[Am-info] E-mail virus picks up speed

[Roy Bixler]

On Fri, Jan 03, 2003 at 06:07:04PM +0000, Marcus de Geus wrote:
> In reply to a message from "Mitch Stone" <mitch@accidentalexpert.com> dated
> 2003-01-02 19:08:26 -0800 (Thu):
> 
> > I've never got much milage out of suggesting that using an OS other than
> > Windows is a useful way protecting one's self against virus attacks.
> > Invariably, the response I get is, "If [...] OS was more popular, it
> > would be attacked just as often as Windows."
> 
> My reply to this reponse is, "Sure it would, but it wouldn't be running
> loads of stupid software that lay it open to attack, and so a virus would
> have no effect."

That's right.  The alternatives may be attacked as often but will the
attacks be as successful as they are with Microsoft software?  Another
point to make is that, attacks are less effective if the attacker
can't assume with a great degree of confidence that the target is
running any particular environment such as Windows, MacOS, Linux,
OS/2, etc.  From this standpoint, greater diversity is an advantage.

> I usually try to direct the argument away from Windows per se to focus on
> the Microsoft mindset that A) comes up with a standard system setup that is
> a cracker's delight, and B) is behind the shoddy programming that goes into
> such products as Word and Outlook. It's Microsoft I mind, not just Windows.

Microsoft has harmed computer security by not designing their software
with security needs in mind and by actively discouraging
interoperability.  Of course lack of interoperability enhances their
monopoly but also discourages the diversity that would enhance
security.

R.