Users choosing ignorance

Published on Wednesday 19th September, 2007 (AEST)

I was recently helping an organisation with some new PCs they had purchased. Eager to get up and running, staff had been set loose on their new toys before any antivirus software was installed. Not surprisingly, by the time I arrived a few days later, viruses and spyware had already infiltrated several machines. As I said, this was not surprising, given that the users were running with admin accounts on unpatched machines and with no real protection or training.

What was surprising was that one guy had already resigned himself to the fact that after he logged in, he had to ctrl-alt-del, open Task Manager, find rundll32.exe and kill it, just to get Explorer to run. He wasn’t too worried that his machine was effectively under someone else’s control, so long as could still get to his IM client—even though that meant jumping a few hurdles along the way.

It seems many people are becoming increasingly blasé about security issues, almost deciding to be ignorant of the risks, despite (or, perhaps, because of) frequent warnings of phishing scams, hyped reports of 0-Day vulnerabilities, and botnets more powerful than supercomputers.

Save to del.icio.us Digg this Submit to StumbleUpon