What do I mean “… Since 1985″? Go here for a timeline of Microsoft Windows: A history of Windows – Microsoft Windows
I am a Unix / Linux guy writing this article out of sheer frustration, so if one does not like pointed, accurate ranting about that Not A Unix OS to which one may be partial, stop here.
Our company web log, web site, shopping site and forum get hit by varying degrees with SPAM bots, or in some cases possibly paid SPAM shills, signing up for accounts, posting “comments” and sending “track-backs” that aren’t. Constant administration oversight is needed to keep these cleaned up, which is one reason why all comments and track-backs here at The ERACC Web Log are moderated. We see the SPAM so you don’t have to. I also see the occasional SPAM in my e-mail. Even though I have measures in place to mitigate the problem in all these locations, nothing completely stops these annoying SPAM-ing jerks. Invariably, when I trace back the IP addresses of these SPAM attempts with nmap and check the running OS I see something like this:
Running: Microsoft Windows 2003 OS details: Microsoft Windows Server 2003 SP2, Microsoft Windows XP SP2
It seems another technically ignorant Microsoft user, or dare I say “administrator”, has zero clue how to secure an internet facing operating system. (By the way, saying these folk are ignorant is not a slur on their character, because ignorance can be cured.) You see, when a company designs an operating system so mediocre and so “easy” an ignorant person can use it to connect a computer to the internet, you get ignorant people connecting computers to the internet. This in and of itself is not necessarily a Bad Thing™. Unless the operating system in question has flawed design decisions from its inception that leave the OS open to attack when connected to the internet by ignorant users. (Psst, meaning Microsoft Windows from 1985 to now.) Yes, all the Microsoft “guru” types out there are gnashing teeth and insisting Microsoft operating systems can be secured. Yup, I agree. But not by the technically clueless who are coddled by intellect smothering GUI love, which means the majority of Microsoft users.
Too many Microsoft users have been taught the attitude, “I don’t want to have to learn something ‘hard’, I just want this thing to work.” when talking about computer systems. This brings to mind one of my favorite paragraphs from a book I have read more than once:
“Would you fight so with a sword? No? I thought not! You would try to cut your enemy even as his blade split your heart. That is the Angrezi vice; you would rather die than go to the effort of thinking. You are not stupid, but you are lazy —” He touched the side of his head to show what he meant. “You will toil like bullocks with your bodies rather than make your brains sweat.”
Unfortunately, since Microsoft systems always use a brain atrophying GUI for Every Freaking Thing, the ignorant users are usually not taught how to think for themselves. So these people rarely know the hows and whys of network security or how to parse and solve network problems with their own brain. The GUI keeps these poor people ignorant. If “it” is not in a GUI, “it” is not possible or even knowable as far as many of these folks are concerned. Substitute some network security task for “it” in the previous sentence. (Hey, you. Yeah, you over there using that Microsoft OS. That is a multifunction tool called a computer, not a microwave oven or a toaster or a television set. Get an OS that can teach you that.)
Further, when basic design decisions are made that start off without any thought of security for this same operating system you get an operating system that is easy to suborn, regardless of the endless Microsoft Patch Tuesdays. Anti-malware is a bandage at best, because anti-malware is primarily retroactive. Anyone who is honest will admit that there are attacks that get through anti-malware on Microsoft systems all the time. Not every Microsoft system, because eventually the anti-malware vendors catch up. But if one is the first to get a new “infection”, one’s “heuristic” anti-malware has a fair chance of not catching a new malicious package introduced through that “Excellent FaceBook Page!!!11!!” one just visited with Internet Explorer. (For the record, it is not a “PC Virus”, sweetie, it is a “Microsoft Windows Virus”.)
Add to this heinous equation all the clueless Microsoft users and Microsoft “administrators” clicking their way to GUI Nirvana to realize a world-wide network nightmare called Microsoft Bot-nets, Microsoft SPAM relays and other Microsoft related malware spewing sewers. Here have some Microsoft based SPAM, or a Microsoft based DOS attack. Isn’t mediocrity just Totally Sweet?
When a company promotes ease of use mediocrity over security for its operating systems, perhaps its operating systems should not be allowed on the internet. I’m just saying …
Notice: All comments here are approved by a moderator before they will show up. Depending on the time of day this can take several hours. Please be patient and only post comments once. Thank you.