This topic has been explored from the technical standpoint far too many times for me to rehash here, so I’m taking it from the users standpoint.. of course, backed by the technology of it. This arose from a conversation at school today.

One thing I’ve always found a bit interesting is computer security. It’s a well known and accepted fact that there are more successful attacks on Windows than any other operating system. Notice my careful wording. I didn’t say Windows is less secure, and I’ll try not to subliminally hint that I think it is. Oh, there I go.

I’ve come to a conclusion, based 100% upon making up conclusions as I go: Any security system is only as strong as the weakest link, which is almost invariably the user. I believe the vast majority of attacks upon Windows are based off of a strategy not unlike social networking. I’m not sure of the precise term for it.. it’s not the “I’m stuck in Japan, please wire me 5000 euros” deal. But before we go any further, a bit of a history lesson.

Windows’ home flavours, up through Windows XP, ran programs by default as the administrator. As administrator, you have absolute dictatorship over your computer – it’ll follow the instructions in the programs you execute to the letter. If you say you want to delete your Windows folder, it’ll do it. If you say you want to make your CD-ROM drive spin a disk at 1000RPMs until it shatters in your drive.. whatever. It’s the way it had been, and the way it should be — it’s your computer, you better have control over it!

This is a very flawed idea, which is also a well accepted fact. As an administrator, every program you download from the internet to try out gets free reign over your computer. As an administrator, every ActiveX applet on a website you visit in Internet Explorer gets free reign over your computer. That’s right: on a stock Windows machine, if you visit my website and I have an ActiveX control written to do malicious things, you can kiss your computer good bye. (Disclaimer: I’m not that big of a jerk.)

Windows Vista solved this issue. You know all those really annoying (I’ll get back to this) pop ups asking if a program can have administrator rights? In Vista, you’re not an administrator by default. You’re a “user” who is allowed to escalate yourself to an administrator when needed (in most cases), which is a much better way of doing things. As you probably know about me, I don’t really like Windows. However, I’ll admit that Windows Vista was a major step forward in security. That is saying something.

Flip to the other side of the coin and we have UNIX, namely Mac OS X, but really any UNIX. On every (functioning) UNIX box, there’s a user account known as root. Basically, your computers god. UNIX users are scared dead of running anything as root, and they should be. One of the first things you learn using UNIX is that you NEVER log in as root, and only use the sudo command (execute something as root) when it’s absolutely necessary, and you know what it will do. This is essentially the same as Windows Vista’s UAC. I wont point out the fact that UNIX had it 30 years earlier. Oops.

Now, we’ve come to the point where the two operating systems are both pretty well secured. Okay, there are a few holes in both which get regularly fixed, but they’re pretty solid. What’s the difference? The difference is the user and the programs. Everyone and their mother knows how to use Windows, and does, but there are probably people who’d look at you like you should go back to Area 51 if you say you use UNIX. My point is, non-technical users use Windows. They don’t understand the risks of using unsafe software. If a program, malicious or otherwise, says that it conflicts with their antivirus or firewall, they won’t think twice about doing so. For the benefit of the doubt, they probably actually do conflict with the antivirus, but if you’re on a cruise ship and someone says that the big metal thing is blocking their view, do you cut a hole in the hull so they can see the fish better?

The other issue is not as much the users fault, and that’s old program compatibility. Let’s face it, there are people out there who use their computers for nothing more than running Quicken ’97 and buying stuff online from Amazon. Older programs, from before the change in Vista, generally stored their configuration in Program Files, not in the users AppData directory, and they require administrator access to work properly. Okay, that’s fine. I bet Quicken doesn’t have malicious code in it. But Joe or Jane User gets used to clicking “Okay” every time and when they accidentally visit amazin.com (Disclaimer: I don’t know what’s there) and click “Okay”, they take their fate into their hands out of force of habit. I hope that over time as obsolete software gets more obsoleted, this issue will clear up, although general user incompetency will be an issue until nuclear winter.

My opinion (quick, find a grain of salt): UNIX is more secure not only because it was done right the first time, but ultimately because it’s users are more educated in the dangers of malicious code.

Advertisements