|Home » Resources » Rants
It's Called Snake Oil Y'all
Week of September 19, 2000
Now I've been travelin' all around and I heard trouble's come to your town
Well I've got a little somethin' guaranteed to ease your mind
It's called Snake Oil y'all and it's been around for a long long time
- Steve Earle
Every breath you take every move you make I'll be watching you
- Gordon Matthew Sumner
The times they are a-changin'. From one minute to the next we don't know if we're doing better or worse. Things are calm in Washington DC, Linux has its lion's share of the server market, Win2K is off to a terrible start - things couldn't be looking better, could they?
Enter the buzzwords of the new decade, 'security' and 'privacy'. Leslie Stahl on 60 Minutes does a feature on web trackers. She's totally amazed at what's going on. 'A cookie is a little gadget planted into your operating system,' the less than intelligent so-called computer expert tells her, and she believes it, swallows it whole.
Steve Bass of PC World Online discovers all of a sudden how spammers are now using web bugs in the junkmail they send you. Great stuff, isn't it? Companies like Freedom offer pseudo-solutions but also offer t-shirts, coffee cups, and baseball caps.
People everywhere have been given computers and sail on, surf on, in complete ignorance. Leslie Stahl notes that today advertisers can know exactly who she is and even tune the ad banners to suit her individual demographic, and one defender of this system tells her 'it's good'.
New sites pop up which use almost any plausible excuse to ask for your real name, address, telephone number, the works, and no one or almost no one realizes this stuff can then be correlated with a cookie and anyone can know anything about you from that point onward.
People are getting more paranoid about information. The response to radsoft.net's release of ShredPerfect+ was surprising and staggering. People are scared.
The question on the agenda today is however: need they be? And are there products available out there to protect them?
First off, let's make one thing painfully clear: the biggest weapon against all threats is knowledge. Knowledge is cheaper, is often for free, and a general savvy can take you a lot of places and keep you away from a lot of pitfalls. Knowing what you need and don't need and why is often more than enough.
You hardly need a shredder at home; you might need one at work. But even with a good shredder (radsoft.net's ShredPerfect+ is the only fully acceptable shredder on the market) you need to know how to use it anyway.
Do not move sensitive files around unnecessarily. You might be able to shred what you think is the final copy, but you have no idea how many ghost images still exist elsewhere on your disks. If you are downloading what you consider sensitive information, leave it where it is. Use it there and only there, and when the time comes, shred it.
Not much can be said of the other shredders on the market: some actually expose your data more. Caveat emptor.
Placebo that bewilders. Not a single one of these products has a single significant contribution to make. See elsewhere at this site for a complete rundown on these fancy salesmen.
Ah, the snake oil salesman approaches. Watch Rob Rosenberg's kumite.com at all times, and take a good read through the site to learn how the AV business really works.
Do any of the so-called virus threats ever pan out as widespread as the AV companies scare us into believing? Of course not. Do we need AV software? Some of us sure do. But is the danger as great as the AV companies make it out to be? Read kumite.com and draw your own conclusions.
The AV business is moreover tied intimately with that latest snake oil brand, the 'personal firewall'.
If ever there be a fast track to quick and unethical profit, this is it. Almost none of the products on the market today are worth diddley. Read that last sentence again. Not only do they trash your box and your Registry, they very often up more holes than you had before you installed the snake oil. See both Steve Gibson's grc.com and pc-help.org for complete rundowns on the worst of these charlatans.
Do I Need Anything At All?
Debatable. And you sure don't need snake oil. With a permanent IP you would want a firewall, yes. This is as it's always been. But there are currently only two or three on the market worth looking twice at.
The virus threat is worst with 9x. No doubt about it. Virus authors still haven't hacked NTFS and basically are still using 9x themselves. So other systems are relatively safe. And to make matters easier, all you have to do is watch out for unsolicited attachments and never run programs obtained by other than official download sites.
What you do have to look at, unfortunately, are all the boxes on the shelves in the computer stores, online and off, where you buy your next machine. More and more OEMs are subsidizing low costs by cutting deals with major ISVs to pre-install web trackers. One major ISV has actually gone about buying up firewall technology so as to be able to disable it - that's how bad it's become.
When you bring a new box home, don't run it on the net right away. Watch out for any 'free' products included in the factory setup. If possible, wipe your disks clean and install everything all over again, paying particular attention to just what you install, and not installing anything more than you really need.
Shop around, read the news groups, and keep on top of how Big Brother is honing his techniques for getting at you.