Feeds

The Fear biz is the computer security biz

Lies, damn lies...

High performance access to file storage

A few years ago, Steve Ballmer ranted about open source in the Chicago Sun-Times, bellowing that "Linux is a cancer that attaches itself in an intellectual property sense to everything it touches. The way the license is written, if you use any open-source software, you have to make the rest of your software open source".

This is obviously horsehockey, and it's just as obvious that Ballmer knew that it was horsehockey, but he said it anyway knowing that many readers of the Chicago Sun-Times would believe what he said because he is a rich, important businessman. Bill Gates' claim that "security guys break the Mac every single day" is just as ludicrous, and just as calculated.

In both cases, fear is the string these two maestros are plucking. The ignorant will come away from reading the earlier interview believing that Linux is dangerous and will doom their companies, while the latter interview may keep a few more people from switching to Mac OS because it's getting broken into every single day.

Now, Apple's ads haven't exactly disabused themselves from relying on fear either. The "Virus" ad in the "Get a Mac" campaign has the PC suffering from "that virus that's going around"; when the PC warns the Mac that there are "114,000 viruses for PCs," the Mac replies, "For PCs. But not for Macs." In another ad, "Trust Mac," the Mac says "I run Mac OS X, so I don't have to worry about your spyware and viruses" [emphasis added].

Notice that Apple's commercials don't say there aren't any viruses or spyware for Macs, just that the 114,000 for PCs don't affect Macs. Of course, a less attentive viewer could come away from that commercial believing that there aren't any viruses for Mac OS X, which actually wouldn't be too far off the mark, considering that there are virtually none (PDF). As for spyware, to my knowledge, there isn't any for Mac OS X, so that perception wouldn't be incorrect either.

Apple's website even states the situation in language that can't really be argued with: "A Mac running with factory settings will protect you from viruses much better than a PC, but it's never a bad idea to run extra virus and security software."

So yes, Apple uses fear to sell computers, but it's a heck of a lot more accurate in what it both says and implies, while Microsoft's leaders tend to nakedly push the buttons of fear willy-nilly, facts and reality be damned.

In fact, I wonder if it's possible to talk about security at all without invoking fear at some level. If that's true, then it comes down to how much respect the speaker has for his audience. It's sure easy to scare the bejesus out of uninformed computer users - the vast majority of computer users, in other words - but is that the best way to accomplish the goal that we'd all like to see realised: better security? Wouldn't it be better to treat users like rational adults and present them with facts and choices, instead of just exaggerating, and even lying, about security issues?

If users are already scared of their computers - and we all know many of them, like my father-in-law Larry, are - then freaking them out completely or distorting the truth is not going to make them less frightened, or more confident. Helping them make good decisions based on their needs and the reality of the world of computer security will, however, result in smarter computer users that are capable of making good choices.

Except when it comes to homicidal clowns. Nothing will make those things easier to deal with, especially when they come for you in the dark of night, chuckling softly through their yellow rotted teeth and red-gashed mouth as they reach out their white-gloved talons to grip your ankle, and then...

This article originally appeared in Security Focus.

Copyright © 2007, SecurityFocus

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.