There are two answers:
- Almost by definition, the bad guys will always be in the lead.
- It rarely affects the average consumer directly.
The bad guys aren’t necessarily winning, but they’ll always present a challenge for the good guys.
Become a Patron of Ask Leo! and go ad-free!
Bad guys are in the lead, always
I’ve referred to this as “the race” before: the race between the good guys and the bad guys. The bad guys are always in the lead. In fact, they can only be in the lead; the only question is by how large or small a margin.
First, we have to understand that there is no such thing as perfect software. None. Period.
Software gets released with no known1 errors.
Then the bad guys discover an error — a vulnerability they can exploit for malicious purposes.
The race begins.
Media frenzy
In my experience, the media makes these discovered vulnerabilities seem like much more of an imminent threat than they actually are.
This is one of the reasons I’m mentioning skepticism more frequently of late — not just being skeptical of promises made in advertisements or spam emails, but being skeptical of news media reports on current technology.
Things are rarely as bad the headlines make them out to be. Remember, their goal is to get you to click and see an ad. The more frightening the headline and the more you think it might apply directly to you, the more likely you’ll click.
Yes, of course the <latest scary-sounding vulnerability> could absolutely delete all your files, expose all your information, steal your identity, expose nuclear launch codes, and who knows what else. And that’s exactly what you see in the headlines.
In reality, once made public (and often even before), vulnerabilities are quickly fixed, updates are quickly applied, and the malware exploiting the vulnerability rarely has the wide reach that the headlines scare us into thinking.
Pragmatic reality
In reality, the average consumer need do nothing more than continue to follow basic security practices and not panic. Following those practices, rarely do people experience real impact as a result of the latest news-making threat, and even if they do, it’s relatively minor and easy to bounce back from.
Are there outliers? Of course! There almost certainly are those impacted by <latest scary-sounding vulnerability>. Generally, those are folks who don’t follow security best practices, and/or are being specifically and individually targeted by hackers for some reason2.
By definition, the bad guys are always in the lead. But that doesn’t mean you need to panic. All you need do is keep up those basic security practices you should already be following anyway, and remain skeptical as you read the headlines.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Podcast audio
Footnotes & References
1: Technically untrue. All software is released with known errors. The goal is that they are minor and of little impact. The tradeoff is, of course, the time it would take to fix them all.
2: I often refer to these folks as “high value targets”. Unless you have some legitimate reason to be considered “high value” for some reason, it’s not you. If you’re not sure … it’s not you. :-)
“Media frenzy
In my experience, the media makes these discovered vulnerabilities seem like much more of an imminent threat than they actually are.
This is one of the reasons I’m mentioning skepticism more frequently of late — not just being skeptical of promises made in advertisements or spam emails, but being skeptical of news media reports on current technology.
Things are rarely as bad the headlines make them out to be. Remember, their goal is to get you to click and see an ad. The more frightening the headline and the more you think it might apply directly to you, the more likely you’ll click.”
^^^ The above explanation is a good example why I refer to the media as Fake News.
Unfortunately, many in the media are more concerned about making money than disseminating the news. They rely on misleading headlines and sensationalism to get people to read or hear what they have to say. Even the most mainstream big players are guilty of this.
Mark, I could not agree more.
The MSM does contain a lot of lies but that is not just to attract viewers. They also get paid to spread propaganda. The MSM controls what people think and believe.
Using the MSM they have our beliefs on their strings. E.g. if the US government wants to invade a country for some dubious reason, then the US government can easily get support for that action by repeating on the MSM that ISIS —or whatever the terrorist group of the month is— is found there.
The MSM is a very powerful and important tool in controlling the population. Many people think that they are too smart to be manipulated like that, but every population that is being manipulated through propaganda thinks that they are too smart to be manipulated like that.
No politician is going to ignore the power of the MSM to make people believe whatever they want people to believe. Power is what politicians are all about. So we need less blind trust in the MSM. I try to only believe what I can personally verify. For me this makes the news pretty boring but it is a good protection from propaganda.
That’s a paranoid conspiracy theory. All news services have their biases, but the non MSM news sources like Alex Jones and talk radio are pure BS.
Sadly I cannot agree with this article relating to the binary depiction of “good people”vs.”bad people”. The issue is much deeper. For starters it’s the”ignorant people” vs. the “intelligent” people”.
I am a retired educator and hold two Masters Degrees + post grad studies and yet I am in the “ignorant” category. WHY?
Because unlike any older technologies created, ie.radios,TVs,autos, jets, etc this latest technology can control our lives, invade privacy like never before. The solution is not putting our trust in “those who were lucky enough” to be made aware of this potential and get educated in it; but for the public to demand educational opportunities for all(at no cost) to become members of the “intelligent” society. We no longer need to worry about who will be our next King, because right now our democracy, our freedoms are being controlled by the “elite Tech- Society”
I don’t agree with a singe point in this post. As to “…public to demand educational opportunities for all(at no cost)…”, that’s exactly what Ask Leo! does. Nothing comes at no cost. Educate yourself (I did). Everything you need to know is already sitting on the web waiting for you.
“Everything you need to know is on the web.” That’s true, but you need an education to soert the useful information from the lies and the irrelevant.
“Are the Bad Guys Winning?” It’s a very good question Leo.
Yes, they may well be winning here and there, at the moment, but a bad tree cannot produce good fruit. Any “wins” they might get are temporary and, probably, illusory.
I believe most people on God’s earth are decent and honourable and simply want to get on with their lives with their families, with their hard-won free time, free from crime too.
The reason for the evil which can be discerned here and there is, IMNSHO, down to three things :
#1. Greed
#2. Greed
#3. Greed
Hartelijk bedankt voor jou site and your tips, I like the Hero stories too.
Words of wisdom. Greed often enables you to get ahead of your competitors, but it also blinds you. Greed-generated anything can only guarantee you a temporary success. Your dirty secrets will eventually be revealed. So make it BIG, so no one can fail you even though they found out you’re dishonest.
I’m just a person who wants to earn an honest living and have a family I love, but what should I do if I’m already surrounded by those who I want to avoid the most?
Whenever I read about a new vulnerability, I just check to see that my computer software is up to date and just go about my business. Sometimes there’s one that requires action on my part (updating BIOS for example). I tuned out Chicken Little and friends a while back. And of course I back up on a schedule.
I read the article, and I failed to see where you put Mr. Healy in the ”ignorant people” category. I guess I need to read it again.
Ms. Healey used the term herself in her comment.
I would revise your comment about “perfect software” as follows: “any software as complex as an operating system is never perfect.”
I have written perfect software, but it wasn’t very complex. Every time, it did exactly what it was supposed to do, and nothing more.
The closest we have seen to big and perfect was DOS 5. In the fullness of time, it was revealed to have three bugs. (I participated in the extensive beta test, along with many thousands of other people.)
The media hype and sensationalism is what makes some people so paranoid about going near a computer. I like Leo’s new title “Confident Computing”. In this era, it’s no longer much of a choice if you use a computer or not, so a little common sense and a confidence boost through available information are what it takes to navigate through the perceived perils.