Fully patched PCs are a rare breed
Security: We've heard of it
A small minority of users - as few as one in 20 - is running fully-patched Windows PCs.
Just five per cent of newly-registered users of an online security inspection service Secunia came out with a clean bill of health, while more than 40 per cent have at least 11 insecure applications installed.
The data is based on scans of 20,009 computers whose users recently installed Secunia's freely available software inspection tool. Secunia claims a total user base of more than 200,000 users for its free Secunia PSI tool. A survey of a different sample set of Secunia PSI recently discovered that one in five software apps installed on computers are insecure or out of date.
The Danish security firm said stats from its service show users are struggling to keep their PCs up to date. "Patching a PC is as important as running anti-virus and a personal firewall," said Thomas Kristensen, Secunia's CTO. ®
Normal home users
I've never seen a normal home PC that was patched. Only geeks who understand what it means bother. The home users I know all get annoyed by the popups that programs keep giving to 'pester' them to upgrade so they disable them. After all, if it currently appears to be running just fine there cannot be a problem, right? It's only when you click on a file and the wrong thing happens that you have a problem that needs the latest drivers or something...
Home users are a lost cause and the more complex computers become, the less interested people will be about things like this. It's no different to cars... when they were new, everyone who owned one knew how to service it to some degree and could point to the different parts of the engine. But now that they get a car on credit and trade it in for a new one after 2 years they don't even know it's supposed to have water in it, let alone where it goes.
In the same way that people now get fleeced by garages who do every little thing for them, one day computers will be upgraded and tweaked silently in the background via remote logins to your system and no one will care about the ongoing costs of this 'service' or the privacy issues it brings. Computers - whateverrrr!
> So, I used this tool, too. What I found today was that it was beta.
Well, Secunia Personal Software Inspector is not quite beta any more. What I found on their website (http://secunia.com) today was a release candidate one.
You have a case though IRT paid consulting services for a third party. However, Secunia denies you in their License Agreement, to which you consented, the right to use the PSI-tool commercially. Therefore, sticking to their rules, you won't run into problems with taking resposibility for a botched tool operation on your customer's PC.
The use of PSI on your private PC is free, which I consider fair enough - even if the tool were in beta status, and not in release candidate status, which it is.
BTW, please go FreeBSD - or maybe even OpenBSD - if you'd like to use a system which is not only secure, but also easy to maintain. All the whining about poor security is mostly confined to systems which are by design hard to maintain.
Once again the "big security question" boils down to the saying "Thank you, Bill". The trailing words "for the crap" are yours to say.
I'm confident my PC is secure
I never install stuff from companies that want full access to my system.
Does this principle, if widely applied by sysadmins, not somewhat skew the results?