One of the stranger perils of being a technical writer involves being ambushed at odd moments by people demanding on-the-spot explanations of complex technical concepts. I was out on the town one night and somehow found myself having to explain to a not-too-tech-savvy friend how to differentiate between a virus, a trojan and a worm.
After patiently listening to a lengthy, rambling answer, my friend thought it over for a minute and then asked, “So, why should I care? Why is this important to me? Do I really need to know the difference between different types of malwares?”
My automatic reaction was to say, “Of course you need to!” – but to my surprise, I couldn’t coherently express why I felt that way (though to be fair, I was having trouble thinking clearly about anything that night).
Thinking it over in the sober light of day, I realized that he’d actually asked a pretty good question. For most computer users, the difference between malware types is academic and irrelevant – at least, right up until their computer gets infected. If everything’s working just fine, why in the world should they be able to distinguish between an exploit and a backdoor?
To get a expert’s opinion on this, I relayed my friend’s question to an Analyst in our Response Lab. His reply was (and I’m paraphrasing here):
“Yes, so that if anything happens, you’d know how the computer got infected, how to deal with the infection, and how to prevent it from spreading.”
Now, that’s the condensed version of a technical person’s answer. The real answer was actually a long, in-depth and detailed explanation covering how certain malware types had specific behaviors and particular vectors for distribution, as well as recommendations for dealing with particular types of infection.
And that there was the problem in a nutshell – it’s a lot of information to absorb. It was a thorough answer, but not an easy one to communicate to people with little interest in technicalities. Some parts of the explanation also assumed more computer knowledge than most users would probably have or want.
Having said that, I thought the condensed version of our Analyst’s answer seemed like a helpful, ‘user-friendly’ answer. It summarizes all the main points effectively, puts it in a context most users would understand and – this is important – it isn’t long-winded. I’ll come back to this again a little later.
Trying to find a simple, all-encompassing answer to my friend’s question made me wonder if he really had a point and that users didn’t really need to know something as technical as malware types. So I decided to turn the question around and ask:
“Are there any cases in which ‘the average user’ doesn’t need to know the difference between malware types?”
The following four scenarios were the only ones I could think of where knowing malware types wouldn’t be helpful (if you can think of others, feel free to leave a comment). Of course, I included some reasons why I think knowing malware types would be helpful even in these situations.
If you can honestly claim this, you’re probably what I’d call an Exemplary User: someone who diligently updates the operating system and programs, never installs programs or uses removable media without thoroughly vetting it first, doesn’t download from untrusted sources and basically, just does computer security right.
An Exemplary User can laugh with scorn at looming malware outbreaks. If this describes you, great! You can stop reading now. (Heck, you probably know the malware types already, anyway).
Since the vast majority of users will never qualify for Exemplary Userhood however (myself included), the second best scenario is:
No, I’m not starting a PC versus Mac debate. What I mean is that even if malware does get onto your computer, it needs to find a suitable environment before it can have an effect. A Linux virus that somehow manages to get onto a Windows machine usually can’t do anything except blush sheepishly. Ditto for a backdoor that uses HTTP to connect to a remote site but ends up on a standalone computer without Internet acess.
If your computer happens to be set up so that the majority of malware doesn’t target it or affect it (now you can start the PC/Mac debate), then our query becomes moot. Again, congratulations!
Of course, most people have very little choice in the kind of operating system or programs they have on their computer, particularly business users. Even home users usually have to consider familiarity and affordability over specifically tailoring their computer to be malware resistant. To fix that, most users use antivirus protection. Which leads to reason 3:
Actually, since I work for a computer security company, I’d reeeaaally like it if more people could claim this. And hey – shameless plug – our Internet Security is doing pretty well in independent tests!
Unfortunately, this solution isn’t 100% bulletproof, especially if you’re not an Exemplary User or are just plain unlucky. Sometimes, the antivirus doesn’t catch the malware. Or it makes an error and the wrong file get fingered, causing all sorts of mayhem. Worse still, the antivirus turns out to be rogueware.
In other words, the program you’re depending on to sort out all the problems….doesn’t. What then? Ah, then we move on to reason 4:
OK, so the person fixing an infected computer should be the one with the technical knowledge, true. That person may not be the user, true. If you have someone dependable, willing and trustworthy, who can fix anything that goes wrong…can I have their number? Such a person is a godsend. Treasure him/her.
Still, even if you’re that lucky, it’s often a great help to the actual technician if the user can pinpoint the probable cause. Knowing what type of dastardly program is screwing around with the computer gives the technician a good place to start investigating, and maybe also some idea of how to fix it.
Or, to use an analogy, it’s the difference between driving to a workshop and telling the mechanic, “My car’s making a funny sound”, and saying, “The fan belt’s busted.”‘
If you’re not in one of the 4 ‘Ideal Situations’ listed above, then it would probably be helpful for you to know the different kinds of malicious programs that can damage your computer, because…well, refer to condensed Analyst’s answer above.
Realistically though, learning about malware types, even superficially, requires investing time and energy that not every user can spare – which is why technical writers (ahem) have to find ways of communicating these concepts in ways that are interesting and easily accessible for everyone. Which brings us back to the condensed Analyst’s answer. It’s short, to the point and gives just enough information without being overwhelming. And if more information is asked for, well that’s the time to start going in-depth.
Personally, I like it – but since my part of my work deals with malware types anyway, I freely admit to being biased about this. So really, the best people to evaluate how useful that answer is – You, dear reader. So how about it? Do you think the condensed Analyst’s answer is a helpful, informative reply?
Oh and since we’re on the topic, here are the Types F-Secure uses to classify the samples – the good, the bad and the merely suspicious. You can also find plenty of other sites with excellent information on this topic – for example, HowStuffWorks.com has great articles explaining how trojans, viruses and worms work.
At Re:publica 2015, our Chief Research Officer Mikko Hypponen told the main stage crowd that the world's top scientists are now focused on the delivery of ads. "I think this is sad," he said. [youtube https://www.youtube.com/watch?v=pbF0sVdOjRw?rel=0&start=762&end=&autoplay=0] To give the audience a sense of how much Twitter knows about its users, he showed them the remarkable targeting the microblogging service offers its advertisers. If you use the site, you may be served promoted tweets based on the following: 1. What breakfast cereal you eat. 2. The alcohol you drink. 3. Your income. 4. If you suffer from allergies. 5. If you're expecting a child. And that's just the beginning. You can be targeted based not only on your recent device purchases but things you may be in the market for like, say, a new house or a new car. You can see all the targeting offered by logging into your Twitter, going to the top right corner of the interface, clicking on your icon and selecting "Twitter Ads". Can Twitter learn all this just based on your tweets and which accounts follow? No, Mikko said. "They buy this information from real world shops, from credit card companies, and from frequent buyer clubs." Twitter then connects this information to you based on... your phone number. And you've agreed to have this happen to you because you read and memorized the nearly 7,000 words in its Terms and Conditions. Because everyone reads the terms and conditions. Full disclosure: We do occasionally promote tweets on Twitter to promote or digital freedom message and tools like Freedome that block ad trackers. It's an effective tool and we find the irony rich. Part of our mission is to make it clear that there's no such thing as "free" on the internet. If you aren't paying a price, you are the product. Aral Balkan compares social networks to a creepy uncle" that pays the bills by listening to as many of your conversations as they can then selling what they've heard to its actual customers. And with the world's top minds dedicated to monetizing your attention, we just think you should be as aware of advertisers as they are as of you. Most of the top URLs in the world are actually trackers that you never access directly. To get a sense of what advertisers learn every time you click check out our new Privacy Checker. Cheers, Jason
F-Secure Labs reported this week on a new WhatsApp scam that’s successfully spammed over 22,000 people. Spam seems to be as old as the Internet itself, and is both a proven nuisance AND a lucrative source of revenue for spammers. Most people don’t see what goes on behind the scenes, but spammers often employ very sophisticated schemes that can expose web surfers to more than just ads for Viagara or other “magic beans”. Spam typically tries to drive Internet traffic by tricking people into clicking certain websites, where scammers can bombard unsuspecting web surfers with various types of advertising. Profit motives are what keep spammers working hard to circumvent spam blocks, white lists, and other protective measures that people use to try and fight back – and it can pay off. Numerous spammers have been indicted and suspected of generating hundreds of thousands of dollars in revenue from their spam campaigns, with one study projecting that spammers could generate in excess of 3.5 million dollars annually. While most spam circulates via e-mail, the popularity of services like WhatsApp is giving spammers new resources to exploit people, and new ways to make money. Here’s a few ways spammers and cyber criminals are using WhatsApp to make money off users: Following Malicious Links: One way that cyber criminals use WhatsApp to scam people is to trick them into following malicious links. For example, a recent scam sent SMS messages to WhatsApp users telling them to follow a link to update the app. But the message was not from WhatsApp, and the link didn’t provide them with any kind of update. It signed them up for an additional service, and added a hefty surcharge to victims' phone bills. Sending Premium Rate Messages: Premium rate SMS sending malware was recently determined by F-Secure Labs to be the fastest growing mobile malware threat, and WhatsApp gives cyber criminals a new way to engage in this malicious behavior. Basically the users receive a message that asks them to send a response – “I’m writing to you from WhatsApp, let me know here if you are getting my messages”, “Get in touch with me about the second job interview”, and various sexual themed messages have all been documented. Responding to these messages automatically redirects your message through a premium rate service. Spanish police claim that one gang they arrested made over 5 million euros using this scheme – leaving everyday mobile phone users to foot the bill. Manipulating Web Traffic: A lot of spam tries to direct web traffic to make money off advertising. As you might imagine, this means they have to get massive numbers of people to look at the ads they’re using for their scams. Scammers use WhatsApp to do this by using the app to spread malware or social engineer large numbers of people to visit a website under false pretenses. F-Secure Labs found that people were being directed to a website for information on where they could get a free tablet. In March there was a global spam campaign claiming people could test the new WhatsApp calling feature. Both cases were textbook scams, and instead of getting new tablets or services, the victims simply wasted their time spreading misleading spam messages and/or exposing themselves to ads. WhatsApp and other services are great for people, but like any new software, requires a bit of understanding to know how to use. Hopefully these points give WhatsApp users a heads up on how they can avoid spam and other digital threats, so they can enjoy using WhatsApp to chat with their friends. [ Image by Julian S. | Flickr ]
Much -- but not all -- of the world celebrates Mothers' Day on the second Sunday of May. If you're celebrating and your procrastinating offspring (or their procrastinating dad) hasn't picked up a present yet, here's a simple -- and FREE -- thing to ask for that will give you peace of mind all year long: online boundaries. We recently released a series of suggestions for age-appropriate digital safety tips for parents that start with a simple truth about kids born in this new millennium: "They switch between devices, applications, and social media throughout the day without even noticing. For them, 'digital life' is just 'life'". If you were born before 1969, you're older than the internet yourself. But your kids are probably younger than the first iPod, which was released in 2001. Advertisers and governments are already tracking their digital footprints, and likely have been for years. And online criminals may be too. You can't prepare your kids for every situation they will face online. You probably can't even imagine every situation they'll eventually face online. But you can save them from numerous difficulties by establishing some basic boundaries. And the younger you begin, the better. Start by setting a reasonable limit for screen time hours that will not overwhelm schoolwork or real life. You can enforce these limits with the help of parental control software. We advise blocking access to social media sites for younger children. If you're going to do this, explain why. This lays the foundation for graduating into approved sites with your permission as they get older. Youthful brain chemistry often prohibits recognizing that time will continue on indefinitely and what you post on the internet will be there forever. Make this clear that what they post could be made public, even if it's in an email, and impossible to delete. And establish how important the privacy of passwords and other identifying data, possibly by using a simile like "Giving that information away is like giving a stranger a key to your life". Tell your child if she or he can agree to one fundamental guideline -- "Tell an adult if something makes you uncomfortable, scared, or confused" -- it will be almost as nice as some new perfume or shoes. Almost. Cheers, Sandra