Metro Newspaper, Perils of Microsoft

In response to an article in Metro, Monday 19th September, 2005 entitled “Spam and bugs 'could wreck Net in 3 years' ”.

Spam and bugs 'could wreck Net in 3 years' by John Higginson

Cyber criminals could render the Internet useless within three to five years experts warn. 

The system's boom era - symbolised by the likes of Google, eBay and Amazon - could be destroyed unless 
urgent action is taken against spam, viruses and fraud, says Microsoft's chief security adviser, Ed Gibson.
.... edited....
Andrew Stringer:-

It is with some concern and amusement that I read about the Microsoft Chief security adviser Ed Gibson's forecast of 
doom in which spam and viruses could wreck the Internet in five years (Metro Monday 19th September, 2005). 
It is in fact the poor quality of Microsoft's own software which is the cause of most of the virus infections 
and spam from hijacked computers.

Internet Explorer in particular has been from it's first version, particularly bad in the security field and 
because Microsoft has taken steps to integrate the browser so deeply into the operating system, this makes 
the whole of Windows vulnerable.

Anti Virus software simply treats the symptoms, not the cause of the disease.

The best advice Mr. Gibson could give windows users is to upgrade to another browser such as Firefox and 
not use Microsoft's Internet Explorer at all. 

Even better advice would be to switch the whole operating system to Linux (or Apple's OSX); users who 
have done this are virtually immune to Windows viruses and spy-ware as well as benefiting from lower 
costs of ownership.

It is the continuing dominance of Windows and the aggressive tactics of Microsoft's marketing department 
and lawyers which actually pose the greatest threat to the future of the Internet.

Mr. Chris Procter writes in reply “Blame the viruses not Microsoft”, (I rather like the idea of being in charge of Propaganda though 8-) )

Chris Procter:-

Andrew Stringer's letter was simply anti-Microsoft propaganda and far from a genuine attempt to resolve the 
problem of viruses infecting the Internet (Metro Wednesday).

I make no claim that Microsoft has the greatest software writers in  the world. However what Microsoft has 
done is provide a consistent platform to open up computing to more than just the enthusiast or professional.
Yes, as Mr Stringer says, Linux is safer than Windows - Windows viruses do not affect it. This isn't magic or 
good design; this is because the two platforms are incompatible. There are only a handful of programs that 
you have on Windows that you can get for Linux.

Linux was created by enthusiasts and, though I concede it is rapidly gaining respect and growing users, it still
commands only a tiny percentage of computer usage in the world. Should it be any surprise that the most widely 
used operating system has more people dedicated to hacking it?

Mr Stringer must concede that if Linux was as dominant as Windows, there would be the same issues with security. 
To prove the point, I draw attention to his suggestion that we should use Mozilla's Firefox browser instead of 
Internet Explorer. A quick look at any IT news website shows a worrying rise in the number of viruses 
targeting Firefox.

Regardless of how strong you make something, if enough people are trying to break it down, they will succeed 
eventually. All software, from every company in the world contains flaws. Just because something is big and 
nearly all powerful, doesn't mean it is all bad.

Actually I don't concede that Linux would experience the same volume of security issues if it's use were more widespread, I'd suggest Mr Procter looks up the “x” bit in permissions for starters.

Sadly Robin Wilson beat me to a reply with “Line up for Linux”, I was rather looking forward to my reply getting published.

Robin Wilson:-

In his defence of Microsoft Windows (Metro Thursday), I do not think Chris Procter understands how Linux is more secure. 
Mr Procter says the world's dominant operating system will have more people 'dedicated to hacking it'. 

I disagree, The Linux Web server program, Apache (which also runs on many other OS's too - AJS), runs 63% of the 
worlds Web servers - Microsoft's Internet Information Server runs only 20%. However Apache has much fewer security 
vulnerabilities than IIS, and crucially they are  fixed quicker.

The reason for this is that Linux is based on the concept of Open Source software. This means the source code for 
Linux is freely available  - and anyone can read and modify it. Compared to Microsoft's closed source 
software, Linux will always be far more secure than any Microsoft equavalant regardless how dominant Linux becomes.

Well said Robin.

This was my (unpublished) reply:-

Dear Sir, 
I'd like to thank Chris Proctor for taking the time to respond to my letter (pub 22nd September) and assure him that my letter was a genuine 
attempt to promote safer computing and in no way "anti Microsoft propaganda". 
I have wasted far too much of my life patching and cleaning up systems that shouldn't require it to want to spend more on a negative, 
anti Microsoft campaign.

I must refute the statement that Linux is incompatible with windows, in fact there is very good computability between Linux and windows, 
but not the other way round because of the way windows is written and licenced. 
Many of the applications which work under linux have versions which work exactly the same under windows with 100% file/data compatibility, 
and a large number have been programmed for Apple's OsX operating system as well. For example, try buying a word processing/office suite 
from Microsoft which guarantees 100% data interchange between systems and will run equally well on windows 98/2000/xp, Apple OsX, Linux and 
less used operating systems such as Sun's Solaris, SGI's IRIX etc... The microsoft produce will only run on one of these and cost 
you £350+ per copy, the open source version will cost £zero, can be run on as many computers as you want and run on more different 
types of systems (www.openoffice.org)-- wider compatibility and a huge saving in cash.

But we are getting off the point of the benefits of Firefox vs Internet Explorer. I cannot disagree more strongly that Firefox running on 
Linux would be as vulnerable as IE on Windows if they were in equal useage. 
To suggest this would be the case demonstrates a complete lack of understanding of how the Linux kernel rigorously enforces security and 
the way the file system enforces permissions & the privilege to run applications.
Yes, there are bugs to be found in Firefox, but it is not just the number which is of interest, the severity of them is actually far 
more important.  As an analogy, if your car were to develop faults whilst you were driving it, which would be more serious, a few 
courtesy lamps failing or a wheel falling off? 

As a technical aside, these are software bugs, not viruses because they are not self replicating.

Andrew Stringer,

corr/metro-21-09-2005.txt · Last modified: 10/10/2013 14:21 (external edit)