Free anti-viral software to every citizen. This should be adopted immediately as core Lib Dem policy, and be in the manifesto for the next election. Like Roman bread and circuses, it would be a hugely popular vote-puller. It would propel the party to first place in the polls. Moreover it is also intellectually defensible, a rare combination of virtue in today’s post-modern sound-bite world.
You might smile and think this is typical wacky Lib Dem stuff, the kind of thing which George Orwell’s bearded fruit juice-drinking Liberals, wearing shorts and sandals, would come up with. Not for today’s smart-suited Lib Dems…
But I’m serious. Justice policy needs to catch up in the virtual world to match the role it plays in the physical world. Our physical property is defended in principle in law, and in action by the police and courts. Our intellectual property rights are similarly defended in patent law. But we are expected to protect our virtual world, our software rights, our e-mails and web sites, ourselves at our own cost.
We have to rely on potentially unreliable independent private sector anti-virus companies. They may well have perverse incentives, either not to spend sufficiently to offer full protection, or even in really perverse cases, to release viruses themselves! Current providers’ software is in any case imposing a huge universal toll in increased task processing time for everything we do on our computers. This really is having a significant effect on administrative and managerial efficiency in the economy.
Such a policy would of course have a cost. The government would need to extend GCHQ to include a team of top rate virus software detection and protection programmers. But firstly the cost could be shared by inviting other national governments into a bilateral, multilateral, EU-wide, or even a global scheme. Secondly it’s right that citizens should be protected by the state. If people started throwing stones at my house windows, the police would come straight round.
And thirdly, the economic benefits of a virus free virtual world are huge, particularly if a government anti-virus program operated without slowing down processing tasks as heavily as current packages do. Finally it would create jobs in Cheltenham 🙂 Eventually, it might even place UK as a global software leader with its own public sector anti-virus champion to stand alongside Microsoft, Google, Facebook and………. (dream on).
Is there any possible argument against this policy?
* Geoff Crocker is a professional economist writing on technology at http://www.philosophyoftechnology.com and on basic income at www.ubi.org. His recent book ‘Basic Income and Sovereign Money – the alternative to economic crisis and austerity policy’ was recommended by Martin Wolf in the FT 2020 summer reading list.
62 Comments
Um has the author not heard of AVG?
There are a number of free anti-virus software out there. There are also a number of virus-free, UNIX based operating systems out there which are incompatible with most Windows-targeted malware: I personally use Ubuntu.
The real problem, as I see is, is a lack of consumer awareness. Consumers who don’t have an idea of what free virus software is out there, who don’t know that there is an alternative to Windows, and who are at a strong disadvantage when they walk into PC World and become reliant on the staff who need that all-important suggestive-sell.
Hopefully the release of Windows 8 will be controversial enough with regular users that operating systems like Linux Mint, Google Chrome (or Android!) might become a popular alternative, especially now Steam is being released for Ubuntu. We might just be entering that exciting period like we had in the 80s when we had genuine competition in the PC market again.
Massive unemployment, real poverty, benefits being stripped, energy and food costs going through the roof and this is all you can come up with to win votes? As has been said there is already free anti virus out there, AVG, Spybot, Spyware Blaster to name but three and there are more.. A hugely popular vote puller? No. A way to link us all into GCHQ? Yes.
Imagine the government would work together with a locksmith to give every house in the country free locks. Burglars would love it: they’d only have to defeat one kind of locks. Your suggestion is likely to make our computers less secure, not more.
As people have pointed out, there are several free AV solutions out there. They will work for many people; others will prefer to pay some money for possibly better security. Just like the front door of my flat doesn’t need to be as well secured as Downing Street 10, there isn’t a “one size fits all” anti-virus solution. The idea that GCHQ could make such a solution is plain wrong.
Why should the government pay? Any company that knowing sells an operating system with massive security holes in it should be liable for any damage caused.
Further to Martijn’s comments, if the government were to provide free virus software for every home then why not free locks to protect our physical property?
Competition ensures that independent private sector anti-virus companies can’t afford to be unreliable otherwise they’ll lose out to more effective competitors as well as ensuring there are a multitude of different ant-virus packages which the creator of a virus would need to defeat. Where the government potentially does have a role is in raising awareness of the issue, in a similar way to crime prevention initiatives with physical property.
As for ‘increased task processing time’ , any virus scanner will have some impact., but here again competition helps. The anti-virus developer who can combine effective protection with minimal impact on the computer resources it requires is going to have a competitive advantage.
“Such a policy would of course have a cost. The government would need to extend GCHQ to include a team of top rate virus software detection and protection programmers.”
I cannot imagine anything more sclerotic, and less suitable to the agile requirements of AV on personal computers, than a government AV provision!
Helicopter Economics?
In Trinidad and Tobago, a second-world country in the West Indies, every secondary schoolchild gets a free laptop, with all the software the children need including email and internet access. I’m pretty sure it includes anti-virus too.
Time for the UK to catch up?
I see that there’s not much sense of fun out there in LDV circles 🙁 So I’d better treat the comments very seriously. I’m never sure why smart commentators always start with ‘Um’, Dan but yes I have heard of AVG and of Avast which I use. But the point is why we should have to rely on private initiative to protect us from crime in the virtual sphere? What if AVG, Avast and others decided not to bother? How do we know how effective they are (in protecting our virtual world whilst slowing it down as little as possible) anyway?
Anne I don’t see that this proposal can’t be made alongside other proposals to seriously tackle major issues? I have contributed several Op-eds on the economic crisis, austerity etc. as well as this light hearted piece. See https://www.libdemvoice.org/opinion-the-conflicts-of-economic-policy-30536.html for example.
Martijn and Mark have a better point comparing anti-virus software to door locks rather than to the police. But I repeat my point that if people were consistently throwing stones at my windows, the police would come round (they even offered psychological counselling to one of my neighbours who had had their garden bench stolen!). But I don’t agree with you Mark about competition. The market is massively monopolised by Microsoft. Despite the availability of alternative browsers, most users demonstrate inertia and lack of technical ability to navigate their way round. Your suggestion that we can discover which AV supplier offers best protection at least processing speed cost is a hope too far for the free market.
Anyway, the nation needs a fun policy alongside all the gloom 🙂 (as well Anne as a fiscal economic stimulus).
Fun is not a word in the LibDem dictionary, Geoff. It has too many letters. Concepts of free thinking, creativity, brainstorming without barriers, all that, they are for the far distant future !!!! 🙂
Liberals should be encouraging the use of Free Software, which doesn’t have those problems in the first place , rather than encouraging the government to subsidise a proprietary monopolist by providing a fix for that monopolist’s incompetence.
Well Jedibeeftrix, some government services actually do achieve service standards equivalent to best private sector practice. The Passport Office, DVLA and the NHS in many though not all of its parts, are good examples.
I bet GCHQ and such would just love the chance to install software on all our computers that examines every byte in and out, entered and deleted!
Andrew, yes I support your anti-Microsoft stance. They are simply dreadful, totally unresponsive, and have deliberately killed higher quality competition, But is Free Software really viable and free from viral attack?
OK, for the nervous, GCHQ was a bad choice of supplier 🙂 I accept a policy amendment on this point.
But does this imply that we are vulnerable to the same invasion you are complaining about from AV suppliers we do use? In which case, what’s the difference?
Hmm… rather than using tax payers’ money to remediate security flaws in products that are sold by private companies for private profit – such as Apple and Microsoft – would it not be better to use the money to improve awareness of the availability of open source alternatives ?
Like Toby we use Ubuntu 12.04 on all of our computers at home. It is completely free, very secure and stable, looks attractive and comes with (for free and at very high quality) every imaginable piece of software that anyone could wish for. including a complete office suite that is compatible with Microsoft’s Very Expensive Office.
Hmm,.. um… etc, A terrible thoought, but what if Avast, AVG, Ubuntu and others are fronts for GCHQ or someone worse? How otherwise DO they fund their free AV software?
The odds of getting a virus on a modern fully up to date operating system are tiny – so long as you don’t blindly override the security already in place. And that’s the crux – it’s mainly user incompetence that allows viruses to spread not O/S insecurities. (Nitpicker note: I’m not saying such drive-by attacks don’t exist but they are rare and ephemeral.)
Once upon a time people claimed Macs to be immune from viruses but as soon as they started entering the mainstream that all changed. It’ll be the same with Linux desktops, if they ever becomes usable enough to accumulate large numbers of ordinary users. Because no matter how bug-free the software is, and Linux desktops are no where near as battle hardened as Windows or Mac OS, the only thing standing between a virus and its target is the user and their password.
Unless ordinary users become a lot more security savvy, IMO not a realistic expectation, AV software will be necessary on any mainstream platform.
You are aware that all new Windows installations come with a free built-in Microsoft made anti-virus package which, according to various industry benchmarks, is just as good as any other anti-virus package out there?
If I were going to do something to do with technology how about making sure that every household has access to the internet? Or how about making sure, by using donated computers and linux operating systems, that every school could have a computer for every child at almost no cost whatsoever?
I’m sorry, but there are far, far better things that can be done than the government going through all the expense and bureaucracy of providing free anti-virus software for everyone.
Geoff, yes Free Software is ‘really viable’. I’m talking here of software that is free under the definitions of the Free Software Foundation ( see http://www.gnu.org/philosophy/free-sw.html ) — software that allows anyone to distribute it, modify it, and distribute those modifications.
Companies like Facebook and Google run all their servers on it. Most of Apple’s OS X is based on it. Every *important*, high-maintenance, high-uptime website is based on it. I’ve used only Free Software (Debian GNU/Linux) on my desktop for a decade now without problems. I use Free Software on my work laptop (I don’t want to claim my views here are linked to my employers, so I won’t mention their name, but they are an Incredibly Big Megacorporation 😉 ) and a lot of my work is based on making products that work using Free Software.
And yes, it’s free from viral attack. The re are several reasons for this. One is that it’s easiest to target a monopoly like Microsoft — why write a virus that attacks 5% of computers when you could write one that attacks 90%? — but there are many other good reasons. Firstly, the UNIX security model (most Free OSes are based around the UNIX design) is better than the Windows one (though that has apparently improved very slightly in recent years). Secondly, Free Software, by its nature, has code that can be read and modified by anyone who wishes to do so — this means that security problems get fixed more quickly than relying on a single company, before they get exploited by malware writers. And thirdly, Windows is a single, monolithic system, and the same for everyone. It’s a monoculture, which are always easy to attack.
By contrast, the whole point of Free Software is freedom — Toby, above, and I both use the system commonly called “Linux” (more properly GNU/Linux), but we can mix-and-match different elements to suit our own needs. In Windows you have a single desktop environment, file manager, and so on built in. By contrast Toby uses Ubuntu, possibly with GNOME as desktop environment and Nautilus as file manager, while I use Debian with XFCE4 and Thunar. Anything that targetted a security fault in GNOME would affect Toby (assuming that’s what he uses) but not me, while anything targetting a fault in XFCE4 would affect me but not him. Someone running KDE on Linux Mint would be affected by neither. So viruses simply wouldn’t spread, because there’s not a single target for them to attack.
As to your question about GCHQ — I’ve no idea if proprietary companies like AVG (whose software is “free” as in cost, but not Free Software as in freedom) work for them or not, but we can be *absolutely* sure that a Free Software OS like Debian GNU/Linux contains no back doors, because anyone who wants to can get hold of the source code and inspect it, and compile their own modified version from source if they so choose.
And Free Software is Liberalism in action — people working co-operatively, adding to the commons, creating something of value for everyone, but doing it in total freedom, without compulsion from anyone, and giving people real choices.
The idea of aiding a monopolist with government subsidies, when an option that is not only technically superior but is also based on firmly Liberal principles exists, is truly heartbreaking to me.
@Geoff Croker: the business model behind AVG and Avast (both Czech-headquartered firms) is called “freemium”: give away a basic version of the software for home users for free, in the hope that people decide to buy the more advanced version.
As for Linux/Ubuntu, I love Linux and use it wherever I can, but the idea that Linux is inherently more secure is plain wrong. It is less of a target, because its smaller market share and the relative competence of its users.
John, even if one individual manages to get some malware installed on their system (and there are *many* good reasons why this won’t happen — just for a start, GNU/Linux users don’t have to download random pieces of software from untrusted websites, because each distribution packages its own version of any piece of software they’re likely to need), their system is going to be different enough from everyone else’s systems — because of the nature of Free Software, and people *actually having the choice as to which components they use* — that they can’t spread the malware.
Of *course* Macs have the same faults as Windows — they’re a closed, proprietary system which the user can’t modify and which are identical to each other. They’re worse in some ways because of the closed Apple ecosystem their users are encouraged to use. GNU/Linux is fundamentally different.
John – the fundamental difference between Linux and Mac/Windows is that Linux is open source. Open source is an intrinsically more secure model for software development and deployment – if the Trojan horse had been made of glass then it would never have worked. As for the question of usability – have you tried installing Ubuntu 12.04? I would be very surprised if the experience was not straightforward and the quality is excellent. I should say that I have no professional or financial interest in Linux, I am simply reflecting my overwhelmingly positive experience.
Thanks Andrew, you clearly know your way round the techie world.But you have to accept that most users do not have your capability. Like car drivers, they simply want something which goes, effectively and safely. Noone has yet commented on what seems to me to be the increasing processing speed cost of AV software? Maybe a better policy than free AV would be some support for the rest of us to be able to implement the solutions the techies of you say are available? But IBM??? There’s an opportunity for us to offer something people would welcome.
Andrew, I don’t disagree with your comments about the virtues of Linux as such. But ordinary users are not going to be inclined to pick and choose fundamental components of the O/S. They’ll install something easy like Ubuntu and take whatever comes with it. Just look how much inertia there is to moving away from Internet Explorer – a component that is easily replaced on Windows.
My main point about Linux (or any OS) is that it doesn’t matter how secure it is or how well designed. It’ll never stop people clicking on the ‘dancing bunnies’ if that’s what they want. Any system that could do that would be too inflexible to be useful.
“The odds of getting a virus on a modern fully up to date operating system are tiny”
However to update your system you have to connect to the internet. So there is always a window where an unprotected system with know security flaws is connected and ready to be exploited.
The mean time to infection was less than 30s according to some research I saw on the register once. If you’ve got a router with a firewall then you’re probably ok, but otherwise you’re infected before the update has even finished running.
Also this seems more than relevant:
http://www.forbes.com/sites/adriankingsleyhughes/2012/10/17/hospital-medical-devices-rampant-with-computer-viruses/
Geoff, *anyone* can install and run Free Software OSes. — and unlike Windows, they *do* “just go, effectively and safely”.
In fact, to continue the car analogy, this article reads to me — or to most people who’ve actually tried using a Free OS — like someone saying “We need to give everyone free giant pillows for their cars, because everyone keeps crashing them all the time” would if 90% of people were driving cars that only had an accelerator, and no brake or steering wheel. But every time we suggest the steering wheel solution, a bunch of people jump in saying “that’s OK for you techies! But how do you expect the ordinary person to ‘steer’ away from a ‘wall’? All this jargon is so confusing!”
But installation of a Free OS is actually ludicrously simple. Go to http://www.debian.org/CD/ or http://www.ubuntu.com/download or http://fedoraproject.org/get-fedora or http://www.linuxmint.com/download.php or any of a dozen other distro sites. Either download and burn a CD image, or, if that’s too difficult for you, order one to be sent to you for a tiny fee. Then stick the CD in your computer, reboot and follow the instructions, accepting all the defaults it offers. That’s all.
For 99% of normal uses, any user would then be able to use it much like they do Windows. For the other 1% of uses they might actually have to spend a little time learning how to do something — just like everyone who’s ever used a computer has had to do the first time they encountered one.
John, as for your “something easy like Ubuntu” comment — *all* distros (with the exception of a couple of niche things like Slackware) are equally easy to install now. And they all have different defaults. Looking at the top five distros in distrowatch (and incidentally, Ubuntu is currently only third most popular, after Mint and Mageia), there are two different packaging systems (RPM and .deb) and four different desktop environments (KDE, GNOME, Unity and XFCE) in their default installs.
Even if everyone chose one of the top five currently-popular (and user-friendly) distros, and just accepted the default install without choosing anything for themselves, that would still give five different, incompatible systems a piece of malware would have to hit, as opposed to one monolithic one.
“Open source is an intrinsically more secure model for software development and deployment – if the Trojan horse had been made of glass then it would never have worked.”
Isn’t it more like the walls of Troy being made of glass?
Also, as to the ‘inertia against moving away from Internet Explorer’ comments, see http://en.wikipedia.org/w/index.php?title=File:Usage_share_of_web_browsers_(Source_StatCounter).svg&page=1 and http://en.wikipedia.org/wiki/Usage_share_of_web_browsers . When people are made aware of better alternatives, they take them. IE is only even as high as it is because a lot of companies mandate it (and often mandate horribly out-of-date versions) because their web apps won’t work on anything else.
Paul, I would agree that software developed in the open perhaps has a lower risk of being deliberately subverted – although it is not entirely immune. But there are far far bigger factors affecting the quality and security of software generally.
Andrew, you forgot one step after installation. You then quite often need to trawl through websites trying to get all your hardware to work! A colleague of mine tells me hes’s finally got a version of the Linux kernel that allows the lid switch on his laptop to properly bring the O/S out of sleep mode. The jury is still on our whether his fingerprint scanner will ever work. Oops I shouldn’t go there, this thread is not about that. 🙂
Let me add my own car analogy to the mix. Windows really does have a steering wheel, brakes and an accelerator pedal. It also has lots of nice options like climate control and satellite navigation. Linux has Sat Nav, too, but it is almost exclusively driven by people who know not to drive down dodgy country lanes or into rivers. All the people who just can’t wait to drive down obscure mud tracks to meet the long lost nephew of a prince of Nigeria all own Windows, and increasingly, Macs.
I’ve used free AV for years. They’re mostly fine.
A lot of the expensive AV systems are actually pushed by PC seller, most notably a certain ubiquitous system that takes up too much space.
John, people often say in these discussions that other people (never, notably, themselves, always a friend) have problems getting hardware to work with GNU/Linux. I have performed maybe twenty installations on personal computers for home use (hundreds more on business servers and so on), ranging from desktops put together from random second-hand bits through to bleeding-edge laptops, and precisely *once* I’ve seen a piece of hardware not work out-of-the-box — the wireless card on a laptop my wife used to own wouldn’t work with the then-current version of Debian in 2007 (but would work with Ubuntu).
Andrew, the argument about component diversity only applies if the malware is exploiting a bug. I conceded that is a virtue of the Linux way. But my main argument is that malware is primarily not about bugs at all but about users being tricked into deliberately overriding the security offered by the O/S. Malware can easily be constructed to run on any Linux platform with the user’s unwitting cooperation.
I know we can never prove our respective cases unless or until Linux desktops take off. But our arguments proved to be true about Macs! We’ll see about Linux…
Andrew, I only know because I goaded it out of him. He never admitted it otherwise. 🙂 In contrast to your experience I’ve never installed Linux on any desktop or laptop where everything worked out of the box. Admittedly I’ve not installed it on that many computers. Ubuntu came close with my old laptop but the wireless kept dropping out and the power button didn’t behave properly. (The lid did work, I might add!) On my desktop the main problems were the second monitor would flicker constantly and one of the fans would run constantly high (not sure if CPU or graphics). Now you’ll never be able to say never again. I don’t want to come across as anti-Linux, btw, – running Ubuntu in a VM is far superior to Cygwin. :p
No, component diversity matters whether the malware is exploiting a bug or not. Malware, like any other piece of software, has to be designed to run on a particular operating system with particular components. Alter those components and it won’t run.
Personally, I don’t think the problem is stupidity, because I don’t think most people are especially stupid. But even if it were, the ‘solution’ in the original post wouldn’t be the right one. Either there is no technological solution for the problem — in which case free anti-virus software would, by definition, not be a solution. or there is, in which case your arguments that it’s down to users doing stupid things is wrong. Either way, the government massively subsidising a private monopoly is not exactly an optimal solution.
“A terrible thoought, but what if Avast, AVG, Ubuntu and others are fronts for GCHQ or someone worse? How otherwise DO they fund their free AV software?”
Not that far fetched, many people used Zonealarm (a firewall product) a few back but it became much less popular when a backdoor was found and people realised it had been bought by the israeli government. At least, that was the story told at the time.
“As for Linux/Ubuntu, I love Linux and use it wherever I can, but the idea that Linux is inherently more secure is plain wrong. It is less of a target, because its smaller market share and the relative competence of its users.”
Smaller market share? Yes, in terms of the domestic market, but certainly not in terms of much of the backend of the internet. And I don’t think you could argue that web servers presented an unattractive target for hackers and the like. Security isn’t the only reason that Linux is so commonly used in servers, but it’s certainly one of them.
@Andy Hilton:
“And I don’t think you could argue that web servers presented an unattractive target for hackers and the like.”
No, they are not an unattractive target. And thus they are attacked a lot, regardless of the operating system they’re running. Generally without much success, as unlike home machines, they are generally well-secured and updated regularly. (Also, web servers don’t click links, open attachments etc.) When not updated, open source software like WordPress and Joomla – both of which generally run on Linux system – can be used to compromise websites. On mobile phones, Linux (commonly refered to as “Android” there) is by far the most vulnerable operating system.
“Free anti-viral software to every citizen. This should be adopted immediately as core Lib Dem policy, and be in the manifesto for the next election.”
Does the phrase “Yes and ho!” mean anything?
It must be about 10 years since I paid for anti-virus software
Thanks to all those who have added intelligent comments to my piece, especially those who are clearly software industry experts. Having read these, my revised suggestion for a Lib Dem policy would now be : We need government policy and action in the Internet and software industry –
1 Anti-viral software is significantly increasing processing times for all regular everyday administrative computer user routines. Some packages are free but many users feel nervous of these and so are incurring protection costs. I run a small business where the admin managers are constantly frustrated by the reduced speed in simple operations like opening applications, files etc. I suspect this is in fact having a quite serious effect on administrative efficiency and productivity throughout the economy. This is therefore not a trivial issue as some have suggested. It is an issue where government needs to act. Governments also have a duty of protection.
2 There may well be better operating software, applications software and anti viral software platforms and solutions than most of us use, as cited by the industry experts who have commented in the above thread. However, several of the contributors use vocabulary and refer to systems which are entirely incomprehensible to the majority of ordinary users. The advice being given may be technically correct, but IT experts massively underestimate the extent to which ordinary users fail to comprehend their terminology, and are either unable or lack the time to effect the various downloads and systems reconfigurations required.
3 A lesser policy proposal than a free government anti-viral service might be a government watchdog of the software and Internet sectors? The policy objective could be i) to roll out high speed Internet to a large percentage of UK users within a limited time scale ii) to offer an advice web site / line to support users in getting assured virus protection at sustained processing times, iii) to seek a more competitive supplier sector in the UK, less dominated by the Microsoft monopoly (since monopolies are always demonstrably inefficient). This help line/ web page could do what the average user cannot do, ie undertake and publish the results of extensive tests of various anti-viral software packages showing their effectiveness at protection (eg protects against x% of all known viruses) and their effect on processing speed for regular computing tasks. Users could then be assisted with simple instructions as to how to implement the offering they select. If the watchdog service found that the market was providing acceptable solutions to these policy objectives then fine, but if not, then commercial suppliers could be invited to tender to meet a set of requirements specifications. If necessary the watchdog could fund commercial development to fill any market shortfall in meeting these requirements specifications.
We’ve got watchdogs for energy (and huge current concern about over-complex energy tariffs), for education etc, so why not for the Internet and software sector which is so core to our work and living?
Any better? I still reckon it would go down very well on the doorstep 🙂
“However, several of the contributors use vocabulary and refer to systems which are entirely incomprehensible to the majority of ordinary users.”
Depends on the users.
For five years now i have used Gentoo Linux on a daily basis as part of a 3D animation company, never did we use AV software, never were viruses a problem.
Personally, I use opensuse.
Geoff, the whole point is that *anti-virus software, by its mere existence, shores up Microsoft’s monopoly*. All your suggestions do nothing but shore up that monopoly and perpetuate the problem.
And while the vocabulary used by some of us may not be comprehensible to you, the systems we’re talking about are usable by *everyone*. My nephew, when he was four years old, was perfectly capable of using a machine running Debian GNU/Linux to visit a couple of websites and play games without any previous experience — the interface was similar enough to the Windows computers he was familiar with that he could just do it. I don’t believe the average computer user has less skill than a four-year-old, and nor do I think the government should *treat* people like they’re four years old.
You are, you admit yourself, speaking from a position of technical ignorance. Yet you’re also refusing to listen to people who do know what they’re talking about.
If you want a *simple* solution to the problem, anti-competition law is the way to go. In the same way that Microsoft are now legally required in the EU to give people a choice of browser when they first boot up their new copy of Windows, rather than giving them IE as a default, require all computer manufacturers and vendors to give people a choice of operating system when buying new computers. Get rid of anticompetitive bundling deals, where software vendors pay to have trial versions of their software installed by the manufacturers, and only charge people for their OS if they decide to go for Windows, not if they go for a free one.
Give people a genuine choice rather than a monopoly — a genuinely free market — and the problem will go away without further government intervention.
Andrew I think that your later 1246am post is the right direction. Your previous 1222 am post comparin g the vast majority of intelligent computer users (who happen not to understand the terminology of several of your previous posts), unfavourably to your four year old nephew, and claiming that we are ‘refusing to listen to people who do know what they’re talking about’ is too typical of the aloof attitude of the IT expert fraternity. You’re right – we need effective anti-monopoly policy in action. This was the direction of my last post in proposing a government watchdog tasked to ensure that effective competition delivers. For the vast majority of users, we are not there now.
Andrew makes an interesting suggestion. Rather than being forced to pay the “Bill tax” – ie the OEM royalty to Microsoft for a copy of windows on a new computer – it should be made clear and explicit on the sealed envelope that contains the licence key how to return it to Microsoft (thus never launching windows) to receive a refund on the price of an OS that you neither need nor want.
Windows 7 Home Premium has an OEM price of $110 per copy so that’s a substantial chunk of the cost of a typical home laptop. I’m sure that’s something the EU could manage to do. Possibly.
I think the interesting thing about Geoff’s piece is his presumption that state monopoly is preferable to private competition and the general but not universal feeling among the respondents that the opposite is true even if they are contemptuous of large corporations. This is a fault line that runs through the party.I would like to know if those who have spoken strongly in favour of open software believe that their objections also apply to things like the railways or the NHS.
If not, is the difference one of principle or pragmatic?
Andrew, I didn’t say users are stupid. Most people just don’t understand what they’re doing and are never taught otherwise. If they did there’d be no need for AV at all. I’ve never used it and have never had a problem. Ironically, it may be the widespread misinformation about Windows security which convinces them to blame the O/S rather than reflect on and learn from their own mistakes! What AV does is to add additional hurdles to doing the wrong thing. It automatically deletes known trojans and flashes up scary warnings about risky actions. That’s a lot more effective than the benign ‘please enter your password to run…’ boxes which O/S ‘s throw up. Yes, AV misses things and a determined user can override it so it is not 100% effective but it is a lot better than the password box.
“Free anti-viral software to every citizen.” Nice sound-bite, just not thought through …
Yes, the fundamental challenge as pointed out by others is that the average member of the public doesn’t really grasp: the full gambit of security features needed on a modern Internet connected ‘computer’ to keep it both running properly and to prevent unauthorised access and use, and the ways to use the system so as to gain maximum benefit from the security features. And the “why should they?” is a totally valid retort.
Whilst I can usefully compare and contrast the modern car industry and it’s products with the modern IT industry and it’s products, I personally believe that the correct response to the main thrust of Geoff’s article is to follow the mass market car industry and introduce standards against which products can be tested against, along with funding for the independent testing houses needed to conduct such tests. Hence enabling a normal person to go into a high street store and select a ‘computer’ with a degree of confidence that provided it carries particular badges/awards, powered on in it’s out-of-the-box configuration it will satisfy certain ‘objective’ security standards. NB I deliberately use ‘computer’ in quotes as today and moving forward computers are disappearing from view, my Internet-ready/enabled TV contains a computer, as does my all-in-one printer/scanner/copier and so do and will many other devices.
With respect to WiFi routers this has largely been achieved – through the WiFi-Alliance certification scheme, with the majority of consumer devices now implementing WPA2-PSK security out-of-the-box rather than the totally broken WEP security many such devices supported 4+ years back (it is a shame that many public hotspots still continue to offer open and hence totally insecure WiFi access, when secure solutions do exist and can easily be implemented. Yes this doesn’t prevent users from using simple pass codes, (in the same way that many houses still use simple latch front door locks rather than more secure mortice locks), but it is still a whole lot better than no security.
Setting standards is a lot easier, quicker and cheaper than having the government effectively nationalising computer security, it also provides the space for enterprise.
Roland I accept what you say, and my revised policy proposal posted in this thread last night moves in the same direction. But you don’t address the issue of the significant slowing of processing times and their effect on overall productivity in the ecoonomy?
It does seem to me that if, as the experts contributing to this thread claim, there is a simple solution immediately available, then our IT experts are massively at fault in their failure to communicate this and implement it throughout the user community, leaving most of us trudging on with Windows, Internet Explorer, WORD, Excel, Powerpoint, Norton et al. 🙁
Geoff
You’ll find that within the “IT User Community” (whatever that might be) it is well understood that Microsoft and Apple are operating what is in effect a cartel in the consumer PC market. Microsoft have a very rigid licencing model with the OEMs and Apple has that hermetically sealed hardware/software model that is absolutely antithetical to everything that open source stands for.
The solution to the logjam is legislation. Microsoft enjoy a monopoly position in the PC desktop market by virtue of being there on first startup of the computer. If your PC cost you £70 less and on first startup you saw an option to “use the installed desktop Linux for free or use your credit card to unlock the copy of Windows on this computer for £80” then what would happen? Given the growth in popularity of the (Linux based) android platform for tablet and phone OS, I think that people are clearly becoming much more comfortable with the whole idea of Linux as a primary OS.
There’s one other upside to a linux OS – it’s lightweight compared with Windows. The laptop on which I am working right now is 6 years old. It’s running 32-bit Ubuntu linux 12.04 with all the free additional software I can imagine ever needing, the desktop looks fresh and contemporary and the performance is excellent. If I had tried to run Windows 7 on this machine it would tell me that I need to chuck this piece of junk away and buy a new laptop that is able to cope with the demands of a “modern” OS. But I’m out of that cosy loop between the hardware and OS vendors that makes planned obsolescence an inevitability.
Oddly enough I sometimes boot this laptop into Windows just to update the security patches. It takes for ever to start up, the disk thrashes while it is downloading the security patches and my language while I’m waiting for it to finish would make a sailor blush. It is always a relief to return to Ubuntu. Try it yourself. It’s easy. But don’t tell Bill (Gates, not Le Breton).
Geoff
>But you don’t address the issue of the significant slowing of processing times and their effect on overall productivity in the ecoonomy?
The performance hit of the various security packages is variable and is highly depending on many factors, however contained in your problem statement you mention small business’es and give an example from your experience. In my experience I would suggest that many micro and small businesses and particularly those run by non-IT people, use consumer grade solutions for two important reasons: firstly because they and/or friends are familiar with these products and where to obtain them, secondly they tend to be ‘cheaper’ and ‘less involved’ than business-grade solutions, (hence I would question whether your admin managers are using an appropriate security suite and whether it is correctly configured). Aside: I find it telling that in-store business support services have reappeared after their exit from the high street in the late 1980’s.
What this means is that there are two key user groups that probably need to be targeted: consumers and micro/small businesses – for practically the same reasons.
As for the possible overall productivity impact of security software on the economy, I’m less convinced about, particularly as I know from first hand experience just how big an impact the aftermath of a zero day attack can be before taking into consideration client commitments … and secondly malware is becoming less about trashing your computer but extracting bank account details and ‘legitimate’ revenue from it’s victims.
Geoff, I didn’t “compare the vast majority of intelligent computer users (who happen not to understand the terminology of several of your previous posts), unfavourably to your four year old nephew”. YOU claimed — based on no knowledge whatsoever of the subject — that no normal user could possibly use GNU/Linux because it’s too difficult. Though how you would know that it’s completely beyond your capabilities without ever trying, you fail to say. I pointed out that I have *actually* seen a four-year-old use the system without any problems. That isn’t me saying that the normal user can’t do that — it’s saying that they can. If anyone is insulting the average user it’s you.
In fact, what I specifically said was “I don’t believe the average computer user has less skill than a four-year-old, and nor do I think the government should *treat* people like they’re four years old.” — I fail to see how that can possibly, in any way, be taken to mean I *do* believe the average computer user has less skill than a four-year-old.
“t if, as the experts contributing to this thread claim, there is a simple solution immediately available, then our IT experts are massively at fault in their failure to communicate this ”
Wait a second.., when people tell you of a better alternative, your response is to insult them (claiming I am “aloof”), to dismiss what they say based on no evidence (“you have to accept that most users do not have your capability” — without you knowing anything about what it takes to run GNU/Linux) , to twist their words to mean the exact opposite of what they say, and to carry on suggesting that the government support the Microsoft monopoly by providing antivirus support, and then *you blame ‘IT experts’ for “failure to communicate”*?!!!
So, to look at your ‘policy’:
“1 Anti-viral software is significantly increasing processing times for all regular everyday administrative computer user routines.”
No it isn’t. It’s increasing processing time on *your* computer, because you use a system that requires anti-virus software. It isn’t increasing processing time for anything many, many people I know do.
” I run a small business where the admin managers are constantly frustrated by the reduced speed in simple operations like opening applications, files etc. I suspect this is in fact having a quite serious effect on administrative efficiency and productivity throughout the economy. This is therefore not a trivial issue as some have suggested. It is an issue where government needs to act. Governments also have a duty of protection.”
Governments don’t have a duty to protect businesses from the effects of their decisions. You have made the decision to run Windows on the computers your business uses.
“There may well be better operating software, applications software and anti viral software platforms and solutions than most of us use, as cited by the industry experts who have commented in the above thread. However, several of the contributors use vocabulary and refer to systems which are entirely incomprehensible to the majority of ordinary users.”
If, rather than just dismissing everything we say because, shock horror, we use words you’ve not heard of, you said “what does X mean?”, you’d get an explanation. Again, you are choosing ignorance, and then pretending this ignorance is an inescapable fact of life rather than your personal choice.
As for the systems referred to, since you have no knowledge at all of them, you don’t know that they’re incomprehensible. You’re just making stuff up. And then accusing people who use actual facts of being ‘aloof’ and saying we have a communication problem.
“The advice being given may be technically correct, but IT experts massively underestimate the extent to which ordinary users fail to comprehend their terminology, and are either unable or lack the time to effect the various downloads and systems reconfigurations required.”
If you don’t bother to ask for clarification when given the opportunity, that’s your own fault. And you’re the one claiming that using AV software is taking a huge amount of extra time — yet you refuse to consider any other alternatives.
“ii) to offer an advice web site / line to support users in getting assured virus protection at sustained processing times,”
In other words to provide government support for the Microsoft monopoly, paid for by the taxpayer.
” iii) to seek a more competitive supplier sector in the UK, less dominated by the Microsoft monopoly (since monopolies are always demonstrably inefficient). This help line/ web page could do what the average user cannot do, ie undertake and publish the results of extensive tests of various anti-viral software packages showing their effectiveness at protection (eg protects against x% of all known viruses) and their effect on processing speed for regular computing tasks. Users could then be assisted with simple instructions as to how to implement the offering they select. If the watchdog service found that the market was providing acceptable solutions to these policy objectives then fine, but if not, then commercial suppliers could be invited to tender to meet a set of requirements specifications. If necessary the watchdog could fund commercial development to fill any market shortfall in meeting these requirements specifications”.
You start by talking about being ‘less dominated by the Microsoft monopoly’, yet you immediately then start talking about the government providing a service to people using Microsoft’s software, to help them overcome problems with that Microsoft software without switching from it, thus having the government pay for a service (making Microsoft’s operating systems usable) that should be performed by Microsoft themselves. This is the exact *opposite* of encouraging competitiveness — it’s further entrenching a monopoly .
Tony — interesting question. In my case, what I’m objecting to is not actually a state monopoly, but state subsidy of a private monopoly.
That said, it’s fairly obvious that openness and competition both can — in a truly free market, unlike the one in computer software right now — drive prices down and quality up. However, there is also the benefit of purchasing in bulk for an entire nation driving costs down, and of being able to ensure that everyone has a supply, whether they can afford it or not. In the case of healthcare, those benefits at least balance those of openness and competition, so my view is that the government should provide healthcare — though in what form is a question I’m not qualified to answer. I don’t know enough about the railway system to make a sensible statement about that.
In the case of software, I believe that the principles of software freedom are morally good, and also Liberal, but have no wish to stop people using proprietary software instead if they prefer. I also believe that Free Software is, generally, technically better than proprietary software, so I’m in favour of it from a pragmatic point of view as well. But I don’t think the government should interfere in people’s choices as to what type of software to use, except possibly to remove anticompetitive barriers like Microsoft’s huge install base which makes it essentially impossible to buy a non-Apple machine that doesn’t come with Windows pre-installed.
Andrew, you represent the supplier (you work for IBM?). I represent the user. The situation out there on the ground is the radical opposite of what you suggest should be the case. Windows, Internet Explorer, Outlook Express, WORD, Excel, Powerpoint, Norton dominate the user scene. Microsoft play their games on this compliant user set who suddenly find for example that their Sage accounting and payroll system doesn’t work on Windows 7 . Most of the users are far too busy running demanding businesses to do other than the minimum with all this.Rather than supporting this monopoly as you claim, I am totally against it. I don’t necessarily want government to become a supplier in the secto, but I do propose a government watchdog and user help line to help people do what you say they so easily can.
Instead of being so aggressive with me, the representative user, why don’t you get out there and sort it? You are welcome to fix it at my business for a reasonable fee.
Geoff, why don’t you try responding to Andrew’s excellent points which he makes as a user of non-Windows software, rather than dismissing them from your own position of admitted ignorance?
If a government sponsored anti-virus system stopped as much cyber-crime as the real police do with private property the internet would be dead in minutes.
@Geoff
re: Sage suddenly not working with Windows 7
Yes, small businesses are particularly at the mercy of their suppliers, particularly those that have become the defacto standard – This problem (namely key business applications not working with the latest version of Windows) arises quite often because being a small business you buy computers in the retail market and so get very little choice over the platform OS, so your need to upgrade from typically a very stable Windows XP platform – that has been running for several years, typically arises because a computer needs to be replaced or a new member of staff needs a computer, obviously such a computer will have the latest operating system pre-installed; currently this is Windows 7 and in a few weeks it will be Windows 8… Once you get over the different look and feel you then hit the problems of all the changes, applications and printer drivers not working etc. etc. and with applications like Sage, just getting the latest version is just the beginning of a non-trivial migration of your accounting data – and lets not go to the differences between documents produced in Office 2007/2010 to the previous versions installed on all your other computers …
At least with Sage the updates do come out relatively soon after new releases of Windows, I have worked with Microsoft-platform based Enterprise products where because of their complexity and revenues obtainable from the installed base the update has been released several years later…
Unfortunately, from experiences in the Enterprise space, I do not see computers with Linux or any other operating system solving this particular supply problem.
>”You are welcome to fix it at my business for a reasonable fee.”
Thank you for the invitation, however I suspect you may not regard my fee as reasonable.
Andrew’s entire argument is predicated on the assumption that Windows is the problem. It doesn’t account for a few facts:
* Windows can be run safely without A/V.
* Malware is now a serious problem on Mac OS.
* Mac OS has the same security model as Linux.
* All the same starry-eyed arguments we’ve heard in this thread about Linux were also made about the Mac and they have been proved wrong.
There’s a pretty good case for cracking the MS O/S monopoly anyway, but as a solution to malware it’s snake oil. There’s no silver bullet to this problem.
Adding to John’s list:
Malware has already moved in to the browser and man-in-the-browser exploits are becoming more common, with the announcement of a cross-platform proof of concept main-in-the-browser exploit (see http://www.theregister.co.uk/2012/10/23/browser_botnet/ for details).
I predict it won’t be long before we see the first HTML5 exploit, which due to the nature of HMTL5 will also be cross-platform and cross-browser…
Of course the other side of this “discussion” is that policing is so bad in this country and the Crime Commissioners are not going to do much about that, so we should be privatising policing (and courts), clearly using the model of current competitive anti-virus software as a model. Now *that’s* liberal 🙂
Dave Page, I am not dismissing Andrew’s excellent points. He and I clearly agree about the unacceptability of Microsoft’s near monopoly in the sector. I think Andrew has misunderstood my proposal for government regulation and advice line, as I intended this to resist MS and help users shift to alternative platforms which is what Andrew is suggesting. I’m only pointing out that a very large number of users are not aware of the apparent ease of this option. I am also quite seriously offering my small 3 site business installation as an example to demonstrate this ease. The only difference for me is that I don’t want to do it myself. Too busy with other responsibilities. I’m not in total ignorance either (used to write apps in APL at IBM UK Scientific Centre in my youth), but I don’t want to be involved with the technical details of contemporary systems. I just don’t want to get under the bonnet. I am and want to stay a user. So to test the claim of ease of shifting platforms and apps, I’d need to know a contractor in Bristol who’d do this for me? I’d be happy to report back. But how do we overcome the point Roland has responded to, ie that MS dominates the apps? Every attached file I receive from all colleagues worldwide is an MS file. All our business apps are MS based. I’d like to think that this can all be changed for 30 mins work per site but I rather think it’s more complex? At this point I’d be quite sincerely delighted to be proved wrong.