Dan Appleman: Kibitzing and Commentary

My personal blog

The Always Use Protection Quiz

I’ve started seeing all sorts of interesting comments since my interview with Robert Scoble was posted on channel9.msdn.com. Many of the comments relate to the quiz I have posted at AlwaysUseProtection.com. Some of the comments are thoughtful. Others provide fascinating insight into the biases of the reader. I’ll be using this post (which I’ll update periodically) to respond to the most interesting of these posts.

Readers at PHP Everywhere wonder:

  • What are the FTC surveys on teens suffering from identity theft?
    Answer: They don’t ask that question. There’s rarely money involved in the kinds of identity theft teens suffer from (and the FTC, being the Federal Trade Commission, is focused on financial issues). So until some grad student looking for a good thesis does a formal study, I’m afraid my numbers are the best I have. I feel comfortable using them because the numbers I’m seeing are so high (over 30%) compared to the identity theft numbers for adults (under 5% in 12 months, which is still very high).
  • I have some sort of financial motive by claiming free antivirus programs aren’t good enough.
    Answer: Anyone who asks this is missing the real point of the question. The key idea is that periodic scanning for viruses is never good enough. You need real-time scanning, and to my knowledge at this time none of the free scanners include that feature. As soon as I find one I’ll remove free from the question. Also, I don’t work for an anti-virus company.
  • Cookies are a threat to privacy.
    Of course they are! And occasionally a stupid web site will include personal information (such as user ID and password) in the cookie. But most sites don’t. The point of this question is to encourage people to understand what cookies really are and the kinds of threats they pose from minor (obfuscated first party cookies), to more significant (obfuscated third party cookies), to serious (cookies that contain personal information).

Readers at channel9.microsoft.com wonder:

  • If I just wrote this to plug an area of the market that is otherwise unplugged (under 20’s) – the implication being it’s just for the money.
    Well, yes. Obviously if there had already been other security books for teens I wouldn’t have written this one. I would have just bought that book and handed it to the teens I know who need it. But any author will tell you that writing books nowadays is one of the least profitable ways to spend your time.
  • You play fast and lose with the terms virus and worm:
    You bet I do! The difference between them is important to security professionals and those who are by nature precisionists (or anal retentive). From the perspective of a home users, viruses, worms and trojans all fall into the class of “bad things that a good antivirus program should clean or remove.” Spyware and Adware fall into the class of “bad things that you may need a spyware/adware tool to remove because many antivirus programs won’t catch them”. That’s why in the book, once I explain the difference between them, I tell readers that I’ll just use the more generic term “virus” throughout the rest of the book.

More to come…
RSS feeds for sites referred to in this item:
channel9.msdn.com
Scobleizer
PHP Everywhere