Bloody rubbish
'Two unnamed vendors were behind 87.9 percent of expired anti-virus subscriptions, largely because the software was foisted on users as bloatware on new machines.'
Do I hear the name 'Norton'? Who's the other one?
Users who don't update their antivirus may as well uninstall it according to infection rate statistics published by Microsoft. Redmond said in the seventeenth installment of its Security Intelligence Report that machines with outdated, deactivated or expired anti-virus platforms were just as prone to infection as those without …
Also .... are there any attempts at Linux viruses/malware out there? I assume that most 'ordinary' people running Linux are not running as superuser, unless they make an occasional sudo effort while system wrangling or if they are foolish.
Geeze, I forgot to address the original question.
The rate is present, low to mild. Most people who know how to operate their Linux boxes know enough to avoid letting something be run as root. That leaves malware at the user's permission level only (save for some sploits).
If it has an OX, it can be compromised. Most often via the stupidity of the user and we've all had our moments.
These days, I'm at the point that when my firewall gripes about malvertisement from a particular site, I quickly sudo vi /etc/hosts and redirect them to 127.0.0.1.*
*The hosts file isn't big enough yet to merit the usage of emacs. :P
"Geeks, nerds and fanbois run Linux. Ordinary people run Windows or OSX."
You mean sub-ordinary people. Power users and network types use Linux, *BSD or OS X.
Oh well, at least this OS X machine comes with Apples built-in antivirus.*
Microsoft has their own free offering, it's not the best, but it beats a stick in the eye or a rootkit on the machine.**
*Yeah, there really is built-in antivirus on OS X, though it's indistinguishable from having no antivirus software, it's so efficient.
**OK, I've manually killed rootkits as too. Still, some can be annoying, having watchdog processes that have to be hunted down one by one, then simultaneously terminated.
You know, the fun ones. ;)
Users who don't update their anti-virus may as well uninstall it according to infection rate statistics published by Microsoft.
User who don’t update their operating system away from Microsoft, may as well install virii themselves, according to infection rate statistics published by world + dog.
"User who don’t update their operating system away from Microsoft, may as well install virii themselves, according to infection rate statistics published by world + dog."
I've had *nix admins proclaim that Windows is a virus. I disagreed and defined a virus for them and they were forced to agree.
A virus does something.
Uninstall all the bloatware, all the "hey this is free" for three months and then we sting you and all the stuff which will cost aunty dear.
Then install the free equivalents.
Set up her up with an email account.
Send an email to yourself from her account and reply to her with all the contacts you have that she might be happy to have, cc'd so they can see she's finally made the step and get in touch.
Bookmark some choice websites
Instruct her on the ways of the internet and how the pit of despair is bottomless, unlike most of the images she will stumble upon.
Yeah, and not just aunty, of course.
My late mother took up computers in her 80s- without, of course. asking me what to buy etc. Trusting a crony to tell her what to get. (Expensive, full of crapware, and with lots of optional stuff that she'd never use). So as soonas I got teh chance I did all of that, and added some remoting in software, too. So that I could sort stuff out from 200 miles away. After the same crony used it ( suppsedly said crony was helping her, but that's another story) but who allowed all sorts of malware in, as well as messing the PC up big time.
Good free AV software, with automatic updates. No Admin rights. And a button ( icon) marked "help" if she was having problems.
I'm not shocked by the article.
I am shocked that only 0.5% of non-domain computers with antivirus report an infection. That seems FAR TOO LOW. And considering that NO protection gets you only 2-2.5% infection rate, I'm still not at all sure that the performance hit of antivirus is worth it.
Interesting that they don't publish statistics on "domain" computers (even if they could only find domain computers WITH antivirus) - presumably those machines are much more well managed by the simple assertion of a handful of security settings rather than loading up everything with antivirus.
To be honest, all those stats show are that antivirus is pretty much a waste of money. Use a free one and forget everything else. The free ones won't expire because you haven't paid your Norton tax, and people are much more likely to have installed them in the first place.
I was remote-fixing a machine only yesterday where they couldn't download TeamViewer because of the spam they were getting in their browser whenever they went to a download site. I asked what they ran. Norton. And they were due for a renewal. So I uninstalled it and gave them Comodo Free, given that Norton had obviously not worked at all.
What would be interesting is to know the infection rate of people NOT using AV but using a few simple safety rules: don't use IE, don't browse dodgy sites, don't install random crap downloaded from anywhere, think twice before opening a mail attachment.
It takes some education to really do these, and anyone can fall in a dodgy site thinking that it is legitimate. But with the above four alone cuts the infection rate a lot without even using AV.
"...don't use IE, don't browse dodgy sites,..."
Sorry, doesn't hold true any longer. Malware is being served up in advertisements on otherwise honorable sites. Such as CNN, BBC, PRC government website...*
*OK, that last one is a joke, the first two are not. The get the malware ads tossed when they find them, but the malware folks now are quite well funded. I'll not even go into adrotator.*, I've got quite the number of entries in my hosts files, due to annoyance at my firewall griping at me.
And yeah, I do surf dodgy sites, but I wear a Computer Condom and have a rather expensive hardware IPS as well. My home network is a full enterprise environment. To the point where I receive thank you cards from my local electric company.
A good ad-blocker.
I do find it strange how little work the advertiser networks seem to do on preventing the virus-laden adverts, as if they don't they will die.
I generally give a site two strikes of an annoying advert, then Adblock goes back on.
- Also, Adblock is a great little tool for blocking other types of annoying content.
Isn't there a possible selection bias here, that people who don't bother or don't know how to keep their antivirus up to date, are more likely to get infected by some kind of malware?
Those of us doing the tech support for auntie are more likely to; have up to date AV, not use IE6, run an adblocker/plugin blocker, not click on get rich quick schemes etc.
Even if you keep your AV up to date with a valid license, it may stop working if you travel to an embargo country or in the same IP range. Norton/Symantec antivirus does that and they have confirmed this in writing as well:
https://twitter.com/NortonSupport/status/516775594776743936
"Users who don't update their anti-virus may as well uninstall it"
Or, if you look at the actual numbers, users who don't update their antivirus still get around 25% fewer infections than those who don't have it at all (I make it around 2.4% to 1.8% eyeballing it from the graph, actual numbers don't seem to be given). Sure, you're a lot better off keeping it up to date, but there's clearly a significant benefit from having out of date protection than none at all.
It's also worth keeping in mind that this refers only to users of Windows 8, and only those who have both downloaded the Malicious Software Removal Tool and opted to send information from it to Microsoft. Obviously I can't say how that will affect the results, but it's not exactly a randomised representative sample.
Two unnamed vendors were behind 87.9 percent of expired anti-virus subscriptions, largely because the software was foisted on users as bloatware on new machines.
OR
Two unnamed vendors were behind 87.9 percent of expired subscriptions, largely because the users of the computers failed to grasp what the virus protection was for or how important not having an up-to-date copy was and so when their three month trial expired and they were asked for the first annual subscription they clicked on "no thanks" and then took no further action to obtain and install an anti-virus solution of any sort.
I don't know if my version is any more correct than the author's, but since the author offers no evidence to support the attributed motives to the people in question I reckon mine is just as valid and I'd bet money on it being closer to "the truth" since anyone caring about "bloatware" would surely be savvy enough to install something to do the job.