Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Wednesday, 02 June 2010 13:12

Never mention Windows and security in the same breath

By

If I had a dollar for every time Microsoft was forced to defend the abysmal security of its Windows operating system, I would probably be lying on a beach in the Bahamas and sipping a cocktail right now, with my financial future secured.


The latest defence, from Windows communications manager Brandon LeBlanc, has as many holes as Windows does in its security armoury.

As my colleague Jake Widman reported earlier today, LeBlanc took issue with a story stating that Google was moving its internal workstations away from Windows to OSX and GNU/Linux due to Windows' poor security.

In his response, LeBlanc talks of security issues with the Mac and Google too. That isn't the point - no system or company is perfect.

We are talking here about the relative security of various operating systems - and Windows is, without any doubt, the worst. Put it up against OpenBSD, Solaris, NetBSD, FreeBSD, GNU/Linux, OpenSolaris, or any other, Windows comes out last when it comes to security.

Remember we are talking about an operating system that was first released in 1985. That release was a real dog but in the intervening period, some progress has been made. However, the culture that it comes from is responsible for its security record - Windows was never built to be secure and building it again from scratch would take too much time.

That's why there is one day every month called Patch Tuesday - and it's only in Redmond that this day is observed. No other company needs to have such a day set aside every month for the simple reason that it has a much smaller security problem with which to deal.


 


The FT article carried this sentence: "Windows is known for being more vulnerable to attacks by hackers and more susceptible to computer viruses than other operating systems.'

Interestingly, when LeBlanc responded to this, he conveniently did not deal with the question of viruses. Or malware. Or spyware. Or scumware. Or pornware. Or... I could go on. But you get the point.

One simple fact, Brandon - when I run the latest version of Spybot Search & Destroy, one of the best-known spyware removal apps, on the lone Windows PC I have at home, it checks for more than a million different spyware applications. Yes, that's one followed by six zeroes. Food for thought, old chap.

Some of LeBlanc's defence is cited below (in italics), with my response to each of his statements:

We ship software and security updates to our customers as soon as possible through Windows Update and Microsoft Update to keep our customers safe.

Sure, Brandon, you need to do that. The company with the biggest security problem in the IT industry needs to do the most to keep its products somewhat safe. Or at least to give people the impression that they are safe.

We highly recommend our customers enable Automatic Update to ensure they are protected from attacks.

And any systems administrator who does that would be shot by his employer the next day. Companies run such a complex mix of software these days that they have to do intensive testing to ensure that their entire network does not collapse due to your updates. Turning on automatic updates in a big corporation is a surefire way to go out of business. And ensure either your extermination or else that you will never be hired again.

The rest of Brandon's statements are about Windows 7 - but what percentage of users are running it? Give us a few statements about XP, Brandon, that's what the majority are using. One of Microsoft's famous slogans is that the next version of Windows will be the most secure.

But in relation to what? The comparisons are always with earlier versions of Windows so that statement is never voiced in its entirety.

Microsoft is a marketing company first and a technology company second. That will never change. Neither will its abysmal record on security.

NEW OFFER - ITWIRE LAUNCHES PROMOTIONAL NEWS & CONTENT

Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.

POST YOUR NEWS ON ITWIRE NOW!

MITIGATE FRAUD WITH HYLAND’S DIGITAL CREDENTIALING SOLUTION

Some of the most important records are paper-based documents that are slow to issue, easy to fake and expensive to verify.

Digital licenses and certificates, identity documents and private citizen immunity passports can help you deliver security and mobility for citizens’ information.

Join our webinar: Thursday 4th June 12 midday East Australian time

JOIN WEBINAR!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & WEBINARS

REVIEWS

Recent Comments