From: cman@communities.com (Douglas Barnes)
Date: Wed, 31 Jan 1996 09:14:36 +0800
To: cypherpunks@toad.com
Subject: More FUD from the Luddites at FV [pt. 2]
Message-ID: <v02130502ad33448ac18b@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



People have been dealing with viruses and malicious programs
since the dawn of PCs. (Before that even, really.) This is not
news. A virus or trojan horse can do something much worse than
the (possible) inconvenience of a "bad guy" getting your credit
card number.

Whether you're a business or an individual, having, say, your
hard drive wiped clean by a virus would be several orders of
magnitude worse than the relatively minor inconvenience of
having to get unauthorized items deleted from your credit card bill.
This is just as possible as the credit card scenario FV is
painting, and PC owners have been dealing with this kind of
threat for over a decade.

Rather than focus on something as tame as credit card numbers,
let's look at what else a malicious program could do if it had
unlimited power over your PC:

  o Ransack your tax preparation files
  o Compress and transmit your financial information to your
    competitors or to Blacknet.
  o Capture the passwords and logins that you use while telecommuting
  o Use your dial-up bank-by-computer software to make unauthorized
    transfers.
  o Reformat your hard drive.

The fact is, malicious programs are a threat that has been in the
background for over a decade, and PC users with any experience to
speak of are familiar with at least the rudiments of dealing with
this class of problem. If anything, they're more familiar with this
kind of threat than more network-specific threats. (Look at the huge
sales of popular anti-virus products.)

Sure, there are clueless people out there, but the solution is to help
make them less clueless, not to stampede them in a panic, which is
apparently FV's goal here.

--doug

Ernest Hua writes:
>I'm quite amazed at the level of ... well ... how can I characterize it
>without insulting too many people? ... arrogance? ...
>
>Many of you would be amazed at what motivates the average person to buy
>or to use a computer.  Most people, when asked about security, do not
>even have a concept, let alone how it applies in a computer environment.
>
>There is far more misinformation and miseducation among the average user
>than you might think.  Not everyone understands why they need a modem in
>order to get onto the Internet.  Not everyone understands why you need
>to sign up for an account with an ISV in order to get onto the Internet.
>(You would be amazed at how many people think that just buying a modem
>is good enough to get onto the Internet.)
>
>The response is typically, "I don't understand all that technobabble!"
>"Just give me something that works!"  "This is too complicated!"
>
>If you think that the dumb user should be left to fight for his/her own
>survival on the information highway, you are easily condemning 75% to
>90% of the current users.
>
>I am not entirely convinced that Borenstein is totally selfless in his
>(or FV's) announcement.  However, the basis of his argument, while it
>may not apply to the cypherpunk community, has much merit in the real
>world.
>
>Try helping 100 random people with computers.  Bet you 90 of them have
>trouble getting onto the Internet, period, let alone figuring how to
>run Netscape.  There is a reason why AOL/CompuServe do very well
>caterring to those who are technically-challenged.
>
>Ern

------                                                             ------
Douglas Barnes         "The tighter you close your fist, Governor Tarkin,
cman@communities.com    the more systems will slip through your fingers."
cman@best.com                                             --Princess Leia