Saturday, March 6, 2010

Overzealous anti-spyware programs and incompetent users

I was helping out a user in my office today who called me into his office because "the internet was slow today". This isn't a particularly useful or helpful IT query, so it requires a bit more questioning to really get to the root of the problem. The "internet" is a big and broad area, not just web pages - but the average user sees "the internet" as "web pages" and they see email as totally outside of that. And they are totally oblivious to anything other than that*.

IT professionals can never expect average users to know everything that an IT person knows, just in the same way it is unreasonable for an accountant to expect me to know all about accounting. But I should know how to balance my checkbook and pay my bills - that is basic functioning of financial life.
In the same vein, people who are using computers to conduct their daily home/business activities should probably know enough about how it works to stay out of trouble. I have seen hundreds of users who most certainly are nowhere near knowing anything about their machine other than "I press this button to turn it on, and banging on these buttons gets me to Yahoo!"**

It is key to know how the system works so that you can avoid people who are taking advantage of the system to scam you. Likewise, it is also key to know what things are harmless so ... again, you will know when you are being scammed.
When I was in this user's office today, even though I had shown him that "the internet" wasn't slow today and instead it was just the PalmOne page he was visiting at the time which was slow. He then decided it was probably spyware that was making it slow and made me run an anti-spyware program on his machine to clean it out.
Sure enough, after the program updated with the newest definitions, it ran and found "thousands of spyware files". Well, technically it scanned thousands of files and found 52 "spyware files" - the user just couldn't grasp the difference between scanned files and actual files which had problems. But I can't really blame him since even the files which it was marking as "spyware" were actually just cookies, largely for ad services.

I am all for blocking spam, and I don't think there is anyone out there that doesn't hate spyware. But it irks me when these anti-spyware companies will register everything that they can as something to freak out about for the end-user. Depending on which software program you are using, it is frequently the worst reason of all - they are trying to scare the user into upgrading to the paid version of the product to remove all of these scary files that it found (trust me, cookies aren't that scary).
The user I was working with wanted me to get rid of the cookies since he was positive they were evil and also "slowing down the internet" so I showed him how to get rid of the cookies and then moved on my way.

It got me to thinking about how that sort of thing bugs me though. The reason the cookies are marked (in this case, they were marked as "low", but that was apparently beyond this user) is because they fall more under the "adware" category and technically companies can glean more information from you if you store a cookie.
This isn't always a bad thing - for example here at Spamblogging we use a service offered by StatCounter (I highly recommend them - although they were briefly down near the time I was writing this). This allows me to watch some stats on the people who come to the site so I can see what pages are popular and what search terms bring people to the site (for those of you that care, it appears that the bulk of our search visitors are interested in "ChatSlapper" and the bulk of the people coming here from linked sites are coming in regards to the CSS fun I have posted about in the past).
If you look on the forums over at StatCounter, you can see that they are concerned that they are being marked as spyware/adware.
If the software companies genuinely feel that these cookies are a bad thing (remember you can just turn off cookies in your browser, and block them for individual pages depending on your settings), then that is perhaps something I can go with if they gave a good explanation.
But more and more I am seeing things in the anti-spam/spyware/virus/etc programs which are simply using FUD to sell more product and that really makes me sick. That is, in my opinion, just as bad as the people they are supposedly trying to block. (in this case, the FUD reference being the scare tactic of making people think that their machine is full of spyware and they will be safe if they give you money for your product in order to save them)


*As a side story, this same user once asked me to set him up to download music to listen to on his machine, he had heard about that on the news - I explained to him that our net connection couldn't really handle that and "real work" at the same time - and he said "Oh! The music would come from the internet?" I honestly have no idea how he thought it was going to work - perhaps in his mind all computers are filled with all current and future music when they are built.

**As another side story, I have had multiple users over the years ask me to "get rid of this box under my desk" and when I tell them that I can't, they demand to know why. I try to explain to them that it is their computer and that they can't get much done without it. They then point to their monitors and say "then what is this?"
The first few times it happened, I just sort of laughed. But it has happened so many times now that I currently have lost all hope for the human race. I hear kids these days are good with computers - hopefully that is the case.

No comments:

Post a Comment