Steven J. Vaughan-Nichols has decided that he has figured out how to save the internet from DDoS attacks and other nefarious actions happening inside the various tubes of the intardnet. His proposal? Kick Windows off of the web. His reasoning is along the lines that Windows is terribly insecure and linux is impervious to bad people.
After his attention grabbing headline, used to ensure that he’s gotten you all riled up, he completely dismisses his proposal and waters it down to “patch your OS before being allowed on the web”.
Regardless, his points concerning the inferiority of Windows made me smile. People being completely wrong tend to elicit that reaction from me.
You see, there’s nothing wrong with Windows. The problem lies with the user. It’s why he had to completely backtrack on his post. Even he knows it. Patched and being used by a person with a minimum of common sense, Windows is quite safe from attacks. I’ve run Windows on at least two of my computers for over 15 years and have yet to take part in a botnet. This is not because my Windows is safer than others’ installs. It’s because I’m not a retard.
My second issue is his assumption that switching to linux and Mac would be a better move because they are so much safer. I have to patch my linux servers at least weekly because of vulnerabilities found in the OS. I patch apache/mysql/etc more often because of course it’s the most common gateway for entrance. Desktop installations are no better. Remember the thousands of flavors that make linux so great? Well, guess what? Some of those flavors are customized for user convenience and go to trouble to remove some of the safeguards that are supposed to protect the user. My current Dreamlinux install doesn’t ask for a password once when I run something as administrator via sudo. I am more vulnerable on it than I am on my Windows install.
Linux is safer because nobody in their right mind would spend the time required to write a bot script for an OS that enjoys less than 1% of the desktop landscape. The return on investment predicts that the dividends would be a little lacking. If linux enjoyed 95% of the market share, we would have botnets consisting of linux computers. We would have that because the OS is not what dictates security, it’s the user. Users don’t patch. Users will run flavors with lax security standards. Users will visit and download content that they shouldn’t.
Users can fuck up any operating system you hand them, linux included.