The antivirus paranoia culture

Recently, I’ve spent some time looking at the computer section of Yahoo! Answers, and it’s a fascinating place from a sociological perspective. If the questions and answers popular there are indicative of what common attitudes and practices are among Windows and Mac users, then this is how a typical user operates:

  • Install free antivirus software
  • Install Limewire and use it to download copyrighted songs and movies as well as software cracks.
  • Run as administrator all the time (no limited user account).
  • Get infected with a virus or rogue.
  • Ask for suggestions about a better antivirus.
  • Consider that maybe paid antivirus solutions may be more effective than free ones.
  • Consider that Frostwire may be safer than Limewire.
  • Switch antiviruses.
  • Switch P2P application.
  • Get infected again.
  • Try to remove the infection with MalwareBytes.
  • Spend hours trying to remove infections with various other programs.
  • Eventually give up and reformat entire drive without backing up files.
  • Continue cycle.

There also seems to be a popular misconception that Windows’ malware problem has to do primarily with its popularity and not any flaw in security (like running as administrator by default all the time). So when a trojan (which requires user stupidity, not a flaw in the security of the operating system) appears for Mac OS X, the Windows users on Yahoo! Answers say “Aha! See? Macs get viruses too. They’re no more secure than Windows” and the Mac users on Yahoo! Answers say “Oh, no. What antivirus should I use to protect my Mac? I thought Macs were immune to viruses.”

I hope you see the problem here. Antivirus software companies may not be so nefarious as to actually create viruses (though maybe they do—we don’t have any irrefutable evidence either way), but they have definitely created a culture of paranoia and not just healthy fear.

Most computer users are paralyzed when it comes to security. They have no concept whatsoever as to what makes a computer secure or insecure. They just think “If I run ‘the best’ antivirus software, I can do whatever I want and my computer will be safe.”

Yet, I’d be willing to bet that most of these people would be better at spotting a fake valet before handing over the keys to their cars and would know better than to actively seek out burglars to give out their bank ATM cards and PIN codes to.

What can we do to turn around this culture of paranoia and turn it into proper, healthy fear properly channeled through education and good practice?

I used to be part of this culture, back when I was an exclusive Windows user. I got malware of some kind and panicked. And I thought if I just got a “better” antivirus and changed from Internet Explorer to Firefox that my security would be so much better.

It wasn’t until I got more familiar with the worlds of Mac OS X and Ubuntu that I realized privilege separation matters. Yes, it’s theoretically conceivable that malware could infect a limited user account if it were designed that way, but if it did and was detected in a short amount of time, then it could be easily removed. Malware as it is now thrives because it digs deeply into the Windows system files so that booting into safe mode or trying to use system restore to get rid of it isn’t enough. If you use a limited user account, no system files will be affected, and if malware were ever designed to affect a limited user account, you could just delete that account and carry on.

More importantly, the paranoia comes from a total lack of understanding about how computers become infected with malware. They have the same understanding of computer diseases that “doctors” had about human diseases centuries ago. It’s a bad humor. It’s punishment for doing something evil. It’s not germs you actually have to come in contact with.

A lot of malware comes in not through software flaws but through user flaws. Social engineering is a great way to get malware installed because Microsoft, Apple, and Linux developers can do nothing about it through better programming. If you can trick the user into installing “the codec you need to watch this video” or “this pirated version of iWork” or “this cool new software,” then any kind of built-in security goes out the window.

Couldn’t these users who suffer from such paranoia and ignorance save themselves a lot of heartache if they did a few simple things?

  1. Use a limited user account in Windows
  2. Take ten minutes to read up on social engineering and how not to be a victim of it
  3. Back up personal files regularly
  4. Use Norton Ghost or Acronis True Image to image a working installation so a reinstall wouldn’t take so long
  5. Install system security updates

The way a lot of people run their computers, it’s like having rampant unprotected sex and then getting an HIV test every six months. That won’t stop HIV! Get a condom! Computers have condoms too, even though Microsoft doesn’t make them very easy to put on.

Sometimes Linux users crack me up

Hey, I’m a Linux user and have been for over three years. I love the community. They’re helpful and giving. They’re often idealistic. Sometimes, though, they’re a little bit crazy.

Recently, Best Buy has started stocking boxed versions of Ubuntu in many of their stores. When news of this hit the Ubuntu Forums, there were forum members claiming that selling Ubuntu violated the GPL, that Best Buy was immoral for selling free software, that ValuSoft couldn’t really be an official Canonical approved software partner and thus should be sued by Canonical for trademark infringement.

Come on! This is a good thing. The GPL provides for selling free software, since the “free” refers to freedom, not cost. Apart from the fact that Canonical on its website officially announced ValuSoft as a new partner, there’s no way Best Buy would sell software that was from some shady company blatantly infringing on trademarks. Best Buy may have some sketchy business practices, but I’m sure their lawyers make sure nothing is illegal… or at least not immediately obviously so.

Yes, Ubuntu can be downloaded for free, but not everyone trusts free products, not everyone is aware of software unless it’s available at a store like Best Buy, not everyone has a fast enough connection to download a 700 MB file, and not everyone knows what to do with a downloaded .iso file anyway. Never mind that the boxed Ubuntu comes with a manual and 60-day support. You can read more about this deal at ComputerWorld: Best Buy stores to sell boxed version of Ubuntu Linux.

And then there’s our good buddy, Hans Reiser, creator of the ReiserFS filesystem. When news hit that he was being charged with his wife’s murder, Linux users on both Ubuntu Forums and Linux Questions came to his immediate defense (Why? No Linux developer can be a murderer? Why not?) and started being all arrogant about their peanut gallery policework, citing the lack of a body and all the evidence against Reiser being circumstantial. Even when the prosecutor announced they were going to make a deal with Reiser to reveal the body’s location for a reduced sentence, some Linux users were still insisting that the prosecutor may have just pulling this deal out of nowhere, and it doesn’t mean Reiser actually knows where the body is.

It wasn’t until Hans Reiser actually did reveal the location of the body that Linux users realized en masse, “Oh, wait. He actually did kill his wife.” Yeah. Everyone’s got an opinion on the guilt or innocence of people involved in public trials. Everyone’s got a conspiracy theory and wants to make it seem as if the police and courts are totally inept. Yes, of course, if only the justice system were in the hands of Linux users—then real justice would be done.

No. We’re all human. That means Linux programmers can be murderers. Linux users can be wrong. The police and courts can sometimes mess up things and sometimes get things right.

My fellow Linux users, let’s hold off before jumping to conclusions. People already think Linux users are crazy geeks. Don’t provide more fodder, please.