Do we need computer competence tests?

Isn't this a proof that computer technology is failing ?

Why are we not able to develop idiot-proof technology ? Why does every grandmother need to learn about anti-virus license renewal, software updates, spam, etc ? Why is so much software buggy and/or insecure, offering crooks and other criminals an entry path ? Isn't this article an attempt to deflect the responsibility of the computer industry onto hapless lambda users ?

Certification is pointless

I've spent my entire working life developing, managing and promoting IT certification programmes, both in the private sector and the public. I've sat round tables with the British Computer Society, the big exam boards, Microsoft, the BBC and various departments of education, skills, learning, innovation, employment and so on and I can tell you that not one of them has the first clue what they're doing, and none of their tests, exams and pseudo-driving licence certifications does a damn thing to solve the problems of new users and their stupidly powerful and insecure PCs.

ECDL doesn't cover security in any detail - phishing isn't even mentioned. It is as shiny and showroom as the PC itself - a good sell to a clueless newbie but of no effective use in helping them drive the thing. The skills it teaches are mechanistic and quickly forgotten, and the assessment is largely of theory rather than competence. IT Security was recently added to the government-backed 'ITQ', a competence-based qualification equivalent to 5 (count them) good GCSEs, but take-up has been poor and it takes too long for these qualifications to be updated to reflect trends. Too many of them still mention floppy drives, Zip disks, etc. Microsoft have free courseware online (their Digital Literacy Curriculum) which covers security, but it attempts to brainwash you in the process, presumably via a rootkit...

Like most things the media like to rave about, the threat is real, but small, and can be easily countered with simple, targeted training focusing on mitigating the risk, just like all the COI campaigns about crossing the road and not spreading the disease du jour. Licensing is an absurd idea - might as well let Captain Cyborg chip the lot of us and electro-shock us each time we dare to click on an email link.

Computer licence endorsement points to come in force after the end of March

Please inform all known computer users that, as of the day after the 31st March 2008 that any detected dumb-use or poor invoking of common sense when using computers that a set of endorsement points (level yet to be defined) will be placed on their ECDL (European Computer Driving Licence) - yes, it exists. Those without may find re-assigned TV detector staff visiting them at an entirely inappropriate time to inform them of newly assigned guilt.

In line with road licences, when collecting 9 points, the licence will be revoked. The aim of this is to reduce the level of repeat visits to help desks with the same problem and to make people realise there really is no universal right to operate a machine of immense complex operation without for engaging some form of intelligence and at least minimal learning.

....

sorry I was bored :)

Dave

Not gonna happen

At least, not in a democracy.

However, if Microsoft were to make Windows work like XBox and *require* all executables to be signed by an approved and audited supplier, then that would enhance security a great deal (not to mention general reliability - no more apps that decide to hog 100% CPU, for instance). I'd suspect that most users would opt for this over an "open" version.

Can you imagine the anti-trust suits that would fly? That's why it doesn't happen, even for drivers.

Internet Locks

It's very simple. Just force MS to put some GOOD internet blocking software in place (installed through the back door in their update manager), and viola, people must pass a government issued test and be given a strong key that lets them connect to the internet. And not just random keys that can be cracked; each user is given a new key, and then that new key is inserted onto the online database and deleted once used.

Linux and Mac users do not need to take a competency test, because they should know better, and at the moment are in no threat.

Though I do agree with one of the earlier comments about releasing old viruses that kill the OS itself, and making sure AV software does nothing about them...

analogy flawed

I mean if you buy a car you expect it to be safe and roadworthy for a few years. Most contries do not have test for a new car the first 2-5 years.

maybe we can demand the same from the OS producing companies ? You buy a new OS and then you know that you are safe ?

blaming everything on the users is just too narrow minded. Why don't most techies get it into their heads that most people don't care about PC's. It is just a thing to do whatever it is they want to do. Just like a TV, car, phone.

Maybe if we somebody would push the responsability towards the OS makers we would see some improvements or shifts of OS usage ?

Nanny State AHOY!

"It's a simple solution: unless you have special license to do do otherwise (issued simply by passing any of a dozen or so basic PC, OS, and security tests), you should only be allowed to use common accepted OS on the net. that OS must be open to be checked by your ISP for patch revision, AV, and other security settings. Should the ISP see you out of date, they only allow you to connect to the update site, and nowhere else, until patched. If your AV is out of date, missing, or in some other form non-sufficient, the ISP won't let you on the net, period. If they detect an infection (mass mailing, spam, DDoS, etc) you get cut off instantly. When you call for support, they'll tell you plain and simple to get clean, or stay off the net."

Shudder. Thank you for neutering all the users who ARE smart enough to know how to do these things, and choose not to. A few years back, there was a Windows patch I was specifically choosing not to get because they frakked up something with the firewire drivers so that firewire devices, including cameras, hard drives, etc, were no longer detected. Installing said patch would have completely messed up my firewire hard drive, which was something I used on a daily basis. Should I cripple an expensive piece of hardware I paid for to keep my OS up to date?

As for anti-virus, I refuse to run any. Period. Why? Because every single AV suite I've tried over the past few years, since 2003 onward, has done things that were at least as bad as viruses, if not worse in many cases. And for what it's worth, the only time I've ever been infected was, ironically, in 2003. I was away from my computer for days at a time when Blaster happened. I wasn't able to patch my system and got infected. I fixed it as soon as I got back in front of my computer. But the funny thing is, after that, Norton, which is what I used at the time, started causing my computer to BSOD several times a day for no reason. Symantec could provide me with no solution to fix it, and didn't understand why I left my computer on anyway, so I dumped them. I tried numerous other AV suites in the two years after that - Panda, McAfee, etc, etc. The only one I had ever work semi-decently was Pc-Cillin. Panda and McAfee both kept deleting files it deemed "malicious" that were actually legitimate exe's, causing me several wasted hours over the course of a few days trying to figure out what it was doing and why - even when I had purposefully turned off the auto-scanning and auto-delete options, which it persisted doing despite my repeatedly checking that they were, indeed, off. There's no legitimate reason for doing this, and such "features" have probably caused more harm to both experienced and inexperienced users who would be at an utter loss to explain why a piece of software they used every day suddenly stopped working (in my case, a legitimate piece of FTP server software). Now, PC-Cillin never did anything like that to me, but it had the unfortunate problem of bogging my system down - and it's not an ancient system, it was only a year old at the time - to the point where I couldn't play games. Once I removed it, the games ran fine. I choose to, instead of running AV software, not browse like a tardstick.

I pay my ISP. They don't pay me. They don't pay for my computer. I don't think they have any right to tell me to update my operating system or force me to run antivirus software 24/7. I've given legitimate reasons for not doing both right here, and I'm by no means the only person who has run into such situations. If I become a problem and start spewing crap, fine - sandbox me. And when I clean up my machine and figure out what the source was, that should be the end of it.

A friend of mine who lived on a college campus had to deal with AV and OS policies like this, and he ended up moving off campus partly because of those restrictions. He would lose internet randomly even when his software was up to date and oftentimes was unable to contact anyone in the IT department at those times, meaning he'd go for, sometimes, days without internet access in his dorm room. Would *you* like to try and contact your ISP at 3 a.m. when your internet suddenly stopped working? I wouldn't. I don't have time to do that at any time of day. And you know you'd start seeing massive outages when ISPs screwed up started killing connections to tons of people for no reason at all. That would be awesome.

It's ironic. The same people complaining about Microsoft's activation scheme are probably some of the same people proposing a system much more complicated and rife with the possibility for flaws and abuse if, god forbid, a malicious hacker got in and managed to screw around with the ISPs database.

As someone who considers themselves a competent computer user who can usually troubleshoot her own problems, and has never needed to call a helpdesk for something that's not beyond my control (i.e. ISP outage issues), I can sympathize with some of the sentiment of the whole issue of computer licensing. I'm on the receiving end of some of the stupidest hardware and software issues in computing history on a fairly regular basis too. But I'm certainly not elitist or arrogant enough to believe that computer licensing would solve this problem. Someone earlier said that the IT helpdesk people should quit posting here. I concur. They wouldn't have jobs if every person who operated a computer were an expert at doing so. I sympathize with them for not wanting to help users with stupid problems, but at the same time, at least they're getting paid to do so. And when they aren't helping people, plenty of them are getting paid to sit around and do nothing but play games and chat online and e-mail people from work.

I don't know how much more of this whole nanny state I can take. It's something new every day. I'd love to give all the "nanny state" proponents their own country and see how long that would last. I'm guessing not terribly long. And it would probably be a very boring place to live.

The car metaphor

Speaking of the very good car metaphor, here's one that happens endlessly to me:

At a family event/in the pub/at a reception/in a train, chatting with someone I've never encountered before:

- him/her: So, you're in IT

- me: yeah (not elaborating, too risky)

- him/her: I've just recently changed my PC. It was full.

- me: What was full, hard disk or memory ?

- him/her (baffled to learn there is actually more in a PC than a box, a screen and a keyboard): Errrr, it was just saying it was full ... So I bought a new one.

- me: ...

Now, let's do the same, at the very end of a driving license test, when the examinator is asking basic questions, to be sure he's not giving it to a dangerous maniac:

- examinator: Say, let's suppose a light suddenly lit, when you're driving, saying the petrol tank is near empty. What do you do ?

- candidate: I change it.

- ex.: What, the petrol tank ?

- cand.: No, the car ! I buy a new one because it's empty.

He's not gonna have the license, is he ??? If he did, we'd have even more deaths on the road ...

So, it's a darn good idea to get some tests, really. I'm up for it.

Moronic

The Fatal flaw in your logic is that, when unlicensed drivers get in accidents other people are affected. They may not get full coverage for thier property damages or they may get hurt or killed. The law is created to prevent others from injuring you. Not to protect the individual from himself

With computer incompetence this is not the cause. Sure thier infected pc may cause alittle mischeif on the internet, but anyone who would be able to pass your so called test should be able to secure their pc sufficently that this is not an issue. I myself have never gotten a virus,worm etc People think that they should be able to rely on the software and that will always be faulty logic, but if you combine software with some common sense you have a complete defense.

The type of law you are advocating takes away basic rights from the individual to do as they see fit in thier own lives, for their own protection. The government should not be our mother. People are so willing to give up alot thier rights in these days of fear and dread for a false sense of security. People who advocate this kind of law scare me, I fear where this country is headed.

I love this idea !!

This will get rid of 99% of *ALL* management !! I know one who had to get his secretary to update his PDA everyday because he hadn't a clue how to !! But he'll wave that damn thing around at meetings and dinner parties to show how "clued up about IT" he is !!

These are the same people that think chickens are produced, pre-packed and frozen, from the supermarkets and that fish do come in little rectangular blocks !!

PH because she's representative of that tribe !!

Another Viewpoint

One thing that no one has pointed out, is that it's not the users' fault. If your car has an electrical error and suddenly your alarm goes off, or you drive into a ditch, this is not your problem. When your computer is infected with a bot, essentially the Operating System was faulty to begin with, to let this happen.

Having a test is not necessary, all people who go through the education system learn how to adequately use a computer nowadays. It's the previous two generations that are causing more of these problems, and I believe mainly because of XP. Vista has taken a few steps in this direction (with UAC, which just happens to be the name of the bad guys in doom), but it isn't yet enough for me to be sure that Windows is a safe operating system. The amount of systems that I've seen running XP when they just can't handle it is depressing, these are often the worst PCs to fix, because they still feel broken once there are no errors.

I really think you missed the point when you wrote this article. Education is the reason that bots appear on the 'net, people don't know how to stop them. You teach someone how to cook before they use a cooker, how to read before you give them The Simarillion, why not PCs? Just educate people and the problem will change and we'll have different things to complain about.

What an idiotic article

only enforcing the slave mentality that we need 'controlling'

If computers are such a danger - come up with a solution to protect them from such attacks.

Most people don't have any inkling regarding computer security because its all made so complicated - by 'experts' - that they need to study just to understand it.

Most people fork out their cash on the understanding that they're buying a complete system, that they can then get on with their REAL job and leave the computer to do what its supposed to.

Most people are then rudely surprised to find their expensive system is incompetent - by incompetent design.

Any good protection system will run automatically, by default, any handle any and all threats. Any modifications needed by a simple but clear gui, designed with them in mind.

So far I haven't seen any system that can do this. But then it wouldn't be in the interests of AV system designers to do this, would it?

@JohnG

>...live in a house. You have to be able to fix basic problems like faulty plumbing or electrics.

Nonsense. You *DO* however need to be able to spot plumbing or wiring problems and get someone in to fix it before it floods your basement/downstairs neighbour, or set the house on fire (as applicable).; if you can fix it yourself, more power to you. Those matters can inconvenience more people than just yourself unless you're living in a sufficiently remote freestanding house (computer equivalent: standalone, not connected to the Internet).

>....drive a car. you have to be able to fix basic problems like failure to start due to loose wiring to ECU.

Nonsense again. You *DO* however need a license to show you're able to control a hefty lump of metal weighing a couple of hundred jubs at speeds of up to 1000 brontosauruses/hour and not inconvenience others who're doing likewise too much.

>....use a camera. You have to be able to pass a test of all the basic features like use of Program mode.

Who exactly are you inconveniencing by not being able to do that?

>...use a cooker. You have to pass a basic cookery course.

Same.

>...use a mobile phone. You have to pass a test in the the current SMS jargon and know how to setup MMS and data features.

Same.

The licenses, you oaf, get to apply when there's interaction with a larger group of unspecified 'others'.

@Michael: The other Guy Kewney seemed more competent ...

>My 8 year old, special to his parents but just an ordinary child, uses a computer,

>without any AV software installed, and, with nothing more than simple advice.

>He's never installed a virus, clicked a link that took him to some mythical ha><0r >page, clicked a link that asked him for his details which he then has given away.

And all of the legitimate, non-iffy pages he (or you) has visited, is visiting or will ever visit will never be compromised, surely?

Can I have your IP number, so that I can add it to my firewall blocklists?

Decent advice, but you're still an idiot.

Education

Education is the simplest and more realistic solution.

If everyone had a huge incentive to use circular saws, would we then require everyone to be licensed for saw use, or would we just make sure that people were properly trained in school?

This mentality needs also to be applied to gun use in America. If it works for birth control why won't it work for guns?

The underlying issue is that everyone believes everyone else is stupid, yet few will recommend education. Ironic really.

@Education

>The underlying issue is that everyone believes everyone else is stupid, yet few will recommend education.

Waste of effort.

I do not believe everybody else is stupid. I *KNOW*, from my 20-years-in-IT experience, they are. Simple as that.

If people had to use circular saws, then they would also use them to clean their toenails. And in the US, they'd then sue the manufacturer for putting such a dangerous device on the market.

@Nice try, but you evidently don't know the first thing about security...

My firewall blocklists serve more than just that one purpose you tried to infer from their name, dear twat. And rather than have all sorts of config files here and there I put some effort in allowing me to be lazy.

I also reserve the right to deal with known threats differently than I would deal with the Internet at large.

User educaton can only go so far.

Because the average user just wants to do stuff, not learn stuff.

Until the IT industry provides a simple+safe+secure computing environment we can hardly blame the users.

No favours from the OS or ISP for that matter

Case 1

When I set up my girlfriend with a new computer and Broadband connection I was flabbergasted when the ISPs broadband installation disk seemed to freeze halfway through and I noticed the network was maxed out. I killed the connection and ran some tools - 7 trojan's installed withing 30 seconds. I ended up going home getting an SP2 disk re-installing the OS adding AV & firewall and reconnecting.

Case 2

I have spent the last 5 years constantly having to re-install my parent's XP system. Usually within two weeks the thing is riddled with spyware & malware rendering it useless until my next visit. In November I decided to install Mandriva 2007 instead. They don't have root access obviously. I showed them how to do the things they used to do on windows. I have not had a single computer support call since apart from what printer cartridge to buy. Looks like a result.

Case 3

A friend has 4 boys aged between 8 - 15. Her Windows PC has never worked properly for more than a couple of days. I installed Mandriva 2007 last October, the kids loved it - especially the compiz fusion eye candy. The machine has been rock solid since.

I guess if everyone in the world switched to linux we would soon start getting many more viruses etc targetting the OS but the locked down paradigm of the OS makes it much harder for the spammers/ scammers to get a foothold - although people will always be prone to social engineering.

finally - I don't currently run a linux OS (although I have in the past & will in the future) - I am using XP pro. I work for a company who writes nothing but windows apps so I need all the dev stuff installed. Then again I won't touch IE (opera & FF) if I intend to do unfettered web surfing I use a VM.

Personally I think your article is totally idiotic but I defend your right to make yourself look a complete twat in public.

PS how would we tie these licences to the person? ID card anyone?

lets go for it

.....the internet is dying off anyway, so lets go for it.

Between goverments telling us what we can and can't do, what we can and can't see, can and can't hear online, the internet is going that way anyway.

Hell, with the music industry is starting censorship at isp level, by telling ISP's to filter out content that the music company raises an objection to. Just because they have money and power they expect for their content to be given special favour. Next, religious groups will tell isp, to include their content in such filters, next....political parties....next your local next door gangster will take it to the highest court in the land to prove that if these people can have filters on their info, he wants one to.

Meanwhile, the general public, will give up on this b/s, and move to a grey market, where, due to laws passed, anyone can set up an isp by renting backbone space of a filtered isp, and have the isp filters removed. Small startup companies start providing un filtered content, now called the free internet.

More people then ditch the old internet, in favour of the free internet. the old internet becomes a shambles, caught up in patent like lawsuits, where everyones rights must be accommodated,

And the cycle starts again........

As for the sandboxed pc....

Smiles. Well shucks why stop there.Why not have a yearly insurance, based on how risky your pc is to the net, based on your isp observations as compared to a goverment scale. Points can be added for poor performance or lame choice of software. Software that does not come with an RIAA seal, adds 5 point to your premium. Bad surfing habits, or visitng prohibited sites, as set down and established by the multinationals and goverment, can result in a new DMCA provision, resulting in the loss of your PC, and those of any possible friends you may know.

Microsoft and intel, merge to form and manufacture, safe to browse pc's. PC's and macs, that conform to goverment standards, on internet use. Goverment standards being driven by multinationals.

Is this far off in the future. Maybe not. Think, of isp filters already blocking P2P connections, and inbuilt hardware to cripple a pc based solely on new DVD's, all with goverment and court approved backing. Think of current USA and UK ideas on ID cards, and their displeasure of something that is free and open for everyone. Given the money that multinationals place in the coffers of goverment, for political reasons, the link that is forming is uncanny.

The internet used to be place for freedom, the one place you could actually get to do and say what you wanted. Where, for that one instance, in that small period of time, that true freedom was free to all. Current laws catch up quick, and benchmarks in privacy are being quickly established and pushed beyond what current internet users expect. These new benchmarks have allowed government and multinational to push inside to the very core of your pc and browser habits. Once an outrageous benchmark on a persons privacy becomes established, the door is wide open to impose another. Pretty soon people forget that they had rights, and much worse, forget that they pay for this, and have the right to say no.

Definations

Spamer/malware/spyware: Does not care who you are, where you are, what you do, just wants to own you and make a fast profit. Will try to continue it's relationship with you.

Multinational/RIAA: Cares about who you are, wants to target you and your demographic range, wants to own you for the life of it's DRM, and make a fast profit. Will ditch you as soon as it sees you as a revenue failure.

Goverment: It needs to know you, it really realy wants to know to you, as long as it knows what your doing and when and with whom, it's happy. Does not care about your wants and needs, you must obey it!!! Wil never ditch you, will never leave you, you are a constant revenue stream. Inventor of benchmarks, and sandboxed PC's.

Read the article!

I have been reading Guy's articles for about 30 years, and I think he has a reasonable, balanced view of what has happened in the computing world in that time.

I think that you all ought to re-read the article (not just other peoples comments), because it is documenting a crisis of viewpoint (his), which I believe that many people who have been around long enough share.

He admits that what he is presenting is against his previously held views. When the 'net was new, it was largly (although not exclusivly) people who had an interest in the computers themselves who used it, and could thus protect themselves from the neo-vulnerabillities that were around at the time.

Time moves on, and the threats are now much more 'dangerous', the systems more complex, and the users more naieve. And the 'net is a more important part of our lives than ever before. Something needs to be done to prevent it being owned by malicious people, and he was presenting a possibe path as a talking point (and, boy, did it succeed).

But respect his experience. He knows a lot more than many of the journos out there. Don't call him names because he has raises an unpleasent option that neither he nor the rest of us really want. Try coming up with a workable solution yourselves that doesn't anger one of the parts of our community.

Power to you Guy, and I hope I will be reading what you write for a long time.

Braziiiil....

Hmm – I can imagine the adverts in the BA business lounge and Eurostar. “Come to Britain, leave your laptop and smartphone at home cos you don’t have a BritGov approved license to operate them here”.See how quickly Britain becomes the laughing stock of the business world. People already hate going to London because of Heathrow and airports in general due to “terrrrism”. Having a China-esque connection policy is going to drive businesses out in their thousands.

Has the uber-authoritarian Blairite streak gotten so entrenched in Blighty? Do so many of the commentors genuinely think “Big Government” can regulate every OS, device and connection in the country?

Oh, and I assume all the “pro” commentors assume they’ll be on the “white” list. Think how quickly you’ll squeal when your connection gets knobbled.

“Oh, sorry Mr Buttle – or is that Tuttle. Just get yourself down to the Dept of Connections with a valid 27b/6 form and we’ll get you a refund”.

Get off of my Internet

You've gone and fouled my Internet up. At this point, licensing all of you "end users" isn't going to help, so I've decided to shut the whole thing down...make your time....

Get real...

The author may or may not have done some decent work in the past – but this suggestion has me scratching my head. Reality and this suggestion might have bumped into each other in a darkened corridor – but they didn’t make eye contact and most certainly won’t get to know each other intimately.

At home I have running boxes with Win2k,Xp,OSX,WinCE, a Blackberry, Wii with wifi dongle, and a PS/3 all connected to the interweb. I have net ready LiveCDs for Linux and WinPE as well, and obviously a POS home wireless/router with which I can malconfigure dyndns if I wanted. Not regularly on I have a bunch of VMs for Server2000, 2003, and Vista. There’s a tablet PC with Win98 kicking about. Oh, and my NSLU2 which is Linux of course. I’m *never* going to bother to pay to get or keep current some piddly little Govt backed “certificate” saying ..err…what exactly??

Case in point.The Win98 tablet is no longer supported by the OS vendor – would I not be allowed to use it any more given that I assume this certification would be linked to the life cycle of the OS? It would have to be linked when you think about it. I bought the tablet 6 years ago, it works fine for what I want it to do. Imagine the revenue incentive M$ would have if it could EOL Windows2000 and XP and force everyone onto Vista off the back of Govt enforced certification? “Mr Bloggs is running an unsupported OS, off with his broadband!”

Then there’s the application layer. Windows LiveUpdate *can* inject updates for 3rd party apps, but no company I’ve ever worked for is going to allow MS to f*ck with their apps – even if a hefty percentage of them are out of vendor support.

If this ever got to Govt level, I guarantee it will go the same was as key escrow – a fluffy bunny utopian idea that has as much chance of flying as a migratory bird with a coconut tied to its feet.

Diversion tactics

Anything to divert attention from the incompetencies of our political overlords...