. Planes didn't fall out of the sky. The user didn't have a stroke and die. THEIR COMPUTER QUIT WORKING NORMALLY. The effect isn't all that impressive to a person outside the tech world.

THe only way to get an appropriate response to evolving computer crimes it to show your law makers the MONEY. Baring a great hacking catastrophe, that's only tangible side effect of most computer crimes. When law makers begin to understand the MONEY LOST to computer crimes (and activities that aren't criminal...yet) they will begin to endorse protections unde the law.

I would wager that my congressman has no understanding of the fact that about HALF the billable time my company collected on this week was security/virus/spyware/hijack related. My company supports primarily commercial accounts, like car dealerships, law firms, manufacturers, etc... I would wage my congressmen has NO CONCEPT of how much money and productivity these security concerns are costing them.

Here's the kicker. I DON'T WANT TO BE BILLING TIME OVER SECURITY ISSUES! We have projects to manage, systems to install, upgrades to do, training to conduct...The more security threats we have to manage, the more time we lose on other projects. Its not good for those of us in business either.

when the law makers begin to understand this, we will begin to see an evolution in the law, and hence how the law deals with computer crimes. Will that stop it? NO. The highest penalty for murder is death and that doesn't seem to stop anyone.

will forcing the ISPs to conform to security standards stop it? NO. Auto makers are producing the safest cars in history, and we still kill about 40,000 people a year in AMerica in accidents that are largely avoidable, in situations where the motorist chose to NOT USE the protections offered by the manufacturer.

Its rough, I know, but simply evolving the technology is no solution. It never has been. I make a defense, you improve your offense and render my latest efforts obselete. That's the endless cycle. No human will ever develop a system of protections that another creative human mind cannot overcome.

Security won't go anywhere until it becomes a serious consideration under the law.

AOSCLAY

ammend my earlier statement about typos...my keyboarding (i'm still not sure if this is a word) is apparently NOT above reproach. :)

aosclay

"However, when someone hacks, cracks, hijacks, and passes out malicious code, there's very little tangible effect for a law maker to see. The computer isn't on fire. Planes didn't fall out of the sky."

Not yet they haven't, but you can be sure that it's likely to happen. Our greatest threat is a cyber-attack, if a terrorist group did it right, it could and probably would bring down much of the nation. THAT is when you will likely see computer-related crime laws start to come into effect better.

By the way, keyboarding really is a word :-)

hey DW226,

how about 'keyboardmanship'? That one i'm not so sure about. a few years ago i was shocked to find the 'mousing' was also a word, and one not related to the process of cats catching mice. :)

aosclay

Nope, keyboardmanship is not a word, lol. I had no idea mousing was a word, I learn every day :-)

Here's a question hasn't been raised, maybe it shouldn't be "Will the internet last?", maybe it should be "Will we last relying so heavily on the internet?". Going back to what I was saying earlier, a cyber-attack could be devastating to the nation, dare I say the world.

If you think that means I'm willing to go back to doing my normal ways of doing things without the internet, and without kicking, screaming, and biting heads off first----you'd be wrong, I'm just bringing up another question :-)

Great topic and many great replies! I'm in the camp that says education is so very much needed, which is why I have so much info on my website about computer security and spyware. Maybe ISP's should require people to take a course and pass a test when they sign up. I can't see that it's the ISP's responsibility to keep people's computers secure though.

I'm also in the camp that says these internet criminals need to be rounded up and shot! Well, first we need the laws. As it is now, these criminals get away with stuff on the internet that would be intolerable in any other areas of business.

Hey, having to take a course isn't a bad idea, they should give the one I had to take to be admitted to my A+ class. It just tested overall knowledge, and it could be made to include basic security questions like "What is the best way to avoid viruses?".

Maybe not everybody will be able to answer questions about spyware and prevention, but there is no reason whatsoever to not know how to at least cut your chances of a virus. Actually, it wouldn't hurt the ISP to do something like this, after all, who gets all the complaints when a user accidently spreads a virus to a bunch of computers? The ISP. It might be a hassle for them, but I think it would pay off in the long run.

hey SUZI, DW226:

its a nice idea, and in a world of tolerant, laid back consumers, it might work. but most new business attracted to ISPs is from people that are NEW to the whole she-bang. They will be iffy on questions like "what is a floppy?" "what is a CD-ROM?" Most of the new customers coming to ISPs are having their first real fling with the internet. Remember, about 40% of Americans still don't have internet connectivity at home. I thinks thats a little over a 100 million people. Granted that number is shrinking rapidly, BUT: NEWBIES WON'T BE ABLE TO PASS TESTS, and ISPs WILL NOT ENGAGE IN BUSINESS PRACTICES THAT SLOW THEIR RATE OF NEW ACCOUNT SIGN-UPs. (though a part of me wishes they would).

THe times are changing, but as a whole, the general public is semi computer-literate, and will remain so for some time.

I can see the benefit in requiring people to show some competency (after all, as teenagers, we study long and hard for our driver's exam) but at this point it would be like me telling my customers "I won't give you tech service unless you can pass this fifteen question exam." They'd tell me, "that's fine" and immediately call somebody else.

Now, I think you are on the right track however. EDUCATION is the key.

WHY AREN'T WE TEACHING THIS STUFF IN THE HIGHSCHOOL CLASSROOM!!!!!!!!!!!!!!!

There's nothing quite like turning America's youth loose in the job market or college with the likelihood that they have never used a pc in real-world applications.

This is stuff virtually every person entering college or the workforce MUST LEARN. EDUCATION IS THE KEY, I agree with you.

SO TEACH THEM, DA** IT! As much as I enjoyed AP Physics my senior year (way back when...) how much more useful a real-world IT/Computer Studies course would have been!

EDUCATION is the key. Teach them young, give them skills that build a solid foundation.

I'm off the soapbox now.

AOSCLAY

Physics (shakes with fear at the memories)? What an experience that was, lol. I guess when I really sit here and think of things as they would be in the long run, Aosclay is right, ISPs wouldn't risk business loss.

I seriously think that concerning classes, the best way to go is to have at least 1 computer class be mandatory from 6th grade right up until high school. If they don't pass it in high school, they shouldn't be able to graduate until they do. It's simply too important.

yes the internet will last

many people are still being to learn about it in different countrys and helps send stuff around the world to people easier.

ON SECOND THOUGHT:

We may be trying to do the impossible here. That is, see into the future of the Internet.

After all (though i did state earlier that an IT/Comp Studies course would have been more useful than the Physics program) when I was in high school (don't snicker younglings because it really wasn't that long ago) there really was no Internet. That was only little over a decade ago, and at the dawn of the 1990s no one could have conceived of the vast directions the fledling network of websites and interconnected databases would take. In my youth, guys had "hot" 386s that would knock your socks off and many modems still required the use of a telephone handset.

How many people on this forum remember the original WebCrawler? You know, when it was a search engine with the little cartoon spider in the corner of the screen? You started a search and you went and made lunch. You clicked on a link and watched a few minutes of TV while it loaded.

No concept yet existed of what the Internet would really become.

I'm going to go out on a limb here and say this for absolute certain: WE DO NOT YET HAVE A CONCEPT OF WHAT THE INTERNET WILL BE IN TEN YEARS.

One thing is for certain: Our present security concerns will be ancient history. something very much more sinister will take the place of the "junkware" we now know, the entire structure of websites will be more sophisticated and useful, and the tools to attack us will vastly improve.

We will be having this same discussion in ten years as we complain about zeeboware causing havoc and the impact its having on peoples internet behavoir and business. Every eight minutes, our favorite site will interrupted by advertising (just like television) and that will be the norm. We will buy more products online than we do at the store. boobooware will track our buying habits, suggest merchandise we really do want and nastyware will silently direct our purchase of that product to another supplier, stealing the sale from his competitor.

And we will have flying cars.
I've always wanted a flying car.

AOSCLAY

G'day,

"keyboardship";call me old fashioned, but whatever happened to "typing"??
regards,
Elric

Zeeboware, Boobooware, Nastyware, you've thought long and hard about this, haven't you? :-) You hit the nail on the head though, what we consider a privacy and overall security threat now is nothing compared to what we'll be seeing in the decade to come.

It won't be long before the government stops fighting invasions of privacy (even though let's face it, they don't do much now), and uses it to monitor ALL of us, not just terrorists and other big-time criminals. They'll do it in the name of national security, you're seeing take shape now with Homeland Security.

I'm not a conspiracy theorist guys, this is something that is simply just going to happen. We won't get these privacy threats over the net either, devices will be built in to the computers. And until that time, the threats we have now are going to get worse, and worse.

I realize that probably 99% of the people who read this will think I'm a nutcase with no clue, but a few years from now, I won't be so clueless. As a security spokesperson said a few years back, even when we didn't have the problems we do now, "You have no privacy, get used to it".

Ok, now I know I'm either going to get ignored, or attacked for what I've said, lol, I'm prepared. By the way, Aosclay, we have flying cars (in a sense) now, and, even at my young age, I remember WebCrawler when it was just a lil' feller. I always did think that spider was cute.

I like the idea of using the word "Typemanship".