Canada’s Riskiest Online Cities?

I know I’m really late to the game on this one, but I’ve been itching to write this post since February 22, when Symantec revealed their list of Canada’s Riskiest Online Cities; or, put another way, Canada’s cities that are (allegedly) the least protected from malware, hackers, and scammers.

I first found out about this report from Symantec via Twitter, which led me to AM980’s “story” about it (basically a cut and paste job of Symantec’s original press release). As I read through the results, and then how Symantec came up with the results, I came to a few conclusions:

  • The methodology is fundamentally flawed (as described in previous reports).
  • The key indicator is that Symantec uses its own customers to provide infection data. All this tells us is that Symantec’s products detect some malware – not how much malware, not how effective it is at protecting the devices it’s installed on.
  • It also doesn’t take into account how well protected customers are using other, competing anti-malware suites. This isn’t Symantec’s fault, but it’s disingenuous at best.
  • “The prevalence of PCs and smartphones” is used as an indicator. Why? A greater number of devices doesn’t automatically introduce more risk. It introduces the opportunity for risk, certainly, but that also assumes you’re using these devices on the Internet. What if I’m not?

I know Symantec means well, but when every link leads back to a Symantec-related website (primarily Norton products), it all starts to look like a big marketing ploy… which, to be sure, it is. I don’t have a problem with Symantec marketing its products, but to conclude that the fine citizens of Burlington, ON live in Canada’s riskiest online city simply because Burlingtonians spend a lot of money on computing devices, Internet connections, and Symantec products isn’t right just because Symantec says so.

The tips that came out of the report are good:

  • Get an antivirus product (keep it updated, schedule weekly scans)
  • Use secure passwords (letters, numbers, and at least one symbol – keep it over 8 characters long)
  • Stay away from unsecured wireless hotspots if you’re going to transmit data over unsecured websites – thankfully banking sites, most free email providers, and lots of other sites are available as secured sites (https:// in your browser).
  • Shops offering free Wi-Fi should secure them by using a very simple password, like “free.” At least there will be encryption on the hotspot, allowing users to be safer than they were before on the same unsecured hotspot.

But that doesn’t mean you have to use Norton products. There’s AVG, Malwarebytes, Microsoft Security Essentials, Avira, and avast! which all offer good, free protection. No, they’re not necessarily the best, but it’s a hell of a lot better than having nothing at all.

The good news here, I suppose, is that Canadians are online and using the Internet, and mostly for good reasons. I just wish Symantec’s study had a better methodology that included data from the other anti-malware software providers too. I’m sure McAfee could do a similar study and they might end up with very different results depending on how they collected data.