?

Log in

No account? Create an account

Previous Entry | Next Entry


Justify yourself to me.

Go on, do it. I want to hear it.

I'm talking about you people who use Microsoft's Outlook e-mail program. Still.

If you've been on the 'net for at least a year, you've probably gotten a virus in your In box. Maybe you opened it, maybe you didn't. Maybe you've had the shame and embarrassment of having your address book be a point of origin for one of these nasty worms remailing itself to all your friends. Maybe you've had one mailed to you.

In any case, you're likely aware that Outlook is vulnerable simply because it's one of the most widely-used e-mail programs out there, and those who write viruses target it for maximum delivery.

My question to you is this, then: why the heck are you still using it?

Before you get all snippy, I'm not talking about your work machine. I realize offices often force standardization, and they usually standardize on Microsoft.

This isn't even an anti-Microsoft rant, though the glaring security holes that they've left in this program have left it even more vulnerable than it might be.

It's really more about recognizing your place in the global scheme of things, in the big picture, and taking action. It's about "what is my personal responsibility to prevent the spread of these things," "who's my neighbor/friend, and what do I owe him or her," and about "what I can do personally to make things better."

Well, you can stop using that program entirely. There are other excellent e-mail programs out there, and some of them are even free. Ask yourself this: have you even taken the time to look? Did you download any of them to evaluate them? Or did you just take what came pre-installed on your machine, because it was easy, because it was the path of least resistance, and you didn't have to invest any effort? Is it ethical to continue to use a program with such a high risk factor for yourself and others? If you are willing to accept the personal risk of harm to your own property, do you have the right to accept the risk of harm to others, to own that? I don't think so. If you do accept that, and you infect someone else through your own ignorance or negligence . . . well, it sounds harsh, but in truth, it makes you an accessory to a crime. I don't want to hear any whining about how it is the fault of the virus programmer, not yours: if you're not doing everything you can to prevent it from spreading, then you're part of the problem.

If you actually have explored other alternatives and you still like Outlook, have you taken the time to do what you can to safeguard it? Not just anti-virus software, either: that does little good if you get a virus before the software manufacturer has had the chance to update it.

I used to help police a company by serving as a watchdog for some of the crap that users would send around the office. Hoaxes, junk posts, chain letters, you name it. You should've heard some of the comments in the IT department about these folks. But the truth of it was, their ignorance was part of the problem. Try as we might to educate them, they'd still do the same things time after time after time. "Don't do this," we'd say. We'd explain why not, in very simple human terms. No, really: I know how bad geekspeak can get, and I'm sensitive to it. Plain language only, I promise. They'd still do it. And we couldn't take their toy away from them, unfortunately, because they still needed it for business communication. Nice, well-intentioned folks, most of them, but clueless nevertheless.

But I digress.

If you've read this far, and are actually willing to look into other e-mail options, post here and let me know. I'll send you a recommendation.

Thus ends the PSA of the day. ;) It felt good to write it, too. Oh, did it piss you off? Bring it on. Impress me with your mad debate skillz. Explain to me how you can justify potentially or actually infecting your family and friends. Convince me how that's morally acceptable, assuming your morals include some facet of decency. I'll pop the popcorn, 'cause I want to hear this. And if some of you remove me from your Friends list over this . . . well, at least I know you were paying attention.

Tags:

Comments

pointedview
Dec. 9th, 2001 12:48 am (UTC)
Actually, I do think people with viruses should stay home from work, assuming a relatively normal work environment. That's what sick days are for, and they should take them.

On something like an e-mail client, with something so small, where it's so easy to prevent the massive spread of computer viruses, absolutely, I think people should take appropriate "prophylactic" measures as well. I'm pretty sure that you probably know firsthand how damaging they can be to a company - one negligent user cracking one open at my former workplace could have damaged a massive amount of data: client financial records from people applying for mortgages, expanding that virus out to all the people on his or her address list, presumably other finance-related companies, including the associated bank - now we're talking checking accounts and related documents, tons of transactions a day . . . stuff happening to the records of people who weren't directly involved in any way. Yes, financial institutions work very hard to make sure things like this don't happen - thus, having been a gatekeeper for one of the example institutions, I've seen in person the measures taken by IT to guard against the ignorance of people who don't know any better.

It doesn't particularly matter in this instance whether they intended to do harm. Most of them have the best of intentions, but, from a consequentialist perspective, that won't bring back the damaged data and time lost while restoration is done.
gooddan
Dec. 9th, 2001 03:05 am (UTC)
For biological viruses, a person can be infectious before they know they are sick. My children got chicken pocks at a birthday party from a child whose pocks appeared the next day. Viruses can be sneaky that way.

You cite the potential damage to businesses, but in your initial case you say that businesses usually mandate use of the software in question. In the case of a business, where much is at stake, the onus is on the business to minimize risk and be prepared for disaster recovery. It is not a question of a personal choice of email client.

More people are bitten by golden retrievers than any other breed of dog. Does this mean the breed is particularly viscious or antisocial - no, just that there are more golden retrievers than any other breed. That more viruses are spread by Outlook Express is analogous to more bites by golden retrievers. If your message were broadly accepted and everyone started using Calypso, pretty soon the weaknesses of that program would be exploited to the same ends.
Changing to a less popular client to dodge viruses is practicing "security through obscurity."

Sendmail is the internet's most popular program for the delivery of email (a mail transport agent, not an email client). Many people have campaigned for its retirement citing that more security breaches happen with sendmail than any other MTA. This actually is a good reason to continue to use sendmail. Each exploit has shed light on a weakness which has then been patched. The end result is a program that has been more thoroughly hardened than most other MTAs.

With a little effort, Outlook Express can be patched and configured to run in a reasonably secure manner. I think educating people on how to secure Outlook Express would be a more sure path to your goal of reducing the harm and spread of email viruses.
pointedview
Dec. 9th, 2001 03:32 am (UTC)
Well of course biological viruses can be bloody sneaky. I spent two years as a patient counselor in an HIV clinic, and one of those years serving on the board of directors for said clinic. However, speaking from a consequentialist perspective, a person can most certainly still be infectious once they've developed symptoms, and once they are aware that they're sick, then not spreading the disease throughout the population is the considerate thing to do. Obviously they can't do anything when they're not aware that they're contagious. However, someone would've had to have been living under the proverbial rock not to know that e-mail is a common means of computer virus transmission, so they should have that basic awareness when it comes to dealing with computers. They may or may not understand the specifics of it, but even my father is aware of the basic concept.

Yes, in a business, the onus is on the business to protect itself, but the business certainly faces challenges in the form of individual users, some of whom apparently cannot be taught short of using Pavlovian pain/reward signals. :/ With home computers, then the home user is responsible, and it is there that I am specifically making the recommendation on taking responsibility for arming oneself appropriately.

Your argument about brinksmanship would be a good one, but your "logical extreme" only exists in a theoretical sense. In the grand scheme of things, I am shouting into the wind, and I know it. Hey, it's my journal, so why not? ;) I didn't ask anyone to read it - they're here of their own accord. There will be no mass switchover from Outlook. However, in my little microcosm, I just reduced my personal risk of endangerment by at least two, possibly three users (I had this discussion offline as well). In my microcommunity, I did myself a bit of good, and a few other folks as well. I have no illusions that there's going to be some massive adoption of my idea, and if there were, then you'd be right - it would just be switching one majority for another. However, that's not going to happen as we both know, so the only betterment comes from individual improvement of safety, and one route to that safety is one I've suggested. Also, as I said in my full post, "if you just like Outlook, have you done everything you can to protect yourself and others," etc. - I covered that base as well.

I believe in taking personal responsibility for not polluting the communication stream with viruses, if possible. I also believe strongly in people making educated, informed decisions by being aware of and exploring their options. As someone with children, and cute ones, too, ;) I am sure you're all-too-familiar with the phrase "how do you know you don't like it if you haven't tried it?" If one person found something they liked better and that was a little less vulnerable to hackers given the state of Outlook's saturation, then that's a good thing.

gooddan
Dec. 9th, 2001 09:21 am (UTC)
I can hardly continue to play devil's advocate now that you've said my kids are cute. I use nmh under Linux (with some helpers: fetchmail, procmail, exmh, and gnupg). I've been using some incarnation of mh for about the last 10 years, but I concede that it is a system only a programmer could love, and only a very few of them. In my experience, viruses are something of a novelty. The idea that someone would send me an executable or, say, a perl script, in my email and that my client would automatically execute it is ludicrous. I don't exactly have warm feelings for Microsoft, but I don't proselytize anymore. Instead, I actually own some of their stock. If you think of Microsoft, its software and users, as some sort of self-perpetuatuing anti-competitive nation persuing its own "manifest destiny", about the best you can do is make some money off o t it. Just as the RMS Titanic had its iceberg, Microsoft may yet falter. So long as there is opensource software, I'm not worried. I'll leave you with something that showed up in my mailbox one day.

- YOUR HAVE NOW RECEIVED THE UNIX VIRUS -

This virus works on the honor system:

If you're running a variant of unix or linux, please forward
this message to everyone you know and delete a bunch of your
files at random.

Profile

Twin Peaks: Snoqualmie
pointedview
pointedview

Latest Month

January 2019
S M T W T F S
  12345
6789101112
13141516171819
20212223242526
2728293031  

About Me:

Tags

Page Summary

Powered by LiveJournal.com
Designed by Ideacodes