backtop


Print 98 comment(s) - last by SlyNine.. on Sep 26 at 9:28 PM


The new study from the North Carolina State University's Psych department shows just how dumb the average user is when it comes to computer security. The study shows users are willing to do anything, including throwing security caution to the wind, to get rid of minor annoyances.  (Source: DailyTech)
A new study is giving computer savvy users a look at the "other" users' behavior

You often wonder how users fall for seemingly obvious ploys -- you know, the letter from Makib in Ethiopia seeking for donations for an orphanage, or perhaps the most recent fake ticket emails that claim to have your ticket in a ZIP file.  To the computer savvy, these silly attempts might make for a good morning laugh, but security experts say there's nothing to laugh about when millions of naïve users fall for the scheme and their computers become part of a botnet, used to launch devastating DoS attacks.

A new study from the Psychology Department of North Carolina State University gives some insight into just how easily tricked many users are.  On compromised websites one form of malware distribution is through popup windows.  If users click to dismiss them, they often download malware onto their computers.  So just how many users would be tricked into clicking?

The researchers crafted 4 dialog boxes and exposed 42 college students to them in a normal browsing atmosphere.  Each box contained the cryptic message "The instruction at '0x77f41d24 referenced memory at '0x595c2a4c."  The first one bore the markings of a standard Windows dialog, but the remainder had noticeable differences that should have warned users that it was malware.

In each of the dialogs putting the mouse over the "OK" button turned the cursor into a hand, a sign that it was a browser control, not a Windows dialog.  The dialogs also all had minimize and maximize buttons.  Starting with the second one, a browser status bar was added to the bottom.  Finally the last one was made blatantly obvious by text that flashed from black on a white background to white on a black background.

To properly lure the college students into the ruse, they created a series of fake medical websites in Flash.  The students were told they were going to be quizzed on the information on the sites after the test.  The popups were then activated as the students were browsing the sites.

Of the 42 college students, 26 clicked the "OK" button on the most normal looking dialog, 25 clicked on each of the more obvious fakes, and 23 clicked on the most obvious fake, the one with the flashing text.  This study should be welcome news to malware crafters -- college educated users will click obviously dangerous dialogs over 50 percent of the time.

In all only 9 users closed the dialogs.  The rest minimized them, or dragged them out of the way, risky behaviors, as the next user at the computer could be exposed to the dialog.  The time between the dialog appearing and the user clicking remained approximately constant for all the dialogs.  This seems to indicate that the users did not even think much before clicking the foreign message.

In follow up questions, over half of students said the dialog boxes were a distraction from the task at hand and they would do anything to get rid of them.  The study seems to indicate that computer exposure, with lack of understanding has bred an atmosphere where users are unsurprised by dialogs and GUIs, and care little for their contents.

While the study's authors suggested education of students to warn them of these kind of dangers, the apathy of the students towards the dialogs seems to bring the fruits of such education into question. 

The study is appearing soon in the journal Proceedings of the Human Factors and Ergonomics Society.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Duh
By Fanon on 9/24/2008 8:51:09 AM , Rating: 2
It took a study to "prove" this? I knew most users were dumb after my first day in IT. They could've saved money and time by just asking IT departments.




RE: Duh
By jajig on 9/24/2008 9:00:38 AM , Rating: 5
People aren't dumb they just don't care. Just like I don't care about a strange rattle in a hire car.


RE: Duh
By nosfe on 9/24/2008 9:16:07 AM , Rating: 3
the problem is that nobody teaches basic troubleshooting at schools, only how to use the computer when its working as it should.
another problem is that when something goes wrong the first thing people tend to do is call their friends who know how to use computers, they don't bother to at least try to fix it themselves so of course they'll run for help at the slightest problem

Example: while using a partitioning program a friend of mine got an error saying that what he was trying to do wasn't supported yet in vista 64 and that he should make a recovery CD and use that. so he calls me to tell him what to do, even though I've never used that program ever; and after he managed to make a recovery CD(on his own, i convinced him to at least try and he did it without help) he called me again because he didn't know what to do with it(boot the system from the CD, which was written in the first error message, but who reads error messages?)


RE: Duh
By bharatwaja on 9/24/2008 9:32:55 AM , Rating: 3
quote:
when something goes wrong the first thing people tend to do is call their friends who know how to use computers, they don't bother to at least try to fix it themselves


So true and so annoying... I get at least 15-20 calls when I return from college everyday, from friends, asking so silly questions....

Once a friend called me up and said his computer wasn't powering up at all, and the first question I asked him was, "is your PSU switch turned on?" and he said "oops, sorry dude!"...... and I swore to god to switch off my mobile when college gets over, change my number, n give it only to ppl who absolutely need to have it (girlfriend, family, best of friends etc)..... and this was the only way to stop those annoying calls after college.....

Even the most uncommon of errors or problems can be solved by simply googling it, but ppl never even try! Damn, that's so annoying....


RE: Duh
By Hieyeck on 9/24/2008 11:03:37 AM , Rating: 4
Its amazing how experience can turn the ever-hopeful college grad into a mass of apathy. My buddy actually "I'm feeling lucky" 'ed a user.


RE: Duh
By ggordonliddy on 9/24/2008 8:07:43 PM , Rating: 2
15-20 support calls every day?! I find that very hard to believe.

Maybe 15-20 a month... maybe. Should be less than that per year.


RE: Duh
By bharatwaja on 9/25/2008 6:51:36 AM , Rating: 2
I got my friends their systems.... I built them, so whatever the hell happens, they come to me..... 15-20 a day, well not so much like you said, but I used to get atleast half a dozen annoying calls a day.....


RE: Duh
By Targon on 9/25/2008 8:55:01 AM , Rating: 1
When there are very few people in an area that have a clue about computers, they tend to track down those who do. I would not be surprised if some people get that many calls every day just to answer stupid questions. The real key is how long this will go on before the response is, 'If you want to pay me for my help, then fine, but otherwise, leave me the fuck alone!'.


RE: Duh
By LiquidIce1337 on 9/24/2008 10:41:35 AM , Rating: 2
AMEN to that. I get calls like crazy and it's all the friends that want the "free help" I don't mind doing it once or twice but when my cellphone is becoming a help hotline with question after question and walking people through it gets very frustrating. Contemplating changing my number as well.

And your right no one teaches people basic troubleshooting. They get scared when they see an error and panic. I think back ot the days when people use to believe the computer would blow up if you got a virus. My most common complaint is "my computer is slow" and it's usually a ocmputer they just bought form Bestbuy that is LOADED with all kinds of 3rd party ad's and apps that come with the customized OS. And they don't understand that you shouldn't leave your laptop on your bed (mostly girls in college have this problem)


RE: Duh
By Proxes on 9/24/2008 2:28:48 PM , Rating: 2
I'm rude and I don't care. After I started getting calls I just flat out told people: if you want me to fix your computer you need to bring it over to my place and I'll look at it. I will not walk you through figuring stuff out over the phone.

I did it all day at work and I sure as hell wasn't going to do it all night when I got home.

People don't like loading up their computer and taking it some place so it's a strong deterrent and they normally end up figuring it out on their own when they find their "easy out" isn't there anymore.


RE: Duh
By mircea on 9/24/2008 9:25:04 AM , Rating: 4
Aha, and then you ask why are you in the hospital with a bag of antivenom sticking to your your arm ;)


RE: Duh
By mdogs444 on 9/24/2008 10:02:00 AM , Rating: 5
Cmon, you have to admit that people are just flat out dumb. How many fell for the Nigerian email scam? How many actually think the government is going to give them something for nothing? How many people actually make business decisions based on what some random drunk guy in a bar tells them to do.

Yes, perhaps people really don't care, but that doesn't mean they are not truly dumb.


RE: Duh
By jajig on 9/24/2008 10:04:55 AM , Rating: 2
I like to believe people like that are in the minority.


RE: Duh
By mdogs444 on 9/24/2008 11:08:10 AM , Rating: 3
I like to believe that too, but wishful thinking won't change the world. That's why hope is not a strategy, and change is not a policy.


RE: Duh
By sgw2n5 on 9/24/2008 1:13:46 PM , Rating: 2
Staying the course works so much better... never mind the ship is headed for an iceberg.


RE: Duh
By FITCamaro on 9/24/2008 12:36:32 PM , Rating: 3
I would like to believe it too. But then I look around.


RE: Duh
By foolsgambit11 on 9/24/2008 2:34:50 PM , Rating: 2
They are in the minority. Not necessarily the vast minority, but less than 50% fall for those obvious scams. And less than 50% of these people fell for the obviously fake pop-ups.


RE: Duh
By RDC on 9/25/2008 9:34:26 AM , Rating: 2
23 of 42 that is. ;)


RE: Duh
By crleap on 9/24/2008 11:04:40 AM , Rating: 3
You hit it on the nose. They were using school computers, so who cares? This study would have been more valid if it used their own personal PC's, which may have used browsers with popup blockers, addons, who knows? Plus the fact that they care about that computer. On lab computers I was always more careless because I didn't have to face the consequences directly of clicking the wrong thing.


RE: Duh
By Oregonian2 on 9/24/2008 1:02:51 PM , Rating: 3
I agree completely. What do they care about the computer they were using? It's the IT department's (or the psych department's) business to take care of them and the software that's running on them.

Besides, if a box pops up who's to say that both "yes" and "no" both do the same thing (I recall one can have actions taken on both depending upon what's generating it)?

What the study demonstrated was excellent problem solving focus with most students not getting distracted by other issues (assuming they actually did quiz them on the material with successful results).


RE: Duh
By leexgx on 9/25/2008 12:53:46 AM , Rating: 1
if its an popup box or flash that be ture but there is still windows Box poping up asking do you want to run this virus open save close (exe program), as i know from watching alot of users thay waste alot of time closeing the x inside box's like in M$ word when thay close it thay press the inner x box first thay tend to do the same with popup box's and trigering maybe an bug in windows

i work for my self mostly doing home call outs and most of it is removeing malware off the pc some of it thats been on there for months thay just ignore it untill it realy stops them from useing the pc (some have parted money but most are not stuped to do that)

Alt+F4 or an reboot are some times the only option to get out of it (unless your useing opera in its default setup or Firefox with some plugins that may work with it)

XP malware is anoying but can be removed , Vista malware is most of the time an Full system restore as it brakes things that to not affect XP but stop things from working in vista

in vista you get at lest 2-3 warnings when in IE when the web site wants to do something that needs Admin or installing,

Problem with UAC is that Microsoft may have made the problem worse as M$ thinks users know what an UAC box is and are not even warrnred or given Any info about that User Account contol does for securty protection so thay just press ok and ignore it as "just another box" instead of checking why it poped up as in useing vista norm it should not need to come up

on vista theres not even an Wellcome to windows like we had on XP to explane whats new things are on it (not expect them to use the new help button)


RE: Duh
By afkrotch on 9/24/2008 11:38:01 AM , Rating: 2
quote:
People aren't dumb they just don't care. Just like I don't care about a strange rattle in a hire car.


That's exactly what makes them dumb. 20 miles down the road that strange rattle kills the car. Have fun.


RE: Duh
By ZoSo on 9/24/2008 12:13:46 PM , Rating: 2
The appropriate "Book(s)" for Dummies should be included and mandatory in the selling of new computers.
But then again, how many would actually read them? ,,LOL


RE: Duh
By Bonesdad on 9/24/2008 11:28:48 PM , Rating: 2
no, they're dumb...trust me.


RE: Duh
By myhipsi on 9/25/2008 9:25:03 AM , Rating: 2
It's not so much being dumb as it is being ignorant. Most people these days are simply ignorant. They figure there is someone else who will fix their problems, or that the problem will just magically go away. It's laziness and ignorance and it's a product of our modern compartmentalized society where people are trained like dogs to do one thing. It's like my neighbor who happens to be a doctor but can't manage to configure his home theater system. The Jack-of-all-trades kind of person is slowly dying out unfortunately.


RE: Duh
By BMFPitt on 9/24/2008 8:47:49 PM , Rating: 5
There were 4 totally unnecessary words at the end of that headline.


Another Fine Example Of Journalism
By UppityMatt on 9/24/2008 8:24:15 AM , Rating: 1
To the computer savvy, these silly attempts might make for a good morning laugh, but security experts say there's nothing to laugh about when millions of naieve users fall for the scheme and their computers become part of a botnet, used to launch devastating DoS attacks.

Do you use wordpad to type these up? I believe the word is Naive.




RE: Another Fine Example Of Journalism
By JasonMick (blog) on 9/24/2008 8:31:50 AM , Rating: 5
Actually its naïve.

How could could you forget the umlaut? Tsk tsk, says the spelling police.


By UppityMatt on 9/24/2008 8:55:11 AM , Rating: 5
So why did you catch it after the fact =)


By Spivonious on 9/24/2008 11:46:05 AM , Rating: 2
Actually it can be naive or naïve. Never naieve.


By gamerk2 on 9/24/2008 8:39:01 AM , Rating: 2
Proving why people need a decent popup blocker, like stopzilla or something simmilar. In 5 years, stopzilla has caught EVERYTHING that comes my why (it blocks chrone, last I saw :D ).


RE: Another Fine Example Of Journalism
By thehat2k5 on 9/24/2008 9:32:03 AM , Rating: 5
You spelling bee guys are really starting to piss me off. Go back to grade school where your spelling skills will be rewarded. What, are u tu smrt for that college boy?
I expect to go through comments and browse through an interesting dialoque in regards to the subject. Instead I get this useless whining about spelling and grammar mistakes. I bet it is you who click on these oh so obvious popups that are the subject of this article...
I am used to reading such errors in the National Post, so why should I give a hoot if an online news source makes a few mistakes with no 6 figure a year editor on staff to hit SPELLCHECK?


By retrospooty on 9/24/2008 9:36:26 AM , Rating: 1
+1

totally agreed Its really annoying.


RE: Another Fine Example Of Journalism
By spuddyt on 9/24/2008 11:37:24 AM , Rating: 5
so wuld u lk it if ppl spk lk ths? Although I agree that something as anal as naieve (which is actually the recognised spelling, assuming that you cannot do umlauts) is rather unnecesary - but still a certain level of spelling must be maintained...


By BladeVenom on 9/24/2008 12:19:24 PM , Rating: 5
This is a tech site; he should be using a spellchecker.


RE: Another Fine Example Of Journalism
By johnadams on 9/24/2008 12:50:00 PM , Rating: 3
Its about professionalism.


RE: Another Fine Example Of Journalism
By gamerk2 on 9/24/2008 4:08:24 PM , Rating: 2
You'd be surpised how many people on the internet DONT speak english as their first language...


By PhoenixKnight on 9/25/2008 9:23:33 PM , Rating: 2
True, but if you're a professional journalist posting an article online and English isn't your first language, how hard is it to have an editor who is a native English speaker proof-read it for you?


I wouldn't limit this conclusion to just pop-ups
By Beenthere on 9/24/08, Rating: 0
RE: I wouldn't limit this conclusion to just pop-ups
By jajig on 9/24/2008 9:04:45 AM , Rating: 3
I'd say the general public in the US would have to be reasonably smart. It is the richest most powerful country in the world after all. Furthermore, your examples don't prove that Americans are brain dead, but they do suggest you're an emo.


By Alexstarfire on 9/24/2008 9:52:21 AM , Rating: 2
That would seem to be a logical answer, but it's not so simple.


By bandstand124 on 9/24/2008 10:04:07 AM , Rating: 4
Actually, in 2007 USA ranked the 8th richest country in the world by GDP per person. If you treat it as a trade group it comes 2nd to the EU in a lot of estimates .

I don't really know what you mean by "most powerful".

Diplomatically, the USA has lost a lot of it's influence in recent years. Ditto for political and cultural power. It most definitely would have been top dog at some point.

Maybe military power, though how do you measure that? Ability to replace munitions?, population at "fighting age"?, number of nukes?

I agree with you, however, that crap tv and magazines doesn't suggest anything. Smart people read and watch dumb stuff all the time.


By Oregonian2 on 9/24/2008 1:15:19 PM , Rating: 2
How's the ranking as just a country (not per capita, not as a "trade group", not for all those younger than 12, etc)?


RE: I wouldn't limit this conclusion to just pop-ups
By jajig on 9/24/2008 1:44:27 PM , Rating: 2
In 2007 (in millions); #1 USA - $US13 840 000, #2 - Japan $US4 384 000. The US has more than 3 times the GPD of the next richest country.

For power I was referring to the military. Nukes do level the playing field somewhat, but as far as a large, modern, well trained defence forces goes the US is the most powerful.

I would also say the US is very influential from a cultural perspective. Just about everyone in the world watches American TV and movies, so goes for music too.


By lemonadesoda on 9/25/2008 4:51:32 AM , Rating: 2
er, bigger = better, is that your formula? The simplicity of your approach is awesome.

Is Italy equally influential because we all eat pasta and pizza?


By typo101 on 9/24/2008 10:10:12 AM , Rating: 4
First of all, most Americans today were born into this rich and powerful nation you speak of, so you can't really credit them with that achievement.

Secondly, although I think current American culture does not exactly cultivate intelligent, creative, inquisitive minds, I do recognize that there is no shortage of smart people to be found in the United States. However, there is no doubt in my mind that there is an over abundance of stupidity to be found all over the world and primarily in the US.

In all fairness, I had to use firefox's spell checker several times to write this comment and less than half were due to typos. So I am not exempt from the stupid gene.


By Meinolf on 9/24/2008 10:41:30 AM , Rating: 2
It proves we are dumb we voted Bush back in for a 2nd term.


RE: I wouldn't limit this conclusion to just pop-ups
By mdogs444 on 9/24/08, Rating: -1
RE: I wouldn't limit this conclusion to just pop-ups
By ZoSo on 9/24/2008 12:21:44 PM , Rating: 2
quote:
Could have been worse. We could have given Gore his first term. Or Kerry for that matter.

Talk about naive! ,,,LMAO!


By Oregonian2 on 9/24/2008 1:11:28 PM , Rating: 2
Funny thing is that Gore's VP running mate was very close to being in Palin's place now, he made the short-list. :-)


By kampret on 9/24/2008 1:09:17 PM , Rating: 2
quote:
I'd say the general public in the US would have to be reasonably smart. It is the richest most powerful country in the world after all. Furthermore, your examples don't prove that Americans are brain dead, but they do suggest you're an emo.


Have you read the news lately? This country's going down man...


RE: I wouldn't limit this conclusion to just pop-ups
By Regs on 9/24/2008 9:05:18 AM , Rating: 1
What ever happen to "Shit Happens" ?


By VaultDweller on 9/24/2008 9:57:18 AM , Rating: 2
Shit happened to it?


By afkrotch on 9/24/2008 12:00:08 PM , Rating: 2
quote:
In my experience, the general public (in America) is basically pretty damn stupid, period. Look at our education systems, TV shows, personal values, government leadership (sic), people's Net behavior and other examples and it becomes fair to conclude many in America are simply brain dead.
quote:


I my experience, the general public in every country is basically pretty damn stupid.

Lived in US, England, Germany, S.Korea, and Japan. So far...they all mimic each other. Yes, there are cultural differences, but it still all boils down to the same personal values, broken education systems, tv shows, etc.

Go to any supermarket in any of those countries and look through the magazine section. All stupid crap about some movie/sport/tv/etc star doing random crap. There's other informative mags dealing with other hobbies (comps, cars, photography, nature, world news, etc), but it's overshadowed by the previous. The fuck I need to know about Britney Spears love child (oh yes, that information will get handed out to all 5 countries).

Back in the day, the truly stupid would die off. Now we support them.


By Starcub on 9/25/2008 2:33:52 PM , Rating: 2
quote:
In my experience, the general public (in America) is basically pretty damn stupid, period. Look at our education systems, TV shows, personal values, government leadership (sic), people's Net behavior and other examples and it becomes fair to conclude many in America are simply brain dead.

Evidently some DT members took your comment personally. I do agree though, but by comparison to other countries, the US still manages to attract intellectual capital (it has to in order to survive) due partly to its exportation of culture. On the whole, things are actually worse in many other countries.

Just a note: I wouldn't base my judgement on this from the evidence provided by the most vocal minority (sources you described). I base my judgement on my own personal experience and the degree of decline I've seen in the quality of its educational institutions and students they produce.

Case in point: the topic artice. As a few others have pointed out, the confidence level of the study is closer to 5% than 95% due to its many inherent problems. Yet supposedly this is news. Example after example after example...


Not surprised
By lifeblood on 9/24/2008 9:08:26 AM , Rating: 2
In the past month I have had three different people bring me their kids laptop to fix. All three's kids were in college and none of them had anti-virus or anti-malware software installed. I ended up having to do a wipe and reinstall on all three as they were so badly infected with viruses, trojans, and everything else.

I know of at least three excellent FREE anti-virus packages. I use one of them and have never had a problem. It's amazing that people still don't practice basic computer security.




RE: Not surprised
By Denithor on 9/24/2008 9:22:20 AM , Rating: 2
And these are the same people reproducing and raising our next generation of dumbasses.

Pleasant thought, no?


RE: Not surprised
By Alexstarfire on 9/24/2008 9:55:52 AM , Rating: 2
No... it really isn't. May not have been so bad when computing and such wasn't very widespread... but now it should be the jocks who are the outcasts. This is a tech savvy world and the non-tech savvy are the ones reproducing. I'm not just saying saving sex either... because that's not true. We shouldn't allow this ignorance to spread. Again... I'm not saying that we kill them... but perhaps some forced education wouldn't hurt.


RE: Not surprised
By Rebel44 on 9/24/2008 10:23:28 AM , Rating: 2
Idiocracy :(


RE: Not surprised
By tential on 9/24/2008 10:38:48 AM , Rating: 2
Who would be surprised? We are all people who use the computer a lot. Most people use computers for just web browsing and instant message. You can tell how much people know about computers when they buy one. People now a day spend 2000 dollars on a laptop sometimes when all they do is web browse. Then there are others who buy an XPS because they THINK it's a gaming laptop (when dell hasn't even upgraded to Centrino 2 yet).

Computers are confusing to most people and I don't think any amount of training will help them. They have to be generally interested in computers and most just want to keep in touch with their friends. This is why the IT industry is flourishing and also why people in the IT industry usually don't have much trouble with their jobs. All they have to do is remind people to turn on their computers or to plug it in(the most frequent problems according to my IT friend in the Navy). Ya it's a problem that they become part of a bot network but there isn't much we can do to stop people from not caring.


RE: Not surprised
By afkrotch on 9/24/2008 12:23:16 PM , Rating: 2
quote:
when dell hasn't even upgraded to Centrino 2 yet


Centrino 2 is a platform. You don't need to comply to Centrino 2 standards to make a gaming laptop.

An XPS M1730 with a C2D Extreme and 8800M GTX SLI is a extremely capable gaming laptop. Many gamer's desktops couldn't even match it in performance. It's not Centrino 2, cause it uses an Nvidia chipset.

If I wanted a gaming laptop, I'd probably go with a Dell over HP/Compaq, Gateway, or the other high priced alternatives.


RE: Not surprised
By JediJeb on 9/24/2008 10:54:40 AM , Rating: 2
I think it's all about the money. Easiest way to solve this would be for Microsoft and other software companies to just remove the ability to create popups from the operating system and browser software. But then they would lose money from advertisers, and the ones who sell anti-virus, anti-malware software would lose business because fewer computers would become infected ect.

What actual purpose does a browser popup serve? I never have and never will even look at one before killing it.

Also for the majority of people the error popups in the operating system should be disabled. An error pops up a message and to all but those who know programing they are meanlingless. It would be just as efficient for the system to crash for the average user than to have a message pop up that says " your system is going to crash, nothing you can do about it, just click OK and get it overwith" What information in a message about not being able to access memory at xxx location is even useful to the average user, even our IT guy usually just tells us to reboot and not worry about it. Make those messages something you need to turn on if you really want to see them.


RE: Not surprised
By Oregonian2 on 9/24/2008 1:08:34 PM , Rating: 2
In the very few and simple websites I've done, there have been times when popups were appropriate, particularly when some information needed to be told to the user but without wanting to change the context of the current screen (not changing the current page). Maybe I just wasn't clever enough, but it was all I could think of.


RE: Not surprised
By leexgx on 9/25/2008 1:05:10 AM , Rating: 2
thats an very good idea with the blocking popups all out

all legit ads are not popups thay norm stay inside the page at the top or down the side, some poorly made web sites use popups to make new windows

ATI need to Fix there drivers web site as it trys to open an survey page as an new window but all popup blockers (so 99% users most likey never see it)


RE: Not surprised
By SavagePotato on 9/24/2008 11:31:37 AM , Rating: 2
Really anti-virus and anti-malware are only as effective as the user makes them most of the time. If I only had a dollar for every computer that came through with popups springing from the antivirus tray icon proclaiming that it has been out of date or expired for six months.

You still have the same dumb user with a program trying to be smarter than they are.

In addition it's not foolproof. I have seen so many computers blisteringly infected and the user is confused as hell because they have norton and that means they can't get infected right? wrong.

Anti-virus and anti-malware are a band aid on the underlying problem, proper education on how not to get infected in the first place.

Maybe they should start teaching things like this at the elementary school level.


RE: Not surprised
By Spivonious on 9/24/2008 11:47:43 AM , Rating: 2
Send them to me next time. I've never had to do a wipe and reinstall and I've seen cases so severe that they couldn't even boot into safe mode.


RE: Not surprised
By SlyNine on 9/26/2008 9:28:57 PM , Rating: 2
This guy probably complains when people bug him about fixing their computers too.


RE: Not surprised
By afkrotch on 9/24/2008 12:08:25 PM , Rating: 2
quote:
It's amazing that people still don't practice basic computer security.


Smart computing > antivirus+anti-malware

I don't use any antivirus or malware blockers. I have multiple computers and I use my old laptop to surf questionable sites. Ever month, I reimage the laptop (if I bothered to surf a questionable site). It doesn't touch my network either. I use the available open WAPs in my apt complex.


RE: Not surprised
By lifeblood on 9/24/2008 2:02:36 PM , Rating: 2
You are lucky to have multiple PC's and to know enough about computers to be able to do this. Most non-IT people I know have one computer and just want it to work when they use it.

Anti-virus & anti-malware software are not perfect, but they do make it much safer. They are a nessasary first step.

Smart computing includes, but is not limited to, antivirus+anti-malware.


The study is flawed
By lco45 on 9/24/2008 9:26:13 AM , Rating: 5
The study is flawed because:

1. They weren't using their own computers, ie. computers they cared about.
2. They had been given a task, so would have had more pressure to continue browsing and dismiss popups than a casual user would have.
3. Only 42 people, and all in the same demographic.




RE: The study is flawed
By jajig on 9/24/2008 9:54:05 AM , Rating: 3
I completely agree with this. Most people don't care if it's not theirs.


RE: The study is flawed
By Alexstarfire on 9/24/2008 9:59:09 AM , Rating: 1
I must be in the minority then. I even care about the computers at school. I have to fucking go install Firefox every time I use it because all the other browsers they have on their randomly crash, and that includes Mozilla. Got to say though.. I don't usually visit sites that have pop-ups. Once I know a site has them... I usually just avoid it. They are annoying, but that doesn't mean I'm a fool about them.


RE: The study is flawed
By foolsgambit11 on 9/24/2008 2:44:49 PM , Rating: 2
Mozilla = creator of Firefox. Your post is confusing me. Is Firefox installed or not? Is it a previous version, and you're installing the latest version?

As an aside, I love the fact that Mozilla made Firefox with low enough permissions that it can be installed without Admin privileges. Same with Google Chrome.


Who was used in the experiment?
By the goat on 9/24/2008 11:56:58 AM , Rating: 2
quote:
exposed 42 college students to them . . .


quote:
college educated users will click . . .


They are either currently college students or they are college educated users. It is impossible to be both at the same time.

There are so many flaws in the way this study was conducted the results are worthless.




RE: Who was used in the experiment?
By KristopherKubicki (blog) on 9/24/2008 3:49:42 PM , Rating: 2
By many a psychology standard, "college educated" means "post-high school higher-education," regardless of how much he or she has actually obtained.

"College graduates" is the term you're thinking. Are you concerned that 42 kids who have never known anything but a world with the internet are a worser test case than say, 42 soccer moms ?


By the goat on 9/25/2008 7:24:04 AM , Rating: 2
I guess we have different interpretations of the terms in question. If somebody told me they were "college educated" and I later found out they did not even have an associates degree, I would consider them to have lied.

On the broader topic, the homogeneous composition of the test group is only one of the major flaws of this experiment. Some other huge flaws include: conducting the test on a third party's computer, misleading the test subjects about the test, using an artificially constructed fake "browser hack".


By Aloonatic on 9/26/2008 9:36:09 AM , Rating: 2
Sounds like you have experience of playing with these terms.

Your CV (resume/résumé is it outside of the UK?) must make for interesting reading.

I am PHD educated student as I sat in a lecture that had PHD students in it once.

Just call my Doc

/joking


Alt+F4
By bobsmith1492 on 9/24/2008 9:54:13 AM , Rating: 2
Solves all my problems...




RE: Alt+F4
By Scabies on 9/24/2008 10:27:39 AM , Rating: 2
omg lern2 ctrl+W imo


Who Reads Directions Either?
By Quiescent on 9/24/2008 10:19:34 AM , Rating: 2
I knew just how dumb people are. Why do you think they switch to macs? They do it because they think they're going to be problem free (which is absolutely untrue!) and because they get some crappy emachine with a mixture of PEBKAC to ruin it all.

I tell you, a lot of users don't know any better about computers. I had one person who had Windows ME on their computer and refused to have a different OS installed onto their machine. It was terrible how this user made themselves suffer. lol

But this all boils down to the same crap that we knew about before computers were ever dominant. A lot of people don't read directions, a lot of people won't read anything unless they want to. Which does not include directions, manuals, something in an installer (for instance MSN Plus has a page in the installer to click on this thing to support them by downloading smiley central, more likely than not everyone I've talked to has clicked it and had smiley central installed.), just practically anything that will keep them safe, make them know better, etc, etc




RE: Who Reads Directions Either?
By Oregonian2 on 9/24/2008 1:19:20 PM , Rating: 2
"Dumb" is also relative. I know someone who isn't a computer person and most everybody here would say is a computer dummy. However that person has her field of expertise such that she could make almost anybody here seem like a real dumb-ass. I think the word dumb is being passed around here a bit loosely.


Job security.
By Dean364 on 9/24/2008 1:10:13 PM , Rating: 4
I bill by the hour, so please keep clicking those pop-ups! And please, don't go ruining a good thing by teaching these people the difference. My family needs to eat!




419 scams can get very dangerous
By Sunbird on 9/24/2008 2:26:36 PM , Rating: 2
419 scam victim rescued
[South Africa] Two Nigerian men have been arrested and the Swedish man they allegedly kidnapped is now safe and sound.

http://www.iol.co.za/index.php?set_id=1&click_id=1...

Damn Nigerians >:(




By kilkennycat on 9/25/2008 1:32:18 AM , Rating: 2
I noticed in Anandtech a few months ago, when there was an article related to the Nigerian scams, that the Nigerian government very proudly stated that not more than 0.1% of the Nigerian population was involved in propagating these scams. Iirc, Nigeria has 141 million people....that's 141,000 people if my high school training holds up....


Not the user's fault.
By bandstand124 on 9/24/2008 9:26:37 AM , Rating: 3
Users aren't naive, they have been trained to work this way by Windows (Albeit XP onwards isn't as bad).

You are new to using a PC, you get an alert which you don't understand (it might even be in hex), it has a button "OK" (pretty ambivalent word, OK), you tentatively click it, the alert goes away, nothing else happens, after a few more occurences of this, the alert starts to mean "Hi I am in your way, click me and I will go away".

Malware writers then anticipate this, perfectly reasonable, behaviour and design for it.

Many users don't really know why sometimes it's the position indicator is a hand and sometimes an arrow, and in my experience they don't want to know. They just want to get their work done.

These alerts are obviously a design flaw as they engender dangerous behaviour in users, it's like UAC where many people are prompted to just turn it off.




so many idiots post saying others are idiots
By s d on 9/25/2008 2:54:03 AM , Rating: 1
so many idiots post saying others are idiots!

almost none of the reponders to this thread have actually said what needs to be discussed here ... what is the solution to a pop-up!

typically when i am on a suspected malware website (cough* porn *cough) i will encounter pop-ups that ask:

1) click this to stop from being infected
2) click this to bookmark our site
3) "windows needs to tell you this bull-shit right now" click this to forget about it

etc.

run > taskmgr > processes tab > 1 x left click iexplore.exe > at the bottom is a box called "end process" ... click on it




By Targon on 9/25/2008 8:59:04 AM , Rating: 2
The problem is that people in high school are still getting the same level of computer education people did back in the early 1980s. I am serious, I bet that the vast majority of high school students can not answer some really basic questions, like, "What is an Operating System?". It is pretty sad.


By aguilpa1 on 9/24/2008 9:10:06 AM , Rating: 2
As an IT pro, my biggest surprise has been just what a difficult time the average user has in seeing the contents of the screen and hearing on their phones??? I do not work for an old folks home, this is an average large office environment. I was surprised how many folks could not handle a screen resolution higher than 800x600. People tend to be to proud to acknowledge they have difficulty dealing with this and would rather ignore pop up messages and click the biggest button (ok) and close it, never knowing what was on it. I have 20/10 vision and hearing of a bat so it just seemed unusual so many folks have problems.




stupid article, too
By Visual on 9/24/2008 10:58:33 AM , Rating: 2
The really dangerous prompts are actually the real, genuine operating system or browser prompts - "install activex component?", "run program?", "accept certificate?", and some less fatal but still with annoying consequences like "make homepage?" or "set as default search engine" etc... those are the ones users need to learn to recognize and take seriously instead of just clicking through blindly.

Nothing bad can happen from clicking OK into a webpage - except maybe getting some more popups...

As a matter of fact, clicking Cancel is just as stupid as clicking OK - both buttons are inside the web page and so can potentially do exactly the same. The most non-stupid reaction probably is closing the window with the "x" in the top right... but even that - through the onbeforeunload event - can trigger mostly the same actions as the inside buttons or even no action at all. If anything, this only means the browsers we use are stupid, not the users. Of all current browsers, AFAIK only Opera has the option to disable script execution when you are bombarded with prompts and alerts. Other browsers you'll just have to terminate from taskmanager.

It is stupid to have gone to such a shady website in the first place, true... but this isn't the case in this study. In this case I only see that the researchers are wasting their time with stupid things, and the ones posting the article about it are just as stupid too.




The Red Button Test
By bertomatic on 9/24/2008 11:04:35 AM , Rating: 2
Put a red button on the wall, in a public area, with a sign that says "do not push" and I guarantee that "someone" will push it.




Better
By jRaskell on 9/24/2008 12:33:06 PM , Rating: 2
This Blog entry would have been 10 times better if the image linked to some actual malware or virus.




title should have ended
By someguy123 on 9/24/2008 2:03:31 PM , Rating: 2
at the word stupid.




new title.
By crleap on 9/24/2008 3:09:06 PM , Rating: 2
The phrasing of title is incorrect. Should read:

Study Shows Average User Is Pretty Stupid , illustrated again When It Comes to Popups




>><<
By shin0bi272 on 9/24/2008 4:31:38 PM , Rating: 2
Is anyone reading this actually surprised by this?

to quote men in black:
quote:
Edwards: Why the big secret? People are smart. They can handle it.
Kay: A person is smart. People are dumb, panicky dangerous animals and you know it.




Closing popups
By DeltaZero on 9/25/2008 8:11:49 AM , Rating: 2
Minimizing the popups or dragging them away isn't "flawed"! Didn't you ever get those annoying popups that spawn two new ones for each one that you close?




By Fnoob on 9/25/2008 9:54:52 AM , Rating: 2
Do you have any idea how many Xbox360s and iPhones I have won? I love those popups, keepem coming! Sighs...




Anyway...
By Josett on 9/25/2008 10:05:22 AM , Rating: 2
quote:
In all only 9 users closed the dialogs.


... it'd suffice to turn the 'close' button and/or 'Alt+F4' to activate the malware, if so wanted.

Again, it's mostly a question of ignorance rather than stupidity.




By Jay2tall on 9/25/2008 12:41:57 PM , Rating: 2
People have no desire to learn about computers because there is always someone there to fix it. I get asked questions all the time since I'm in IT. When I'm not at work, if you aren't Family or Friend I tell them $40 an hour. I don't give free advice anymore or help people. Because they don't care to know anything they just figure the will get free help.

With that said, why don't people take a course? you need a licenses to drive a car, why not take a course to learn how not to be stupid with a PC... or MAC. People just don't get it. And some of it is just rediculous.

Examples from my helpdesk days:

-User was traveling and in a hotel and her mouse didnt work. Tried to work with her and she had no desire to walk through steps with me. Had to pass the ticket to 2nd level because the call was over the alloted time. Turns out she was using an optical mouse on a glass coffee table. DUMB

-Users PC wouldn't turn on. Eventuallly walked down to her desk and said she was turning on and off her monitor. She didnt realize the box under her desk was the PC and hadnt shut it down for 2 years. The power went out over the weekend and she couldnt turn it back on.




“We do believe we have a moral responsibility to keep porn off the iPhone.” -- Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki