December 7, 2005 3:25 PM PST

Survey: Most home PC users lack security

A survey of home PC users found 81 percent lacked at least one of three critical types of security, but the number of consumers using firewalls and updated antivirus software is improving, according to a report released Wednesday.

The vast majority of consumers surveyed were found to lack at least one of three types of critical security--a firewall, updated antivirus software or anti-spyware protection, according to a report by America Online and the National Cyber Security Alliance.

Of this group, 56 percent had no antivirus software, or had not updated it within a week, while 44 percent did not have a firewall properly configured, according to the report. Meanwhile, 38 percent of survey respondents lacked spyware protection.

"Even though most consumers think they are protected, this study shows the opposite," Ron Teixeira, National Cyber Security Alliance executive director, said in a statement. "Far too many people still lack the three fundamental protections they need to stay safe online."

Nonetheless, some improvements have been made. The number of homes with properly configured firewall protections rose to 56 percent from 28 percent a year ago.

The improvements were attributed to the default firewall that is installed with Windows XP Service Pack 2, according to the survey.

The percentage of home PC users with recently updated antivirus software on their computers rose to 44 percent this year, compared with 33 percent a year ago. And, the number of PCs with spyware and adware loaded onto their systems fell to 61 percent this year from 80 percent last year.

46 comments

Join the conversation!
Add your comment
Broadband [L]users
The biggest problem is with home bradband users who have no hardware firewall (e.g., a router). With the connection being persistent, these machines all eventually become zombies. The cable or DSL provider doesn't make the need for a firewall abundantly clear because they can sell the poor dumb bastards additional modems for each PC in the house.

I lost count of all the non-technical people I've known who just connected their PC right to a cable modem. Then, they wonder why their system gets hosed in no time.
Posted by Eggs Ackley (34 comments )
Reply Link Flag
CDC
Blame the service providers. We need some Big Standards Body to demand that all cable and dsl providers provide modem/routers with built-in firewalls (some already do). But they don't because of cost (fewer service calls... at least in the short run).

Since one bad machine can infect many others, think of it as a matter of computer public health.
Posted by Betty Roper (121 comments )
Link Flag
A hardware firewall isn't a hard requirement.
I use a dedicated PC running a software firewall (BrazilFW, formerly known as Coyote Linux, a small and specialized single-diskette firewall/router distribution which runs in a RAMdisk), which I feel gives me far more flexibility than an (affordable) hardware firewall would.

My other systems are not vulnerable, since they are nestled safely behind the firewall box and are thus not connected directly to the internet. :-)

I agree with you, however, that ISPs need to make it clear to their users that a firewall is a good idea. I think it should be a hard requirement.
Posted by rcsteiner (48 comments )
Link Flag
Of course, the saddest thing in all of this.
Is that there are extremely good firewall, AV, and adware/spyware screening utilities out there to be had...for free. In fact, much of the utilities software for sale out there just plain sucks. So the question remains for those with unsecured PCs. What is their ratio of stupid/lazy?
Posted by (62 comments )
Link Flag
Get a Mac
If you don't understand security, get a Mac and you won't have to
worry about protecting your system from viruses and spyware.
Instead of blaming users for not knowing enough, how about
blaming the operating system that makes these problems possible?
Posted by vchmielewski (59 comments )
Reply Link Flag
Macs are Magic?
ANY OS can be attacked, lay off the Koolaid.
Posted by EuroMarkus (10 comments )
Link Flag
Any non-Windows OS will do.
My OS/2 box doesn't suffer from spyware or virus issues, and neither do my Linux or BeOS boxes.

That doesn't mean I don't exercise due diligence when downloading and installing software, and I do run a virus scanner on my OS/2 box when I download DOS or Windows software, but it does mean that many of the most common vectors used by spyware programs and other similar entities are simply not present on those platforms.
Posted by rcsteiner (48 comments )
Link Flag
Macs aren't magic
Macs are all that I own, but that doesn't mean I don't take the
threat seriously. I use my OS X firewall and my router. I use two
virus programs. I use bowswers with adware and spyware
blockers.

You are correct in that there have not yet been an deployed Mac
virus or worms, but they exist. Just read the threat portion of
this site and work backwards. You'll find the articles.

Apple produces security upates for a reason.

My two cents.
Posted by ctinok (3 comments )
Link Flag
Get a clue
n/t
Posted by aabcdefghij987654321 (1721 comments )
Link Flag
Get A Mac
Yes I would agree with Vince. Why put up with bad and insecure
operating systems and blame everybody else for it. The only reason
these viruses came about is because Micro$oft kept ignoring its
customers calls for security. They'll never learn.
Posted by (3 comments )
Reply Link Flag
'nother cluless one
n/t
Posted by aabcdefghij987654321 (1721 comments )
Link Flag
Security
A lot of people think that a hardware firewall that performs NAT is enough. I would say it isn't. A software firewall works up to Layer 7 of the OSI model, and on SMTP end with email. Also, the firewall in XP isn't complete, it only blocks incoming traffic. I used to not have a software firewall. I got hit with Blaster and then got on with it and downloaded ZoneAlarm. ZoneAlarm enabled me to stay on the net, block the horrible net traffic and patch my system.

4 freeware programs to give you good security:
antivirus: AVG Antivirus
firewall: ZoneAlarm
antispyware: Ad-Aware and Spybot Search & Destroy
Posted by pentium4forever (192 comments )
Reply Link Flag
Macs are safer yes
Macs are safer, hackers aren't going after the Unix kernel that resides at the core of Macs. However, there have been vulnerabilities although very few compared to Windows. Do they even make software firewalls for Macs? LOL.
Posted by pentium4forever (192 comments )
Reply Link Flag
Re: OS X software firewall?
Yes, included with OS X.

You click a button to turn it on.
Posted by open-mind (1027 comments )
Link Flag
Partially
No computer is going to tell a users not to their credit card on every site that has a deal on something you want or not to put your phone number\email address on every form. Security is a combination of the knowledge a use has and the technology they are using. If one fails or is lacking then there is the an opportunity for a breach, regardless if the other is sound.
Posted by VI Joker (231 comments )
Link Flag
knowledge is power
knowedge is power. The majority of users that I come across in the repair business don't know how to use a firewall or antivirus software. Some don't even know what it is. Someone has to tell them. Someone may have to sit down and explain it to them step-by-step so that they have a good understanding of why they need the security and why it's important. They don't have to know the inner workings of the machine and program, unless they want to. They just need to know the importance of security on the pc and other data sources. Only then, will we see a change in those numbers.

(by the way: one of those someones is me. I don't mind at all explaining how things work).
Posted by Michael00360 (58 comments )
Reply Link Flag
Re; Knowledge is power
I am one of those who don't know if my security is set ok! I have XP and so have their firewall, I also have AVG antivirus, and Ad-aware and Spybot for getting rid of spyware. How do I know if my firewall is setup right? I regularly update also. I also use the internet for purchases and so it is a worry!!
Posted by Kev63 (1 comment )
Link Flag
Is this article accurate?????
You reported that the number of people using Adware and
Spyware blockers was down. Should the question have been --
Have you started using browsers with automatic adware and
spayware blockers? Is this limited to Windows users? Does it
apply to all OS users (Windows, LINIX, Mac OS X, etc.)? Is there a
compelling case for adware and spyware blockers beyond
bowsers? AOL advetises it does this for you. Cox provides this
service.

I strongly your third conclusion is incomplete and speculative.
Posted by ctinok (3 comments )
Reply Link Flag
Most home PC users lack security
Ask the right question, you may get the right answer!

Besides the fact that most users are non-technical people too often careless and that some software is free or is provided online, the question is: How much money is involved into the PSEUDO protection and safety business? (I say PSEUDO protection and safety with every reason and within limits, for despite the use of four different anti-virus soft and half a dozen firewall, I never get the certainty that the machine Im repairing in my shop is really clean, safe, etc. and they all show different result when they dont give false positive and eventually screw up another program or the OS!!! Great isnt?!!!)

First, the funny thing is: why is there the need at all of all these anti- things, blocker-whatever you name it?

Considering the vast amount of growing threats known, why arent they scanned, stopped, cleaned off the WWW right at the beginning, it is to say servers/nodes&?

A technical issue then? Dont have the means to achieve this level of protection? Ehemmmm! Ask the poor and innocent people who have been in all sorts of ways been tracked down, webs closed, etc. etc. Even cops coming knock-knock on the door. (Im talking REAL innocent people).

Why is it that a virus able to attack servers etc. NEVER get into our home machines but the whole host of others roam and spread freely? Do they possess THE ultimate hardware/software we dont?
Simple enough, because there is ABSOLUTELY no will to put an end to the juicy business of antis-things software producers and computer repair shop might get a little sad too! We are the bread and butter, the cow to milk!!! (Ive known people talked and tricked into buying a new PC for a virus issue!)

So, why when needed for some kind of authority/interest/business, the means are largely and greatly deployed?

How much time, how much money were loosing, at a whole? Not only because of malicious, malignous wrongdoers.

We could talk about spam too, it follows the same rules. How many messages have been sent to our trash bin that were in fact real messages from a customer, a friend, etc.? And sometimes it just gets worse, Ive answered once to an announcement by clicking on - I dont want to receive any more messages from this site and the next in-box message I got was from some official US-Robocop-something-web watcher telling me Ive been put on the black list and declared Spammer!!! Followed by an avalanche of Spams!!! Quite a cute trick, no?

Apart from finding and prosecuting virus inventors, hackers, spammers &, why arent the producers of OS, soft etc. also made responsible for having produced such crappy unsafe products? After all, your car producer replace free of charge the faulty item, no?

And then working the same way, trying to protect your lives from terror aggressions, youve got the Patriot Act with all its might and resources!!! Dont let me laugh, Ill explode with such laughter within the next ten seconds youll all hear me there, all the way to America, although I live in Spain!!! And if you dont like me to laugh, dont let me cry, you might get flooded but this time with no time to build an Ark!!! Poor America!!!
Posted by ericchappuis (6 comments )
Reply Link Flag
Securing Home PCs
Most OEM OS powered home PCs sold today are bundled only with 30-90 day trial versions of security software. It is a solution to require bundling OEM OS powered home PCs with a complete and licensed security software renewable after a year or during a warranty period or so.
Posted by Mendz (519 comments )
Reply Link Flag
Get a Clue.
So now you are saying that the technically challenged should learn a whole new OS just to keep their pc more secure? If that is the case then it would just be cheaper to install Linux and learn that instead. Because both OS's are Unix based they have the same security features. Why should a computer user pay twice as much for their hardware and sacrifice flexibility just for security. Even if that user spent the money for a hardware firewall and a security suite they still spent far less money for a Windows pc than a Mac. Using a Mac makes sense if you like the look and feel of the operating system and you like the harware that it is run on. Buying a Mac for security is a poor decision when you can get a free copy of Linux and save a boatload of money for the same security features. Besides we are talking about people who barely took the time to learn Windows basics. They are not going to take the time to learn Tiger os just for security reasons.
Posted by mstlyevil (39 comments )
Reply Link Flag
Basic problem.....
... the quantity and quality of Linux based software is rather dismal.
Having a cheap safe computer which can't do anything useful is
much of an accomplishment.

Remember, we're dealing with the technically challenged here.....
Posted by Earl Benser (4310 comments )
Link Flag
Enough already
I have watched for quite awhile now, the Linux zealots and Mac high preists preach the merits of their OS. The question I have is how secure would these OS's be if they had the marketshare that MS has. The vulnerabilities are there, it's just that noone has taken the time to discover them because of the miniscule number of machines that run these OS's. The only time I've seen Linux used in a production environment is as a server. I've never seen a Mac in a production environment. Face facts, it's a MS world, like it or not.
Posted by RouterGod (1 comment )
Reply Link Flag
I don't agree
I don't agree with your premise and there is no proof that you are
correct. The fact is that this argument is used all the time, but
there are plenty of examples where higher market share does not
result in more security problems, Apache being the first example
that comes to mind. Also, if we presume you are correct, why
would an IT manager not choose Linux or Mac OS X for security
reasons regardless of why they are more secure? Your argument
simply doesn't make sense. For the record, my IT department does
use Apple Xserves in production and we love them.
Posted by vchmielewski (59 comments )
Link Flag
Hi guys as a newbie to the world of computers ........ what would you rate my computer security at? I run windows XP service pack 3 with online armour version 2.5.0.9 and avast 4.8 professional. I'm guessing in a rating out of 10, I would safe to say a 6 or a 7 or do you think it would be higher?
Would be very interest in your views on this.
Posted by Rebelx7 (1 comment )
Reply Link Flag
I was reading all of the comments and concerns associated with computer security and overall basic operator knowledge , or absence of it , and it is very concerning. I have had a few complete crashes on my home computers and laptops and know how horrible having your whole computer world erased can be. Trying to retrieve that data can be a bigger nightmare especially important pictures and work related files. Many people don't even know that its possible to get that info off their harddrive after a crash. You are like miracle workers and have probably saved many people from an otherwise devastating loss of their cyber existance . You are heroic and I am very interested in the computer programing/repair field. What kind of education or courses of training are required to become an expert in computers ? How long did it take? I know some people are just naturally talented with programing and electronics is it mandatory? Thank u in advance for any tips or info that u can provide me with ...I was recently laid off and might want to try my hand at a computer career
Posted by MadamDROID2 (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.