Wow! Inside of 48 hours there has been a flurry of articles and blog posts published on the internet that discuss among other things:
Microsoft Windows imminent collapse.
A BusinessWeek article that talks about how the superiority of Apple's Mac OS X operating system compared to Windows Vista will begin the gradual adoption of Mac OS X into corporate IT environments.
Microsoft's concerted effort during the development of Windows Vista to annoy their users.
The most provocative and emotion generating story that I read was a blog post (or article) by Wired contributor, Ryan Singel. He writes about computer botnets and how they are causing more and more damage to personal computers, and ultimately "national security."
I really enjoyed this article but it got me a bit fired up. My only complaint lies with the authors apparent unwillingness (or apathetic attitude) to report the big picture. Without technological perspective, namely a discussion of affected computer operating system platforms, he does his readers a disservice. How does one write this article and release Microsoft from any and all culpability? He even quoted a rather controversial statement from security consultant Ira Winkler:
QUOTE:
"The problem is no one is doing anything," Winkler said, proposing that users be fined or blocked if their computer is infected.
"Guess what? If your system has a bot on it, you don't get on the internet," Winkler said, summarizing his proposal.
"We need to hold people responsible when they present an imminent threat to other people," Winkler said to wide applause from the audience. He contrasted the lack of computer regulation to laws preventing unsafe cars from taking the road.
END QUOTE
Mr. Singel, how about correcting Mr. Winkler's horrible analogy and write something like, "Mr. Winkler could supply a better analogy by suggesting that we hold computer operating system manufacturers accountable the same way we would hold car manufacturers accountable for selling door locks and ignition switches that are dysfunctional at best."
How about asking the tough questions in your article like, "When is someone going to hold Microsoft accountable for the vulnerabilities that people are exploiting to create these botnets?" How about mentioning that Microsoft operating systems make up the largest portion of these botnet computers (more likely 100%). This information is easily available on the web at:
From http://en.wikipedia.org/wiki/Botnet :
"The majority of these computers are running Microsoft Windows operating systems..."
From http://www.honeynet.org/papers/bots/ :
"These days, home PCs are a desirable target for attackers. Most of these systems run Microsoft Windows and often are not properly patched or secured behind a firewall, leaving them vulnerable to attack. In addition to these direct attacks, indirect attacks against programs the victim uses are steadily increasing. Examples of these indirect attacks include malicious HTML-files that exploit vulnerabilities in Microsoft's Internet Explorer or attacks using malware in Peer-to-Peer networks."
I'm not at all sure that I'm comfortable with someone suggesting that ALL home computers need some sort of regulation. There are many computer users that currently do not participate in any of these spyware-induced botnets, and they should absolutely not be punished because other people choose to use an operating system that has a propensity for compromised security.
I really wish he would have put this article into perspective for the average user that may, or may not realize that Linux, Unix, and Macintosh based systems are in all likelihood not the botnet infected systems in this story. I understand that he was reporting and not overtly offering commentary, but I feel that there was (and is) sufficient evidence that he could have brought to this story in an effort to better educate his readership with some sorely needed operating system vulnerability perspective.
Crazy times for Microsoft seem to be ahead.
CH
