Sponsor's Message

I'm talking about the myriad of PCs that are running insecure versions of MS Windows and the millions of users who refuse to take commonsense precautions against infecting their computers with viruses, worms or trojans.

Even if (as discussed yesterday) Bill Gates tries his hardest to fulfill the promise to eradicate viruses within a couple of years, the problem won't go away anytime soon.

Unfortunately there's a huge percentage of people who simply don't need to, or can't afford to, upgrade their operating systems and applications to newer, more secure versions, hence they will remain a menace to other Net users for quite some time to come.

Then there's the fact that some of these people are running versions of Windows that are now no longer sold or supported by Microsoft and, because they're using such feeble hardware, there's no practical and affordable upgrade path.

So, the way I see it, Bill only has one option if he's to come clean with his promise to kill the viruses -- fix the vulnerabilities in his current crop of OSes and applications PLUS come up with a totally secure version of something as old as Windows 98 and give that away for free.

Unfortunately, as past experience has shown with the ready availability of free patches, even this won't really solve the problem because a small but significant number of people won't bother installing any kind of patch, fix or replacement OS -- even when it's 100% free.

Readers Say Got something to say about today's column, or want to see what others think?  Visit The Forums Have Your Say

And what about user-education?

It's a sad fact that he most secure OS can have its protection mechanisms circumvented by a stupid but determined owner.

Even if *nix-type controls were implemented so as to restrict user-level access to key (potentially dangerous) operations, all the virus-writer need do is pop up a dialog box explaining that the user should login in as root to continue the process -- and more than a handful of dullards would do just that.

As I've mentioned a few times before, the "average IQ" of net users is dropping as it becomes a more mainstream tool. Go back a decade and most Net users were tech-savvy, the kind of people who didn't have to be told twice not install unsolicited software that arrives as an email attachment -- or to update their software to fix security vulnerabilities.

Now we have a whole heap of people who are unfamiliar with the limitations of technology and, because they know no better (despite being warned) are more than happy to log into fake websites and hand over their eBay, banking, PayPal and other passwords. These same people think nothing of double-clicking on attachments containing the name "ParisHiltonSexVid.mpg.exe" and infecting their PCs with goodness knows what. They even buy stuff from spammers for goodness-sake!

So how do we address this problem?

I've mooted the prospect of a "surfing license" before, wherein people would have to pass a test to prove that they have an understanding of the basic safety measures needed to keep you and your computer safe on the Net. I don't think this will fly however.

Perhaps a better idea might be to have two Internets.

One Net will continue to operate just like the existing one with (providing you pay your ISP) free-for-all access.

The other Net would be "by admission only" and require users to have passed a certification programme that verified their ability and preparedness to keep their computers properly maintained, not to buy from spammers, to recognise and delete viruses etc.

The Net-elite could then enjoy their online experience without the growing hassles that the really stupid people inflict on everyone else.

Of course, setting up such a system would cost more and you'd have to pay more, but, when your PC is being flooded with spam, viruses, phishing expeditions and malicious port-probes, wouldn't it be worth paying more for a little peace of mind?

Nahh.. it'll never happen.

If any Aardvark readers want to share an opinion on today's column or add something, you're invited to chip in and have your say in The Aardvark Forums or, if you prefer, you can contact me directly.

Contacting Aardvark
I'm always happy to hear from readers, whether they're delivering brickbats, bouquets or news tip-offs. If you'd like to contact me directly, please this form. If you're happy for me to republish your comments then please be sure and select For Publication.

Other media organisations seeking more information or republication rights are also invited to contact me.

Just add a couple of lines of JavaScript to your pages and you can get a free summary of Aardvark's daily commentary -- automatically updated each and every week-day.

Aardvark also makes a summary of this daily column available via XML using the RSS format. More details can be found here.

Contact me if you decide to use either of these feeds and have any problems.

Linking Policy
Want to link to this site? Check out Aardvark's Linking Policy.

Did you tell someone else about Aardvark today? If not then do it now!