Entries Tagged 'security' ↓

Windows Protection Racket

I’m sure this isn’t news and has probably been talked to death and certainly not the first “protection racket” comparison, but tonight while perusing the software selection of an evil worldwide despot of consumerism which shall remain nameless, I saw an offering from Microsoft. A pretty, somehow comforting package containing Windows Live OneCare. The front of the box clearly showed the purpose:

  • Antivirus
  • Antispyware
  • Firewall
  • Performance tuneups
  • Data backup and restore

Shoot, why shouldn’t Microsoft get in on a piece of this action? According to Gartner, “the total antivirus software market … grew 13.6 percent to more than $4 billion in 2005.” Microsoft created the demand.. why not provide some supply, too?

The more I thought about this, the more it seemed like a high-tech protection racket. These products shouldn’t be necessary (meaning a well-written operating system shouldn’t be such a fertile petri dish), but if they are, they should be a standard “feature” of the OS, not an option.

“Um, yeah.. so youse need to pay extra on account that you won’t be infected by viruses or spywares. Those spywares is nasty business. And because running these will slow down youse computer, we’ve included some stuff to make it go faster. And as a bonus, we’re giving you a firewall, ain’t that right Vinny?”

“Hey, wait a minute, doesn’t XP have a firewall these days?”

“We is gonna pretend youse didn’t say that. It’s included in youse protection coverage, got it?”

“Um.. <gulp> yes, big, mean-looking man, sir.”

Oh, and am I crazy to think that an operating system should have the built-in capacity to backup and restore data? I’ve said for years that deploying Microsoft is a strong first step in your business discontinuity plan.

David and I were talking about virii this afternoon. There is apparently a new nasty one out there that actually installs its own antivirus software that kills off the competition so as better to go undetected. I think it’s interesting when technological systems are built, with intent or not, to mimic biological systems as in this case. When I made my obligatory, “hmmm, maybe I should go out and look for an OS X antivirus package” joke, he said that was one thing he didn’t understand about Mac users, why they feel that mac viruses are impossible.

I related a recent story about someone in my family who is ultra-paranoid about, well, lots of things, particularly identity theft. We get pounds of credit card and other offers in the mail weekly. They are a disgusting form of spam, although that’s the topic of another post someday. Anyway, at our new home out of the city limits, we can burn things (as we did frequently while building the house). It dawned on me a few months ago that our tedious shred-fests are no longer necessary, that we can just burn the mountain of spam. When I mentioned this, the ultra-paranoid reflexive response I got was “you’ve got to douse it all with gallons of gas to make sure every bit burns completely.” You know, just in case a scrap of sensitive information survives, floats into the air with the ash, and lands in the clutches of one of the hundreds of identity thieves constantly hiding in the forest behind my house.

I think that Windows users have become ultra paranoid about things like viruses (although with good reason) and can’t accept that this is not the way it should be, can’t imagine a world in which operating systems are not vulnerable like this. Yes, market share numbers say (probably overinflatingly) that there are way more Windows targets out there than Mac targets, but that is not the only reason that Windows is the better virus target. The two operating systems are not created equally. UNIX-based operating systems are fundamentally different than Windows. The same easy tricks won’t work. While not impossible to write vicious code to assault a Mac, it’s much harder and, overall, a smaller return on the investment of the vicious coder.

I don’t believe its a matter of Mac users thinking that we are invulnerable by running OS X. I certainly don’t think that. But I can connect to a wireless network in my local coffee shop without breaking out into a cold sweat. I know that I just need to be smart about things — I don’t have to be paranoid. And I don’t have to shell out money to thugs offering me “protection.”

Free Solaris security cert exam beta registration

For you Sun jocks out there, there is an open, free registration for the Sun Certified Security Administrator for Solaris 10 certification beta exam. If you’ve never taken a beta exam, be prepared: they are long. I’m guessing you get to answer every question they have, which makes sense. If you pass (and it’ll be a while before you find out, not instantly as with other exams), you’ll be officially certified, so it is a great opportunity. For details, see Sun’s official page.