Virus protection and "contributory negligence"
Tuesday, September 17th, 2002 02:06 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
robinturnerWhat follows is something I was going to post to newbie@linux-mandrake.com - I put it here instead because I think it raises general issues of computer ethics. The question in question was whether Linux users should install anti-virus software to protect Windows users who may receive infected documents from them [note for Windows users - Linux is immune to almost all viruses, so if you get an infected file from a Linux user, it must have been forwarded from a Windows user].
I may be a penguinista, but one reason I'm a penguinista is that I believe in giving people control over their software (and even hardware - I'd love to see a Free Hardware Foundation whose GPL would require that hardware manufacturers publish complete blueprints of their components and allow anyone to recreate, distribute or modify the component - can't see it happening soon though!). This means that people have the right to choose Windows if they want to. In fact, I even recommended to my mother that she stick with Windows 98 for the time being, since Linux support for her hardware was dodgy and she didn't seem to be having major problems with Windows (I did, however, make sure her anti-virus software was up to date and weaned her from Outlook Express to Netscape).
People might then say that with freedom comes reponsibility - if people choose to use Windows, then they choose to be vulnerable to viruses, and should install good anti-virus software, and be prepared for the inevitable day when a new virus that the software doesn't detect wrecks their system (it nearly happened to me - I thought one of our boxes had got Chernobyled until out hardware techie informed me it was co-incidence - the motherboard just happened to choose that day to blow up, so my pride was saved).
The problem with this attitude is threefold. Firstly, it ignores the fact that only informed choice is real choice, and many computer users are lamentably uninformed. Of course we can argue that they should get informed, but that is because computers are something we use a lot and find interesting. For most people, this isn't the case. An analogous example is my use of cars. I don't like cars, I'm not interested in cars, and I generally think they are Bad Things, but occasionally I have to use one. When this happens and I'm trundling down the road at 35mph or stalling at traffic lights, I would like other drivers to say "Hey, he's probably some old fart who drives once a year - I'll cut him some slack," rather than blow their horns or try to drive me off the road. This leads to the second counter-argument, which is that the "let Windows users get infected" attitude lacks compassion. I know this is not a fashionable concept in our corporate monopoly "free market" world, but I still think that the fact that someone is human makes me want to ensure that they come to as little harm as possible.
Finally, the argument implicitly shifts the blame from the criminal to the victim. It reminds me of the "contributory negligence" argument advance by a senile British judge in a rape trial in the 1980s - the woman was dressed provocatively, she was in a bar, she was singing folk music for God's sake, so she should have known she was going to get raped (I pray that some day someone will mug him and plead contributory negligence on the grounds that the man was well dressed and flagrantly spending large quantities of money).
So, to get back on topic, I would say install anti-virus software (and get the latest SSL!) if you're running a public server. If you're running a limited server, as I do, the best thing is just to refuse to put any Word documents or executable files on it. Co-incidentally, before I got bored and decided to read mail instead of working, I was busy converting Word documents to PDF to upload to this server.
I may be a penguinista, but one reason I'm a penguinista is that I believe in giving people control over their software (and even hardware - I'd love to see a Free Hardware Foundation whose GPL would require that hardware manufacturers publish complete blueprints of their components and allow anyone to recreate, distribute or modify the component - can't see it happening soon though!). This means that people have the right to choose Windows if they want to. In fact, I even recommended to my mother that she stick with Windows 98 for the time being, since Linux support for her hardware was dodgy and she didn't seem to be having major problems with Windows (I did, however, make sure her anti-virus software was up to date and weaned her from Outlook Express to Netscape).
People might then say that with freedom comes reponsibility - if people choose to use Windows, then they choose to be vulnerable to viruses, and should install good anti-virus software, and be prepared for the inevitable day when a new virus that the software doesn't detect wrecks their system (it nearly happened to me - I thought one of our boxes had got Chernobyled until out hardware techie informed me it was co-incidence - the motherboard just happened to choose that day to blow up, so my pride was saved).
The problem with this attitude is threefold. Firstly, it ignores the fact that only informed choice is real choice, and many computer users are lamentably uninformed. Of course we can argue that they should get informed, but that is because computers are something we use a lot and find interesting. For most people, this isn't the case. An analogous example is my use of cars. I don't like cars, I'm not interested in cars, and I generally think they are Bad Things, but occasionally I have to use one. When this happens and I'm trundling down the road at 35mph or stalling at traffic lights, I would like other drivers to say "Hey, he's probably some old fart who drives once a year - I'll cut him some slack," rather than blow their horns or try to drive me off the road. This leads to the second counter-argument, which is that the "let Windows users get infected" attitude lacks compassion. I know this is not a fashionable concept in our corporate monopoly "free market" world, but I still think that the fact that someone is human makes me want to ensure that they come to as little harm as possible.
Finally, the argument implicitly shifts the blame from the criminal to the victim. It reminds me of the "contributory negligence" argument advance by a senile British judge in a rape trial in the 1980s - the woman was dressed provocatively, she was in a bar, she was singing folk music for God's sake, so she should have known she was going to get raped (I pray that some day someone will mug him and plead contributory negligence on the grounds that the man was well dressed and flagrantly spending large quantities of money).
So, to get back on topic, I would say install anti-virus software (and get the latest SSL!) if you're running a public server. If you're running a limited server, as I do, the best thing is just to refuse to put any Word documents or executable files on it. Co-incidentally, before I got bored and decided to read mail instead of working, I was busy converting Word documents to PDF to upload to this server.
