Mr. Rapoza,
Thank you for writing this article (Idiocy Imperils the Web). You managed to sum up 5 years of frustration into a light, one page read. Im tempted to hang the article in my cubicle, but I doubt the suits would appreciate it. I guess it will have to be just “our little secret”. But, really, thanks… its good to know Im not alone.
Thanks!
Rob Carroll
Jim:
Im writing to comment on your commentary on the idiocy of opening virus-laden attachments. I agree with what you say, but I also think that well never be able to get rid of idiots. Because of this, we have a very simple policy here thats more effective than anything else at preventing infections. We never are infected with e-mail-borne viruses. How? We simply quarantine all attachments that are executable files. The users still receive the e-mails, but they dont get the attachments. If the user knows that the attachment is safe, we can pull it out of the quarantine, but this almost never happens. How often does the typical user need to receive an executable file as an attachment? Even if it doesnt contain a virus, its probably something that the IT department would prefer not be installed on the users computers. Just to be safe, we also have a strong anti-virus program running as both an Internet gateway, and on the users workstations. But, because of our “no executable attachments” policy, it has little to do. Even though we do get a ton of attachments every day, we have no need for executable attachments. I imagine that most companies are the same, and am surprised that this isnt suggested more often as good policy.
Dave Taliaferro
Page 2
Jim:
Wasnt it P. T. Barnum who said something like, “You can never go wrong underestimating the stupidity of the American public.”
Later on in your column you said “Imagine if there were a rash of car thefts where thieves stole a bunch of cars that were left running with the doors open. “
Now what would the reaction be if car makers gave us cars with no locks and ignition systems that were so easy to defeat that even a ten-year-old could steal a car? I bet there would be a hue and cry in the press and lots of other car makers would run adds saying how safe their cards are.
Do you spot any resemblance to Outlook and the cars mentioned in the previous paragraph?
Ive been writing software for a living for over 20 years now. Its my position that any thing like Outlook that makes it easy to hijack a users system is irresponsible. (Course its nice when you have a virtual monopoly.)
So which is easier?
1) Making a fundamental change in the human condition (banishing stupidity)
2) Changing a small body of software to make it harder for virus writers to spread their little toys over the net
Jim:
Finally someone has the nerve to put in writing what weve all been thinking! Thank You. I am sending links to the article to everyone I know. I cant tell you how many hours and thousands of dollars we have spent trying to keep these attatchments out because people are too stupid not to open them. Although I think most of them must be AOL users as well.
Great article!
Dan Van Hout
Page 3
Jim:
I hope this short opinion article, “Idiocy Imperils the Web,” gets the attention it deserves! You hit the nail on the head, putting into words something those of us who have to clean up mail servers and listen to the complaints of idiot e-mail users have thought for years. Its to the point that e-mail users should be required to prove basic reasoning skills and pass a test before they can have an account. Of course, these are the same people who respond to spam offers for free pasta pots, digital cameras, and manhood increasing pills, further propogating the use of spam. I guess if it wasnt for the idiots, we wouldnt realize how smart we must be!
Gary Varnum
Jim:
While I think the focus of your article is clever, I also think that you stopped short in blaming only the end user, the individual who opened that unsolicited message with a virus attachment.
Ive been using computers for over 30 years. I can remember when the only thing that you could do with e-mail was send text. What about pointing the finger at the software vendors who have made it easy for viruses to spread? The ones who supply browsers and messaging systems that automatically open attachments for you? [Ok, its an option, but the default is typically on!] The ones that follow links to Web pages, and execute code that isnt yours, if you want them to or not? [Again, an option, but if you disable it, you suffer significant losses in “functionality” e.g.. there are legitimate Web pages that stop working!]
It used to require a recognizable system flaw for a virus/worm to enter a system, gain control and then spread. That is no longer the case. Most out of the box systems will have enough configuration flaws that leave them vulnerable unless an experienced system admin has fixed the problems. Given the number of novice administrators in the world, there is no question that viruses/worms will spread until vendors start selling software that is designed, engineered, and tested to prevent their spread. Since that goes against the trend of ever increasing features and expanded functionality, dont hold your breath!
Frank Pirz