Misunderstanding Security

Get the WebProNews Newsletter:

[ Business]

At UNIX Security: Don’t Believe the Truth, Thom Holwerda makes a rather silly argument that Unix security is no better than the worst of Windows security because the result to the user is the same: his personal files can be damaged by a worm or virus even if system files are more protected.

Windows will soon have a security model that will be very Unix-like, so I guess Bill and the boys didn’t understand this. More seriously, Thom misunderstands that malware simply interested in deleting files is rather rare today, and even if that is part of the payload, the first action is more likely to try to gain administrative control of the system (Unix or Windows). If you are an administrator (or root) and have invited or been tricked into allowing the malware to run, that just makes things easier, and it is that simple fact that has caused the greatest majority of Windows security problems.

No doubt Windows will be more secure post-Vista, and no doubt Linux and Mac OS X would be less secure if the user base were larger. I also have no doubt that both Linux and Mac OS X will pay the price of “user friendliness” just as Windows does. Making things mindless for users just helps the bad stuff find a way in.

There’s a long running thread here entitled “Linux sucks, Windows is better than linux“. In comments there, rather stupid people on both sides of the argument have posted their “(Windows||Linux) Rulezz!” opinions. Thom’s post is a little more intelligent, but it still misses the point: For many people, surely most people, the OS is the least important part of the computer: it’s applications that drive their choices. And for the majority of those folks, they didn’t “choose” Windows at all: it came with the computer that they bought to do email, to balance their checkbook, or whatever.

Some people DO choose their operating system. Among that group, Windows is likely the least popular choice, because it is the least interesting. It’s ubiquity certainly is part of that dullness, but the closed, proprietary code doesn’t help. Many of us also don’t like the general design of Windows, preferring Unix semantics. And there is that “ease of use” that is implied in Thom’s article: if two systems are equal in security, but one is “hard” to use, why would you use the hard one?

Good question, but there different kinds of “hard”. Windows folks always think Windows is easy and Unix/Linux is hard. But from my point of view, for the things I need to do every day, it’s Windows that is the “hard” OS and Unix is easier. If this weren’t so, I would use Windows, but instead I prefer my Mac.

If you have used operating systems from CPM to OS X and everything in between, and you prefer Windows, I respect your choice. If you have only used Windows (or “used” something else for an hour or two) and want to pretend you’ve made a choice, you are only fooling yourself. You certainly aren’t fooling me.

*Originally published at APLawrence.com

Add to | DiggThis | Yahoo! My Web


A.P. Lawrence provides SCO Unix and Linux consulting services http://www.pcunix.com

Misunderstanding Security
Comments Off on Misunderstanding Security
Top Rated White Papers and Resources

Comments are closed.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom