Giving "Casuals" the Virus-Metric
dave at thesmithfam.org
Sun Feb 8 13:19:57 MST 2009
Daniel C. wrote:
> I'd like to put together a short article or white paper that will give
> casual computer users the tools to tell what's going to mess up their
> system and what isn't. The problem is that, while I can tell what's
> dodgy and what isn't, I don't know how I can tell. Can anyone here
> help me out with this?
Most people seem to remember tangible examples better than abstract
principles. For example, if I say "the measured volume of a sound
decreases proportional to the inverse square of the distance between
transmitter and receiver," most lay people would forget that pretty
quick. What I would say instead is "When I stand on a football field and
yell to you from one end zone to the other, and then I move to the 50
yard line and yell again, it will sound 4 times louder. If I move to the
25 yard line, it will sound 16 times louder." That will stick in the lay
person's mind somewhat better, I've found.
In your case, I would go look at a bunch of malware sites and take
screenshots. I would then insert the screenshots into your white paper,
graphically calling out the specific elements of the sites that make
them look suspicious. I would also show screenshots of installers that
look like they are doing naughty things (probably need a virtual machine
for this one to not destroy a real box). Lastly, I would find two sets
of error messages from Windows: The first set would contains messages
that mean something bad is about to happen (or has happened). The other
set would contain messages that are usually ignorable and a natural part
of installing non-malicious software.
Good luck creating such a document. It will probably be quite a
challenge to find enough representative material for a lay computer user
to learn how to form a good definition for "suspicious" without
overwhelming them with too much information.
I look forward to hearing how it goes.
More information about the PLUG