After my recent note on malware, our own Steve Stroh felt induced to respond.
Malware can only thrive in a "hospitable" environment - Windows and its twin demons Outlook and Internet Explorer.
While I haven't been able to divorce myself from Windows, I have successfully migrated off Outlook and IE and now I'm far less worried about my mail client happily downloading and automatically executing dangerous code without bothering to inform me, nor the browser being a steaming pile of vulnerability heaped upon vulnerability if I happen to be maliciously redirected to an web page with malicious code.
The "price" of Windows is no longer just monetary cost or the pain of switching to something else. Now the price of Windows includes the requirement to purchase, understand, and regularly update antivirus programs, pop up blockers, malware scanners, spam blockers, and the rapidly growing overhead of patch upon patch now being added weekly to added to every copy of Windows that is used to communicate on the Internet.
The answer IS out there; those of us with long experience in "The Windows Culture" are reluctant to embrace it - Macintosh for "the rest of us" and Linux for the most demanding and technically astute. We ALMOST had some middle ground, the various "Windows-like friendly" operating systems such as Be that would run on PC hardware, but were casualties of Microsoft's monopolistic practices.
All the squandered potential represented by Be and others that might have
been... THAT is the REAL cost of Microsoft Windows.
I continued the discussion.
I hate to disagree in any way....I agree with 99% of what you say.
The disagreement is in the why.
I think Windows is vulnerable not because it's crap, but because it's popular. We have seen, lately, a few Mac and even Linux malware products coming out. And if Windows were less popular I'm sure we'd see more.
But let's let Steve have the last word. (And don't forget to throw him some love over at BWIA.)
Yes, Microsoft's ubiquity has made it the target of choice to all those who wish to harm and exploit. But that said, it shouldn't be POSSIBLE for a PC running Windows to be exploited NEARLY to the degree that it has become.
My understanding is that Malware gets onto one's computer not by exploiting newly-discovered flaws in OS, browser, or mailer... but by the same mechanisms that were originally intended to allow easy download of content and other cool features (plug-ins) in the background... without "bothering" the user.
Once it was discovered that was occurring (years ago now) Microsoft should have FIXED that, making it possible to "lock down" the browser and force any such download to pop up a dialog box ASKING me if I want to download ANY executable... especially one that is going to install itself permanently on my system.
If I'm browsing NPR and they have a new audio format, fine. If, like yesterday, I go to a web site listed on a presentation, and that web site has been hijacked and they try to push some malware at me, the browser should TELL me about it.
Indeed, that is exactly what the newest generation of non-Microsoft browsers ARE doing, effectively repelling such attempts to download malware behind the scenes. While I cannot do entirely without IE; some vital web sites are "hard coded" for IE, such as travel sites, I can change my behavior to default to a better browser for most of my web activities and be quite a bit safer online than if I'm using IE all of the time.
Dana Blankenhorn has been a business journalist for over 25 years and has covered the online world professionally since 1985. He founded the "Interactive Age Daily" for CMP Media, and has written for the Chicago Tribune, Advertising Age, and dozens of other publications over the years.
1. Lyle Clarke on April 30, 2004 08:06 PM writes...
The good twins of Mozilla Firefox and Thunderbird have broken much of my Microsoft habit. If you have not yet tried this combination as an IE/Outlook replacement then you really owe it to yourself to give it a whirl. Not just malware resistant, but spam resistant too. Mailwasher combined with Thunderbird's junk filter is a real gem.
Permalink to Comment2. John Papola on May 1, 2004 11:30 PM writes...
The Mac is not more secure because it has small market share. It's is more secure by design. Never mind the fact that it is a fundamentally superior and more enjoyable platform for 99% of all computing. If you want to live your computing life with the knowledge that no code can access your system without you express permission, buy a Mac.
Permalink to Comment