Another “Techno-bile” column from me this week in The Guardian. This week I'll be mostly ranting about computer security.
Here is:
Technobile
Instead of terrifying us with tales of doom, software companies should write programs without holes
Kieren McCarthy
Thursday October 13, 2005
The Guardian
Critical? To me, critical means a crash victim lying unconscious in bed with drips and a machine that goes beep, beep, beep. Suddenly: beeeeeeeeeeep. “Doctor! Crash team!” Out come the metal pads. “Clear! Kaboom! Try again! Kaboom! I'm sorry, we've lost him.” Is that what we're talking about? Because my computer looks pretty healthy.
You must install them immediately: every minute it goes unpatched, another PC dies.
What rubbish. If we need to install them this second, how come 10-year-old machines are still working fine? Rather than forcing us to spend hours every month installing patches and updates, how about software companies building products that don't have holes in the first place? How about being reimbursed for faulty goods?
But you have to do it or a hacker will seize control of your machine, it will become a “zombie” and wreak havoc across the world.
Like what? I can't even find the files I want on my computer. How many millions of lists and presentations will this hacker have to go through to find something useful? Does some nerd in Iowa really want Uncle Laurie's phone number? Is he going to call him?
But, say companies in the $6.7bn security software market, if you don't buy firewalls and anti-virus software, if you don't download, update, patch, scan and check, then hackers could get your credit card details. How? My details aren't on my computer.
Have you not heard about Russian criminals and phishing scams? They set up websites that look like the real thing, ask for your card details and then … If someone came to your door and said “Hi! I'm a touring representative from Robert Dyas and was wondering if you'd like to buy a set of pans half price, all you have to do is give me your credit card details,” what would you say?
You'd say: prove you're from Robert Dyas. And he'd produce a cheaply printed badge saying “Rub3rt Diyaz”.
If you get caught in a phishing scam, you're an idiot. It's that simple. Equally, if you open an email attachment from someone you have never heard of promising “sexy footage” or “Bush is a buffoon”, you're the buffoon.
Does it not strike you as odd that the very people advertising these threats are the same people that sell us the protection against them?
If these products have holes, we should send them back, and not be grateful that they send a plank and two nails in the post. You are the zombies, not the computers.
