![MVP_BlueOnly[1]](http://msmvps.com/cfs-file.ashx/__key/CommunityServer.Blogs.Components.WeblogFiles/spywaresucks.metablogapi/3250.MVP_5F00_BlueOnly1_5F00_64EF6C89.png "MVP_BlueOnly[1]")
As much as things change, they remain the same.
I’ve just been reading my long posting written when I was awarded MVP status for the 10th time and pondering how times have changed. I was originally awarded MVP status as an “Internet Explorer” MVP and stayed in that grouping until last year, when I was shifted to “Consumer Security: Training” – not surprising really, considering the vast majority of my time is focused on protecting internet users as a whole nowadays, not just Internet Explorer users.
The tide began to move back when the Internet Explorer team first introduced the yellow info-bar and stopped web sites from being able to install BHO/ActiveX without user interaction. Then the phishing filter (now called the “SmartScreen filter”) was introduced. Security was improved as security packs were introduced for XP, Vista raised the bar further, and Windows 7 even more.
Firefox and Apple supporters may argue the point (admittedly, not as much as they used to) but reality is that the bad guys are getting at people via social engineering more often than not nowadays. That being said, it should also be pointed out that nowadays it is third party software, more than Windows or IE itself, that is a conduit to infection. Making sure that your Microsoft operating system and software is patched is not enough – you MUST use software such as Secunia to ensure that you are made aware of, and install, patches for as much of the software on your computer as possible.
I admit it – I’m loving my life, and my work. It used to be that much of what I did was reactive – helping victims remove malware from their computers after they were infected – which often felt like I was lopping off branches while the problem tree just grew larger and stronger. Now my work is proactive – working direct with companies to improve their software and encourage them to achieve “best practice” in terms of software behavior and notice BEFORE it is distributed on the internet, and educating web site owners and ad networks/exchanges about how to avoid malvertizing and the miscreants behind it. Prevention is so much better than cure.
Anyway, back to work for me – there is much to do and not enough hours in the day.