I am in Montreal this week, working on a friend’s computer. After twelve incredible years of service, the laptop is being replaced. But before that happens I must transfer the data to his new computer… a task made infinitely more difficult by the utter and complete infestation of his computer with malware.
Aside from being a very good friend, Rick is also a fan of my blog, and will be among the first to read this article; that is not why I will not be bad-mouthing him per-se, but it does show that I often write articles about the people who read my blog, and occasionally I call them out by name. Rick and his wife have done nothing intentionally wrong to the Dell Inspiron E1405 that likely rolled off the line shortly after George W. Bush was elected to his second term; however the temptation of free this and that comes so often with the moral lesson that nothing is truly free in this life.
As I drove to Montreal yesterday I was joking with a colleague that I was going to have to go through this, and he asked me: If you know it is going to happen, and you can prevent it, why don’t you simply lock his computer down and protect him from himself? It is not the first time I have fielded this question – far from it.
If you have ever had a conversation with a religious leader and asked him how could they believe in G-d being all-powerful and yet there is so much evil in the world, the answer will usually be something like this: G-d created the world and everything in it, but then gave us free will, and it is mankind’s free will from whence the evil comes. It may be a frustrating answer, but it is fairly hard to refute.
The same is true with computers; in a corporate environment it is easy enough for a competent IT Administrator to lock down their environment and prevent end users from ‘horking’ their computers. However when a consumer buys their own computer there will be no such restrictions – they have the free will to do what they like. The creators of the operating environment – in the case of Windows the product team at Microsoft – have put in myriad safeguards to protect us, but in the end in order for our computers to be useable, they have to give us the free will to install programs we like… some of which yes will be harmful. We have all of the tools we need to be successful… but outside of the protected environment of the Garden (a freshly installed and patched operating system) they have to let us loose to survive and thrive… and succeed or fail.
Twenty-five years ago the majority of people were afraid of their computers (and of computers in general). They turned it on and after the operating system (MS-DOS) booted they were greeted by a black screen and a DOS prompt (C:\>_). They did not know where to look for the hidden tricks that were available to wreck their systems. With the introduction of the Windows Operating Environment (Windows 95 and later) it became so much easier to find these tools… while innocently trying to tweak their environment. If they wanted to write a letter they knew how to access their word processor, and if they needed to use a spreadsheet they knew how to do that too. However the Disk Management utility was hidden away… often on a floppy disk that would have to be put into the system and run by experts. Today they know to right-click on anything they see and click around… and of course with every computer connected to the Internet the malicious malware creators make it oh-so-tempting to install tools and games that pretend to be one thing but really infect their computers with crap.
A couple of years ago I wrote a piece that was meant to be my introduction to a lecture on BYOD computing. I am going to dig it up and tweak it for publishing here. It outlines how the job of the IT Professional has gotten infinitely harder and less powerful as the fear and awe with which people looked at their computers turned to familiarity and a false sense of knowledge and security.
With regard to people installing ‘crapware’ I think we, those of us who support our friends and family computers, have to accept some responsibility. Because so many of us were so dismissive about the threats out there in favour of a ‘don’t call me unless it’s broken’ attitude, our friends and families realized that they could install or click here when prompted to. So often when I sit in front of a friend’s system I ask them ‘why did you do this?’ The answer is usually something to the effect of ‘I didn’t want to bother you over nothing.’
Is there any way for us to prevent this? Sure… we can take their Administrator rights away, but then they would be calling us every time they wanted to install the smallest program (like I do at the office). However that would be a huge inconvenience to us – and to them. We can install anti-malware and remote-monitoring tools such as Windows Intune, but there is a cost to that… and unless they maintain their patch levels and malware definitions they fall out of scope so quickly.
And so every so often a friend or family member calls me and I help them out; I clean out their malware and perform whatever other maintenance is required. I do not do this preventatively because there are too many people and computers involved and it would take too much time. However I don’t mind getting the occasional call of ‘Hey Mitch, I screwed up my computer… let me buy you a bottle of scotch in exchange for a couple of hours of your time.’ If nothing else, it gives me a good excuse to get together with them and chat while I mindlessly do what needs to be done.
…and yes, I occasionally get a good bottle of scotch out of it! 🙂