"Blame the users" cures {Ira Winkler et al} sound like a great idea, EXCEPT for some major drawbacks:
-1- As noted in the article, users who have fallen behind in continued stream of Patches will lose their service, including access to security Patch providers.
-2- Part of the reason that security Patches are required, is that broadly-used products, from browsers and servers to entire operating systems, have been generated and marketed without sufficient care about design and implementation flaws.
****Indeed, are there any computer products nowadays that are not covered by boilerplate "as is" Terms of Usage -- that deny any responsibility for faults or their damaging results -- and shift all responsibility for that potential damage, direct and indirect, to the users.
-3- Patches themselves have been designed to create malware
insertions, especially for invasions of privacy by the computer product providers.
The Service Pack #2 of Microsoft's Windows exemplifies that, but is not the only case.
That included invasive searches for "improperly licensed" software usage -- including restrictive rules of usage that were either hidden in the fine print or created after the products' purchases. "We did not intend to allow such broad usage" and other protestations by the sellers hardly justify such abuse of the consumers.
CAVEAT BEWARE was the byword in the snake-oil and monopolistic decades of the late 1800's and early 1900's. That is still the agressive byword of producers more concerned with acquiring the bucks than improving overall well-being.
We admire ferocious carnivores in nature -- and hold them up as role models for behavior of people and human organizations, whether business or political.
Hardly what I would consider application of those family virtues that are touted so loudly.
Suggestions:
-1- Find a less draconian way to defend the internet against "unprotected" users who have not kept up with timely patches.
-2- Make the purveyors of carelessly-vulnerable products responsible for a significant share of the damage they do -- including Election Voting machines, by the way.
-3- Create better protection against "Big Brother" abuse of the Patching process -- both by government [aka Patriot Law security] and by businesses that would squeeze yet more profit by retroactively -- even after sale or licensing -- downsizing popular features of their products -- and then re-offering those features as new products for additional charges.
Sorry about the tangent there. -- but it is relevant, since that is a significant engine in the processes that leave us so vulnerable !!
Latest software headlines from Network World:
At 10, Google reiterates commitment to CIOs
As Google turns 10, enterprise success in question
Zoho adds Google Docs-like file management
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
addendum {denial-of-service & botnet attacks - Blame the users"
Addendum to my earlier comment:
There is another drawback to "Blame the Users" cures.
Some users -- whether
<1> because of inability to understand and properly apply the security Patches; or
<2> because of fear of polluting their systems via unknown side-effects of security patches; or
<3> out of desire to put one over on the big companies; or
<4> out of careless disregard for their own and others' online security;
-- indeed some users will not conscientiously apply security Patches in a thorough and timely manner.
The system needs safeguards to minimize vulnerability to infections of that residue of still-vulnerable users.
Perhaps some antibody scheme might work, such as attaching appropriately-signed "SAFE" and "WARNING" flags to messages and packets thereof, that are coming, respectively, from properly-protected computers vs. recognized compromised computers {which would have been cut off automatically by Winkler's "cure"}. Such flags could be checked by firewalls upon reception. Alerts could be presented to Users who might otherwise accept harmful data -- indications that real risk has been identified, rather than the feeble "DO YOU KNOW YOUR SENDER?" pop-ups.
Similar warnings can be returned by webmasters to the message/data origins -- to alert the comprised system's users of the identified damage in their system -- along with Warning that they may become partially responsible for harm to others resulting from their unprotected, compromised system. -- More work for the internet infrastructure, but more effective and less draconian protective messures.
P.S. NOTE TO BLOG EDITOR:
_______ Having written and posted the earlier part of this comment, I now get an "ACCESS DENIED for This Page" notice when I try to reread my own comment.
___Why?______________________
___ and what can I do about it?
______
Thank you for your attention to this Post-noted issue.