Microsoft Windows: Insecure by Design (Excerpt)

Washington Post ^ | August 24, 2003 | Rob Pegoraro

[HAL9000]

Excerpt -

Between the Blaster worm and the Sobig virus, it's been a long two weeks for Windows users. But nobody with a Mac or a Linux PC has had to lose a moment of sleep over these outbreaks -- just like in earlier "malware" epidemics.

This is not a coincidence.

The usual theory has been that Windows gets all the attacks because almost everybody uses it. But millions of people do use Mac OS X and Linux, a sufficiently big market for plenty of legitimate software developers -- so why do the authors of viruses and worms rarely take aim at either system?

Even if that changed, Windows would still be an easier target. In its default setup, Windows XP on the Internet amounts to a car parked in a bad part of town, with the doors unlocked, the key in the ignition and a Post-It note on the dashboard saying, "Please don't steal this."

MORE...

[TomServo]

But nobody with a Mac or a Linux PC has had to lose a moment of sleep over these outbreaks -- just like in earlier "malware" epidemics.

And neither did I, with my 3 Windows boxes.

[Chad Fairbanks]

DItto... I don't see what all the hullabaloo was about...

[TomServo]

DItto... I don't see what all the hullabaloo was about...

What is it we're doing so wrong that others are doing so right? (/chortle) ;-)

[rs79bm]

But nobody with a Mac or a Linux PC has had to lose a moment of sleep over these outbreaks -- just like in earlier "malware" epidemics

Of course not. When somebody develops a virus, they go for the widest range and reach possible. It just isn't there in the Mac and linux community. Could somebody develop a virus for these machines? Absolutely. But if you want to effect 90% of computer users, you develop a virus for a windows machine. I'm not saying it's right by any means, but that is the logic. If people take this article to heart, then everyone with adapt to Linux and Macs, and thus people will start to create viruses for these machines.

[E. Pluribus Unum]

DItto... I don't see what all the hullabaloo was about...

That's like saying 9/11 was no big deal because no 747 crashed into your house.

[MEG33]

Not a problem for my Windows.

[rs79bm]

Windows XP on the Internet amounts to a car parked in a bad part of town, with the doors unlocked, the key in the ignition and a Post-It note on the dashboard saying, "Please don't steal this."

What Mac office do they work for???

[Ken522]

... and Rob Pegoraro, with his neat analogy with the car parked in a bad part of town, knows all about how to make a digital virus to attack Windows OS. (snicker}

[Grit]

so why do the authors of viruses and worms rarely take aim at either system?[Mac, Linux]

It should be obvious by the amount of vitriol displayed by the Mac Daddy's and Linux Heads here, that some people simply hate Bill Gate$ and M$ and love to see them suffer.

[SC Swamp Fox]

What is it we're doing so wrong that others are doing so right?

If the article is correct, we are either up to date on our MS patches and updates and/or we are running firewall software.

The point of the article is that MS operating systems are shipped with built-in vulnerabilities. For example, Windows XP Home Edition ships with five ports open, behind which run "services" that serve no purpose except on a computer network.

[dts32041]

That's like saying 9/11 was no big deal because no 747 crashed into your house.

Thats what the demorats think, so it must be true.

[SedVictaCatoni]

The point of the article is that MS operating systems are shipped with built-in vulnerabilities. For example, Windows XP Home Edition ships with five ports open, behind which run "services" that serve no purpose except on a computer network.

Nod, concur. And the various Macintosh and Linux distributions of Unix don't. That was the point of the author's comment. Certainly, you can go in and open up some dangerous ports on a Mac OS X or Debian install, but the point is that it isn't the default. Similarly, it is possible to write a Mac or Linux worm, but A) there are far fewer boxes to target, but more importantly B) there are far fewer built-in-and-default-enabled vulnerabilities to target.

[cake_crumb]

I read an editorial in an Aussie publication the other day about MS's total lack of security since Windows 3.1.

It was titled "Forget Davis; Recall Microsoft"

[HAL9000]

Could somebody develop a virus for these machines? Absolutely.

There is a problem with your theory as far as Mac OS X is concerned.

Windows just automatically installs viruses without asking the user for permission. But Mac OS X requires the user to enter the password in order to install anything. How would a Mac OS X virus trick users into entering the password?

[=Intervention=]

The article compared the secxurity of various systems shipped out of the box -- i.e. default security and then it talked about the ease of use in making your systems more secure. Sure, if you have Windows, you can think think think and spend all your time applying system patches and delighting yourself in doing obscure things to your system to make it more secure, downloading and updating A/v software and so on and so on, but the point of the matter is that you have to do these things, because the system is insecure by design. That was the whole point about the article, not "Oh virus writers target Windows because it's popular (and because it's uhm better...).

[Smogger]

No one is going to bother to create a virus for two people.

[Gorzaloon]

What Mac office do they work for???

Dating from the 80's, Macs did dominate desktop publishing, hence are established in the publishing industry. When I buy advertising for my business, I have encountered printing companies and even a magazine or two who demand files in the 'Mac Version of Quark Express'.

My response is : "What's the name of that disk or file compression program Macs use...

Is it "STUFFIT"?

People are not even going to write a virus for 5% of the market share. Don't get me wrong on this, I am no lover of MS, and have special issues with WinXP that are serious enough for me to start eyeing Linux hungrily. Currently I think it is fair to describe customer/MS relations as "Adversarial", but then, in the 80's when they were on top, Apple were no angels, either.

If anyone wonders what my last straw with XP was, it was the embedded MS Messenger. Oh, it's gone, killed immediately, but I am not going to forgive and forget an embedded no-uninstall firewall hammer. And the MediaPlayer spyware...and...and..

[Jumper]

Microsoft is a decent product for which I owe my employment. Having said that, all products need to have 1) regular patches and fixes (updates/hotfixes), virus protection, and some type of firewall in place. Anything less just opens you up to looking like a fool and then laying the blame on Microsoft's products.

[tubavil]

I hope terrorists and hostile foreign governments aren't aware of the inherently insecure architecture of winblows.