Spoutin' Off: Blame Microsoft for the latest worm
By Michael E. Rau
August 22 2005
Holy cow! Here we go again! A slimy worm called Zotob is slithering its way through Windows networks worldwide, giving IT managers headaches that will probably surpass the pain caused by 2003's Blaster worm outbreak.
Why does this keep happening?
In a word: Microsoft.
Accuse me of Microsoft-bashing if you will, but before you do, consider this: If everyone replaced their Windows operating systems tomorrow with pretty much any other OS (Linux, Mac, Solaris, Unix, etc.), there would be no problem with worms or viruses ... Period.
Every security flaw that every worm or virus exploits is inherent in Windows. Occasionally you'll read something from some Windows sycophant who tries to convince everyone that the only reason for this condition is that virus and worm creators focus on Windows because of its market dominance.
This is a ridiculous notion. Malware writers target Windows because doing so is like shooting fish in a barrel. The very security flaws which purveyors of viruses and worms exploit simply don't exist in other operating systems. Even Vista, their new OS that's 18 months away from release, has been found to have security flaws!
They just don't get it.
The reason for this is cultural. Microsoft is like a lost inbred tribe which exhibits undesirable traits because of a lack of genetic diversity. Bill Gates has always believed in dominating the market through corporate imperialism, or any other means available, rather than simply "building a better mousetrap."
There is no type of application which Microsoft sells for which there isn't a superior counterpart created by someone else. There are countless examples of circumstances where Microsoft, rather than choosing to compete, instead acquires companies working on superior technology by throwing money at them. Then, rather than integrating the acquired technology into their systems, they simply dispose of it like so much effluent.
Occasionally they simply crush their competition by force, such as with their conquering of the browser market by beating Netscape into a bloody pulp (with aid and comfort provided by our federal government - bravo to the European Union for having the guts to stand up to them).
Even applications written by third-party companies to run on Windows systems suffer from this culture. Microsoft's obsession with domination rather than competition leads them to keep large chunks of the underlying code for Windows secret. These are mostly the parts of their code which allow their own applications to integrate and operate with Windows more efficiently than their third-party counterparts.
Ironically, the very parts of Windows code that create the enhanced interoperability among Microsoft applications and Windows are the main sources of exploitable security flaws. What I fail to understand is why the rest of corporate America continues to support these inferior products. Yes, there are some types of applications, most being fairly specialized, which are currently only ported to run on Windows, but this could change quickly with a little more support from the business community.
Despite the Microsofties' desire to make you believe that available types of applications for other operating systems are scarce, nothing could be further from the truth. Yes, certain brands of software for other OSes aren't available, but quality counterparts likely are.
The open-source community of developers is an astonishing pool of talent just waiting to be tapped. If a company that makes a Windows-only application were to take a little initiative, they could probably contract some of these folks to port their application to Linux, which is just a step away from Unix and Solaris, and maybe two steps away from Mac OSX.
For those companies not inclined to invest in new hardware and need Windows to run a proprietary application, they can still secure their systems quite easily. They need only to partition their hard drives, install Linux or Solaris, along with a desktop interface, and then use these to perform all tasks that don't require the specialized application.
Even choosing to run only their Internet applications from a non-Windows operating system would completely change the security environment of the World Wide Web. Superior Web browsers and email clients are readily available and taking Windows out of the mix would close virtually every current security vulnerability.
If a large enough segment of the corporate community would take this basic step, maybe Microsoft would change their tune, but I doubt it.
They'd have to embrace the universality of the global computing community, which they currently treat with such contempt, by evolving into an open culture, and they'd have to set a goal of competing through creation of superior products rather than subjugation and acquisition.
In the meantime, if you're an IT manager and want to do your part to make the wired world more secure, dump Windows now! At the very least, move your Internet activities to a platform that doesn't guarantee the proliferation of security holes through which you could drive a Mack truck.
Michael Rau is a mass-communications consultant in Virginia Beach. To send feedback or view past columns, visit http://dailypress.asoundidea.com
Copyright © 2005, Daily Press