« Click-free Web Surfing | Main | 2.661 »
January 31, 2004
How safe are you?
If I learned anything this week, it's the incredible amount of ignorance (meant in a good way) that people hold for their computers and how they work. Even supposedly intelligent people with graduate degrees and gargantuan salaries and prestige don't grasp it.
Face it: the computer savvy are a minority. Most of the people out there are Blinking Twelves.
It's not enough to know how to turn on your computer anymore. Nor is it enough to be able to dial in and get your email. It's especially not enough to be able to hop onto an "always on" broadband connection and go zipping around the Internet.
It's like unzipping your pants and dropping the dipstick in every engine block that the IKEA parking lot. Eventually, you're going to get burned.
Fact of the matter is that most people have no idea how vulnerable they are when they're online. These are the people that have no idea if they have even been infected with a virus. My firm has a mail quarantine for infected mail that requires users to request release of mail that they are expecting. I wish I'd kept stats on how many people requested mail that was infected by a virus despite the fact that the notification they got explicitly indicated that it had a virus, despite having been told in a firmwide email that there were viruses in the wild causing problems.
It's frustrating. As computer professionals, we can only do so much to insulate our corporate users from the ills of the Internet, but what can you do when they seem so determined to screw themselves? The problem isn't technological.
It's social.
The requests we got were due in part to people not even bothering to read the notification and simply requesting a mail release out of habit. A great many others would say something along the lines of "I don't know who this is, but it may be important. Please forward it to me."
Get a clue! We sent out email telling all of these users to expect mail like this, right down to the subject lines that would appear. There was information telling them that they should expect spoofed senders and that they would receive bounces from messages sent where they were spoofed as the senders.
Yet the requests kept coming.
If there's any consolation, the requests seemed to peter out toward the end of the week.
Okay, I'm done.
This rant brought to you by a week in the trenches and this article.
Posted by KinCross at January 31, 2004 12:44 AM