Wheres the Review?

By Larry Seltzer  |  Posted 2008-08-16 Print this article Print

The first several pages of the story are not a review, but a story on online threats and how you can protect yourself ("Protect Yourself Online. The Biggest Threats & The Best Solutions"). It's filled with data sourced to eMarketer, a market research firm. The data in the story, including all of the claims of prevelance of threats and so on, therefore come from self-reported survey results from the general public.

As an IT professional-as I assume most eWEEK readers are-ask yourself if you would trust the average computer-using consumer to accurately report what security software features they are running and what threats they have suffered from. Me, I wouldn't trust them, but CR does. Thus we learn that "...the rate of serious spyware problems has declined 54% and serious virus problems 32% over the years that we've tracked them." The only malware terms the story uses are spyware and viruses, so I will assume that "virus" here also means trojan horse malware, the dominant form, and I'm pleasantly surprised to learn that it's been on the decline for a while, as has spam according to the story.

On the other hand, it reports that 1 in 94 households had monetary losses from a phishing attack in the past 2 years. That sounds high to me. Mind you, another research report from eMarketer, dated August 6, claims that the online identity theft threat is overstated: "The actual risk of having your identity stolen online is not as high as many people think," said Susan Menke, senior analyst at Mintel, in a statement. "Financial services companies are trying to reassure consumers, but their marketing messages aren't sticking. Companies need to find innovative new ways to convince Americans that their identities are secure online and when using e-mail." I'm confused; is it a big threat or not?

The pitfalls of having end users report on security create havoc all over the story. When the survey shows that "36 percent didn't have an antispyware program, and 75% didn't use an antiphishing toolbar" I'm extremely suspicious. Many who are running anti-virus software probably think they don't have an antispyware program, yet they certianly have a great deal of antispyware protection, and in fact the distinction between anti-spyware and anti-virus has always been a phony one. And while neither IE7 nor Firefox 3 have an antiphishing toolbar as such, both have live antiphishing protection. Is CR saying that 75% of users are not using those versions? I suspect not. So are they saying it's better to have it in a toolbar? Right. The only reasonable conclusion from this data is that CR's authors and editors don't understand how security software or browsers work these days.

The story also has numerous tips for users to avoid security problems and a list of 7 blunders users make. Many of these are well thought out, but a few are overstated or just plan bewildering. Consider this advice: "Use a separate credit card just for your Internet shopping, as did 7 percent of resondents to our survey." Why? What does this accomplish? Someone, please let me know.

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel