While this is surely interesting research, there are far simpler ways of bypassing AV software. Drive-by browser-based attacks of the type exemplified by Zeus and Koobface are far easier to execute. Today, attackers are focused on stealing money and intellectual property. They will take the path of least resistance. The AV vendors have yet to respond to the more obvious existential threat to their existence.

I went to the Core Force wikipedia article: "In November 2007, the developers of Core Force claimed that the software is to be considered discontinued, due to "the advent of Windows Vista and the incorporation of functionality similar to Core Force in other major desktop operating systems (Linux, Mac OS X)"[1]." This reinforces the point others have made that in Windows Vista (and surely Windows7), as well as Linux and Mac OS X, the default for users is NO admin rights. That annoying pop-up in Vista that people get so aggravated about is when you try to do something that requires admin privileges.

If you're willing to go on the record and say that you will refuse any medical treatment you can't pay for up front, then I'll support you. I'll think you're crazy, but I'll support you.

So, will you say that right now?

Hit and run driver hits you and you don't have $120,000 to pay for intensive care? You just stay at home with the Advil.

Deal?

I pay for stuff out of pocket because I'm young and healthy and self-employed. Tetanus booster? Just went and bought it, no biggie.

But I also have medical insurance for any time I have to pay more than $4000 in medical bills. For when I get hit by a car or crash my bicycle or have a hiking fall or any one of a multitude of other things you might consider to be in the "unhealthy lifestyle" category.

People without insurance end up in the hospital bankrupt, and those costs get spread around to those of us who carry insurance! Ironic, no?

Many have already commented about the obvious flaw in the study - they only interviewed thieves who were caught!! In order to really draw meaningful conclusions about identity theft they need to interview thieves who did not get caught. Of course that increases the difficulty dramatically. It reminds me of a story I heard years ago from my friend Joe. One night he was walking down a narrow street that had only one street light. Under it was a drunk who seemed to be looking for something. My friend Joe went up to him and asked if he could help. The drunk said, "Sure, I lost my keys and I'm looking for them." My friend asked the drunk, "Where did you lose them?" The drunk responded, "Over there." My friend asked, "Then why are you looking over here?" The drunk answered, "Well it's dark over there. The light is over here."