Vmyths.com


Hoaxes, myths,
urban legends

Columnists

Newsletter
signup

Addictive
Update
Model

False
Authority
Syndrome

About us

Computer
security
humor

Truth about computer security hysteria
Truth About Computer Security Hysteria

Entertainment vs. computer security

Rob Rosenberger, Vmyths co-founder
Thursday, 7 July 2005 Rob Rosenberger THE FINAL "STAR Wars" prequel raked in some interesting numbers — not interesting in their size, but rather their accuracy. Hollywood can track movie ticket sales on a near-realtime basis. Every Monday morning, CNN Headline news reports dollar figures for the top five movies. In a case like "Star Wars" or "Spiderman," they'll even report the European sales. And they report it to an accuracy of $0.1 million.
The average high school keeps stati­stics on its girl's soft­ball team. The aver­age com­pu­ter secu­rity expert keeps no stati­stics on virus in­fec­tions. What's wrong with this picture?
Mind you, that's an accuracy of ±14,000 bijou tickets. Ironically, the entertainment industry has better insight than the computer security industry. Why do we know so much more about ticket sales than computer infections? How hard could it possibly be to track, say, the number of infected computers in a company with its own full-time computer security team? How many tickets were sold for "Star Wars Episode I"? Hollywood knows the answer with near certainty. How many computers got infected by the ILoveYou virus? Antivirus firms can offer nothing more than a wild guess. What percentage of moviegoers saw "Star Wars Episode II" more than once? Hollywood uses scientific sampling to gauge the answer. How much monetary damage was caused by the Melissa virus? Computer security experts can offer nothing more than a wild guess. How many people saw "Star Wars Episode III" on opening day? Hollywood knows the answer with near certainty. How many computers with up-to-date antivirus software got infected by the Nimda virus on its opening day? Even the White House admits no one knows the answer.
Rate this column!
All sports leagues at all levels keep detailed stats on all of their players. We know, for example, who has hit a home run every May 20th for the last five years. But in the computer security world, we don't know the infection history for any given computer in any given company. The average high school keeps a lot of statistics on its girl's softball team. The average computer security expert keeps no statistics on virus/worm infections. What's wrong with this picture? Entertainment. Security. This should be a no-brainer, folks!