If you’re interested (even faintly) in computer security, and have some kind of RSS reader permanently running on your desktop, you might want to consider adding the feed for the “Handler’s Diary” at the SANS Internet Storm Center. I’ve found that it often puts up notice of what, as near as anyone can tell, has just hit the fan, and who’s about to catch it. They also write for a mid-level of expertise; for instance, today’s entry has a pretty good description of just how some kinds of spyware and adware work in the context of Yet Another Scam.
Which is a sideways way of getting to the idea that I don’t really think my users are as clueless as I make out. I’ve mentioned before that I make a policy of installing and running SpyBot every time I’m asked to do anything with someone’s Windows box, and to date nobody, including myself, has come away “clean.” These are, in general, intelligent people, often with some very impressive specialized knowledge, and this software infection is as easy to catch as a cold with the system I put on their desk, with no training to speak of. What’s more, they’ve learned a very, very useful adaptive behavior, which is asking me whenever weird things start happening. So, unlike the clueless users who do infuriate me, we don’t usually have infected zombie boxes spewing garbage out onto the internet for days (weeks) on end.
You can prevent a lot of real infections easily by washing your hands, relatively frequently, with normal soap and hot water. (Don’t get me warmed up on antibacterials.) But someone has to tell you that, and the sheer volume of analogous things someone has to tell you about keeping your computer infection-free… well, it’s large.
The fault, in the spyware/adware issue, is squarely on the shoulders of the algae who write this stuff, and push their expenses off on me and my company in the form of my wasted time and that of my co-workers.
Now playing: Still Fighting It from Rockin’ The Suburbs by Ben Folds