Tuesday, 2 November 2021

Computers and the Internet: a question

When the Internet started becoming accessible to more people, one of the problems that also developed was that of getting viruses and other malware. 

Now, a lot of that is due to what is referred to as PEBCAK ("problem exists between chair and keyboard") - or, in other words, user error (insecure passwords, being vulnerable to social engineering, clicking on suspect links, not applying patches promptly / automatically, etc). However, there's another aspect that I have wondered about from from time to time. 

Now, consider these two points: 

  1. when PCs start up, they go through a sequence of actions, and, for some of that, the PC can't proceed to the next action unless the preceding essential steps have been completed; 
  2. when a PC is running, there is typically some indication of whether the anti-virus/anti-malware programme is up and running properly - there have been some times (not for the last five years, and this was actually only on work PCs) when the indicator said the the anti-virus/anti-malware programme was NOT active. I responded by restarting the PC (that was the official advice from the company I worked for at the time), and next time round the the anti-virus/anti-malware programme worked correctly.

So . . . given that the PC is capable of enforcing sequences where subsequent actions do not occur unless the previous essential actions have been performed, and that the PC is obviously aware of the status of the anti-virus/anti-malware programme, wouldn't it be possible to prevent the PC automatically connecting to the Internet if the anti-virus/anti-malware programme is not operating correctly? 

I personally set my PCs up so they don't connect automatically (although I've found my current OS has a dangerous tendency to change that when they want to push something down my throat), and I have gone to the extent of getting an up-to-date anti-virus/anti-malware programme on a disk (yes, this was a long time ago) so I could install it before I went online (the current software packages are much better in that regard), but . . .

. . . is there a case for a legal action on the basis of poor PC software design on that matter? 

Given that nothing has happened over the last two and a bit decades I suspect the answer is no (e.g., problems defining legally what is a suitable package / state, too many problems with PEBCAK mean focus is better applied elsewhere, fact that this does not cover all possible sources of PC infection, and likely screams from millions [billions?] of users who want to not have to think or take an extra half second before getting to the latest goss, etc), but it was an entertaining few minutes to ponder this, consumer law, responsible design, human flaws, etc.


No comments:

Post a Comment

Note: only a member of this blog may post a comment.