Today, I’m on the side of the Evil Empire
I’m going to do something shocking today, so I hope you’re all sat down and comfortable.
I’m going to stick up for Microsoft.
– cut –
There’s a lot not to like about Microsoft software, don’t get me wrong. I don’t like the pseudo-consistent interface. Anyone who knows Excel’s terrible implementation of cut/copy-and-paste will know what I mean. I don’t like the way XP handles memory management. I don’t like that memory leaks are the norm. I don’t like it’s almost-but-not-quite multi-user way of working. I certainly don’t like the way that Microsoft makes it a policy to break and corrupt every single file format or design standard it touches (html, xml, css, rss, email, just to name a few).
But when it comes to computer security, I’m on Microsoft’s side.
This might sound strange given the amount of bad publicity their operating systems have for vulnerabilities, worms, viruses and the like. But these are not Microsoft’s fault. We should be attacking and prosecuting the people who write these viruses and abuse the loopholes present in the system. These are the asshole who make all this crap “necessary”.
Here’s an anology. If car manufacturers were treated the same way that Microsoft has been, we’d all be driving cars which:
- have solid tyres, because the inflatable ones might burst
- have no side windows, because they might be broken by car thieves to gain entry into our car illegally
- have car locks that require the keys to be changed every 14 days to prevent someone stealing them
- have a secure completely enclosed driver’s seat because the passengers might see what the driver is doing
- cannot be driven over 15mph because the car might hit another vehicle at higher speeds.
See my point? Sure, Microsoft should provide adequate security measures just as the car manufacturers have a responsibility not to put a car on the road that is clearly dangerous, but their duties of care stop their. It’s not the car manufacturer’s fault if your car gets stolen. It’s not their fault if your window is smashed. Neither is it Microsoft’s fault if someone hacks into your system. The blame lies which the hacker, just as it does the car thief.
That said, Microsoft does need to make their systems more admin friendly than they currently are. It’s possible to lock XP’s security down much more tightly than is set by default, but this generally involves registry hacks and the like. If the GUI interface is Microsoft’s mantra (one I think is flawed for several reasons, btw), then the registry should never need touching.
Also, I’d estimate that around 80% of all reported “vulnerabilities” only exist in the lab of a company with a vested interest. New viruses, trojans, etc are “discovered” all the time by makers of anti-virus software, and it’s debatable just how many of these exist only to bolster the sales of their products. Similarly, a lot of securty holes are purely theoretical. Someone “could” invade your system using a Windows Metafile. Sure, they could also break into my house and hold my coffee mug for ransom, but how likely it is really? I’ve no idea (about the .wmf part, anyway), because just like Schroedlinger’s cat, the knowledge is now live and out in the open. A “security expert” has turned the very unlikely and theoretical into something quite likely. I’ll leave you to decide whether he’s done a good job or not.
These are moot points though, as it should be possible to put any system online and it stay clean. The current estimate is that an open system will be compromised within just 15 minutes of connection. That’s the fault of the evil adware and virus whoring scum out there. They all need rounding up and locking far from a network cable. THAT, not security patches, would make the world a better place.