|
Assess Current Reality :: Impact Zones
|
|
|
OPO! GPSync MapXchange Posting Title
|
|
File-ID: CIAP-Mindshifting-Panel_4313am.xls
|
Over-Simplifying a Complex World
|
|
Public Under-Educated :: Past -vs- Future Prep Focus
|
|
Cyber-Threat Legislation :: New Laws & Funding
|
|
Regulations stress punishing vs. healing
|
|
C4I Mindset :: Command + Control + Communications
|
|
plus Current Intelligence (InfoWar = Pandora's Box)
|
|
|
|
|
|
PC Users
Deserve A Free, Simple Service To Handle All Threats
|
|
|
|
By WALTER S. MOSSBERG
|
|
|
|
If you are a consumer with a Windows PC and you have
installed all the software recommended to protect your computer, you probably
feel like an overwhelmed, underarmed security guard. You get flooded with
warnings that bad things are happening, but it's hard to decipher the
warnings and even harder to know what exactly to do about them.
|
|
|
|
The well-equipped Windows XP machine today has at least
four alarm systems in the so-called system-tray area at the lower-right
corner of the screen. And all of them vie for attention.
|
|
One minute, your antivirus software will pop up with a
warning that some virus or worm has appeared on your machine and may -- or
may not -- have been deleted. The next minute, your firewall program will
tell you that somebody is trying to hack into your machine over the Internet,
or that some program you've never heard of is trying to phone home.
|
|
|
|
Next, Microsoft's Windows Update program might yell at you
to download some "critical" updates or else scary things could
happen. And then the newest type of security monitor, an antispyware program,
might alert you that some lowlife company is trying to hijack your Web
browser's home page, or install some invisible software that tracks your
activities online.
|
|
|
|
And that scenario doesn't even include the notifications
you get from your antispam program that new, fraudulent, pornographic, or
just annoying junk e-mail is waiting to be reviewed. Nor does it include
reports you may be receiving from a popup-blocking utility that it has
squelched another effort to stuff an ad in your face. Oh, and some of these
"security" programs will also prompt you periodically to download
new components to help them keep up with the threats, and to renew your
annual paid subscription to these updates.
|
|
|
|
You have to buy each of these things separately, because
each takes care of only a narrow slice of the growing problem of criminals
and slimeballs who want to invade your computer. Antivirus programs can't
stop hacker intrusions or recognize spyware. Firewalls and spyware programs
can't detect viruses. Windows updates close vulnerabilities the criminals
use, but don't clean up any damage done.
|
|
|
|
Yet, few consumers really care whether an invasion is
classified by the experts as a virus, a worm, a Trojan horse, a browser
hijacker, spyware, adware or just spam. Focusing on the difference between a
virus and a spyware program is like focusing on what kind of lock-picking
equipment was used by the burglar who just broke into your home. The experts
may care, but all you know is that you feel invaded.
|
|
|
|
What we consumers need is a simple, unified protection plan
to counter all of these threats. And the computer, software and Internet
industries have badly failed us in this regard. They would rather dump the
security mess in the laps of users than solve it at the level where a
solution really belongs: in the operating system, or the hardware, or the
online provider's servers.
|
|
|
|
Not only that, but members of the techie class that runs
these industries, and the IT departments at big companies, have been quoted
recently as blaming the security problem on average, nontechnical users. If
only these stupid users wouldn't open e-mails with hidden viruses, the
techies say, the trouble would go away.
|
|
|
|
Well, I have a word for these contemptuous techies: Save
your energy for solving the problem instead of blaming its victims.
Mainstream users shouldn't have to be IT experts to operate their computers.
|
|
|
|
Instead of lectures, consumers need Microsoft to build into
Windows an effective, free, constantly updated security service requiring
little or no user intervention. This service would fend off all kinds of
threats and invasions of privacy, including viruses and spyware, without
getting all tangled up in academic distinctions.
|
|
|
|
I don't mean the kinds of software-security suites now
available -- bundles of individual programs. I'm talking about a truly
unified, seamless service, controlled and maintained over the Internet, that
would take on the whole problem.
|
|
|
|
Microsoft has made untold billions from the court-certified
monopoly it holds in operating systems, and its poor security designs have
contributed hugely to the problem. Plus, the company fought for, and won, the
right to keep adding new functions to Windows, in the slap-on-the-wrist
antitrust settlement it was granted by the Bush administration. So, it owes its
customers a solution to the security mess.
|
|
|
|
If Microsoft won't step up, there are opportunities for
others in the industry to deploy the same kind of unified security service
for consumers. I think many people would be willing to pay a reasonable annual
fee to anyone who would take responsibility for securing their PCs.
|
|
|
|
If Dell or Hewlett-Packard built such a service into their
consumer PCs, they would distinguish themselves from competitors and earn
huge customer loyalty. The same goes for AOL or EarthLink, or the various
purveyors of cable modem and DSL service. Ditto for the two big makers of
security software, Symantec and McAfee.
|
|
|
|
All of these companies now offer fragmentary products and
services, but none offers to shoulder the whole burden. It's time somebody
did.
|
|
|
|
Write to Walter S. Mossberg at
mossberg@wsj.com
|
