Op Thu, 21 Sep 2006 17:06:59 -0500, schreef Erik Funkenbusch:
> On Thu, 21 Sep 2006 11:57:43 +0200, Richard Rasker wrote:
>
>> Op Wed, 20 Sep 2006 20:20:46 -0500, schreef Erik Funkenbusch:
>>
>>> On Thu, 21 Sep 2006 01:17:11 +0100, Roy Schestowitz wrote:
>>>
>>>> But Microsoft, much like our resident Winvocates and apologists, says that
>>>> only 2% of the Windows PC's out there are found to have malware, according
>>>> to some tools. Speaking of lies and bias, Microsoft also claimed a failure
>>>> rate of 5% for the XBox 360. EA put the bar at 30-50%, based on a sample of
>>>> ~500.
>>>
>>> That's not what Microsoft said, and you know it.
>>>
>>> The figure you're talking about is WGA false positives. Nowhere has
>>> Microsoft said 2% for spyware.
>>
>> You're absolutely right. Microsoft came up with a rather lower estimate:
>> 0.32%.
>>
>> http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=viruses__worms_and_security_holes&articleId=9001109&taxonomyId=85
>
> No, here is what Microsoft actually said in that acticle:
>
> "Microsoft couldn't say what percentage of PCs have been infected by
> malicious software."
And just before that:
"The software was used to scan systems 2.7 billion times during that
period, and on average, it finds something malicious about 0.32% of the
time, or in one out of every 311 scans, according to Microsoft."
The average reader would simply conclude that there isn't really anything
to worry about. Oh yes, they're honest in saying that the don't have a
clue about the actual number of infections; still they very suggestively
come up with a very low, precise number - a number which turns out to
have no significance *at all*.
> Microsoft was talking about it's Malicious Software Removal Tool, which
> only finds a small subset of the malware overall. It's designed to remove
> the malware that is difficult to remove in other ways (the stuff that
> automatically reinstalls itself when you try to remove it).
In other words: it's just another piece of bloody useless rubbish,
demonstrating the eternally half-baked, sloppy approach we've come to
expect from Microsoft. Or would you suggest that people start running a
dozen or more anti-malware applications? one for simple viruses, one for
difficult-to-remove viruses, one for backdoors, one for adware, one for
spyware, one for cleaning up after IE had its weekly oopsie? Oh, wait,
they already do ... It's absolutely amazing that people not only put up
with this rubbish, but actually pay for it - but that's because Microsoft
dictates all the
> Further, that number is based on the number of passes the software has
> made. So, once you've cleaned your machine once, and then you run it
> again, it won't find anything, but it will count as another pass.
Thereby making the numbers given by Microsoft totally meaningless in any
practical sense, yet nicely suggestive to lull people into a false sense
of security. They either shouldn't have mentioned the numbers at all, or
have 'fessed up that quite likely, one in every two or three pc's was
infected.
> The author of the article appears to have extrapolated his own data based
> on the simple stats Microsoft gave for the MSRT.
Lesson #1 for tech companies: don't give useless stats to the press.
>> I guess it's just an common, innocent error: they got the result as a
>> simple ratio, but mistakenly presented it as a percentage. Happens all the
>> time. Just look at Enron, for instance.
>
> Microsoft didn't make that error, the reporter did.
The reporter just printed what he got fed. And what he got fed was a
highly suggestive number.
Richard Rasker
--
Linetec Translation and Technology Services
http://www.linetec.nl/
|
|
