The Always Use Protection Quiz

I’ve started seeing all sorts of interesting comments since my interview with Robert Scoble was posted on channel9.msdn.com. Many of the comments relate to the quiz I have posted at AlwaysUseProtection.com. Some of the comments are thoughtful. Others provide fascinating insight into the biases of the reader. I’ll be using this post (which I’ll update periodically) to respond to the most interesting of these posts.

Readers at PHP Everywhere wonder:

  • What are the FTC surveys on teens suffering from identity theft?
    Answer: They don’t ask that question. There’s rarely money involved in the kinds of identity theft teens suffer from (and the FTC, being the Federal Trade Commission, is focused on financial issues). So until some grad student looking for a good thesis does a formal study, I’m afraid my numbers are the best I have. I feel comfortable using them because the numbers I’m seeing are so high (over 30%) compared to the identity theft numbers for adults (under 5% in 12 months, which is still very high).
  • I have some sort of financial motive by claiming free antivirus programs aren’t good enough.
    Answer: Anyone who asks this is missing the real point of the question. The key idea is that periodic scanning for viruses is never good enough. You need real-time scanning, and to my knowledge at this time none of the free scanners include that feature. As soon as I find one I’ll remove free from the question. Also, I don’t work for an anti-virus company.
  • Cookies are a threat to privacy.
    Of course they are! And occasionally a stupid web site will include personal information (such as user ID and password) in the cookie. But most sites don’t. The point of this question is to encourage people to understand what cookies really are and the kinds of threats they pose from minor (obfuscated first party cookies), to more significant (obfuscated third party cookies), to serious (cookies that contain personal information).

Readers at channel9.microsoft.com wonder:

  • If I just wrote this to plug an area of the market that is otherwise unplugged (under 20’s) – the implication being it’s just for the money.
    Well, yes. Obviously if there had already been other security books for teens I wouldn’t have written this one. I would have just bought that book and handed it to the teens I know who need it. But any author will tell you that writing books nowadays is one of the least profitable ways to spend your time.
  • You play fast and lose with the terms virus and worm:
    You bet I do! The difference between them is important to security professionals and those who are by nature precisionists (or anal retentive). From the perspective of a home users, viruses, worms and trojans all fall into the class of “bad things that a good antivirus program should clean or remove.” Spyware and Adware fall into the class of “bad things that you may need a spyware/adware tool to remove because many antivirus programs won’t catch them”. That’s why in the book, once I explain the difference between them, I tell readers that I’ll just use the more generic term “virus” throughout the rest of the book.

More to come…

RSS feeds for sites referred to in this item:
channel9.msdn.com
Scobleizer
PHP Everywhere

6 Responses to “The Always Use Protection Quiz”

  1. Eli Draluk Says:

    In relevance to

    Cookies are a threat to privacy.
    Of course they are! And occasionally a stupid web site will include personal information (such as user ID and password) in the cookie. But most sites don’t. The point of this question is to encourage people to understand what cookies really are and the kinds of threats they pose from minor (obfuscated first party cookies), to more significant (obfuscated third party cookies), to serious (cookies that contain personal information).

    Cookies are very well behaved now, recently doing a generic scan on my computer to make sure my common passwords are not compromised, the only password I came across was the one from pizzahut’s website. The real issue with cookies is tracking of browsing habits, thankfully even IE let’s you block those evil third party cookies.

  2. Rob... Says:

    Grisoft’s AVG Free antivirus software has real-time scanning. Quote: “The AVG Resident Shield, which provides real-time protection as files are opened and programs are run”

    http://free.grisoft.com/freeweb.php/doc/2/

  3. Nathaniel Says:

    You need real-time scanning, and to my knowledge at this time none of the free scanners include that feature. As soon as I find one I’ll remove free from the question. Also, I don’t work for an anti-virus company.

    Well, here are a few:
    Grisoft AVG – Can even be used in a commercial environment, if I’m not mistaken.
    AntiVir PE
    avast! Home Edition

    I’ve personally used Grisoft AVG and AntiVir PE and both are pretty solid AV programs, providing you keep your definition files up to date. But that goes for any AV program.

  4. Dan Says:

    Thanks! I’ve recently been hearing good things about Grisoft AVG, and it does have real time scanning. I’ve updated the quiz accordingly.

    Dan

  5. orcmid Says:

    Dan, it was great to meet you in Bellevue. I just stumbled over another protection
    practice that I call Candling Phish. It’s so simple that I figure it must be well-known and that I have been simply, well, uh, clueless [;<).

  6. moto kurye Says:

    Dan Appleman: Kibitzing and Commentary » Blog Archive » The Always Use Protection Quiz great article thank you.

Leave a Reply

Comments are moderated - allow 24-48 hours for your comment to appear.