After I posted the story about my First Battle against Malware this year, Doug pinged me with an interesting conversation.

Doug: ugh. your story of your sister’s laptop is awful
Doug: without a windows guru to turn to, what would she have done? just ditch the computer? re-install from scratch?
Me: live with it.
Me: until she could get it to me or Dad, or some computer-savvy friend of hers.
Doug: what a mess
Doug: i’m always amazed at the number of tools required to scrub a windows pc
Me: yea, it’s a major pain.. I was terrified that i would just render the entire system useless (unstable, unsurfable, BSOD-prone)..
Me:but it seems I got it back up to snuff..
Doug: so who’s fault is this? MS IE or Sun Java?

And that got me to thinking, who’s fault is it that Windows is so spyware-prone? In this particular case I think it was Sun‘s, as the avenue for infection seems to have been in Java. But can it be totally Sun’s fault that spyware and viruses spread so easily & bury themselves so deeply in Windows? Also, if I hadn’t been nearby then what would she have done? This is exceptionally interesting since she just matched for a 5-year residency in Arkansas. Next time this happens, what will she do?

Microsoft seems to be oblivious to the entire situation. They keep issuing press releases and reports showing that Windows is just as safe and secure as other systems, even more so at times. Funny, I don’t remember dealing with Spyware on my Linux box. Even now there is a known vulnerability in Internet Explorer with no patch. In classic Microsoft fashion, they have a fix ready to be deployed on the 11th of April, but they claim they’re not seeing any significant attacks, so it must not be a big deal and everything will be just fine. Could this be related to the 3rd party patches that are floating around to fix the problem? Anyone with the knowledge to has already installed them while they wait for Microsoft to release the official patch, which probably reduces the infection numbers. When companies like eEye and Determina are releasing patches for your products, without any source code or documentation to review, shouldn’t that signal perhaps you’re a bit slow? And to make it even worse, today Microsoft announces that recovery from Malware is becoming impossible, frequently just requiring a full reinstall. Is it any surprise then that IT staff would rather just apply the 3rd party patches and risk instability that wait for an infection to come and then have to reformat every computer in the department, or worse the entire company?

So, I have to wonder, whose fault is it that Windows has come to the state it is? It seems the more you look, the more fingers you find pointing back at Microsoft.

Update April 7, 2006:  Just saw an article from Cringley covering something similar, although he gets more into Apple’s involvement with the new Boot Camp.
[tag:spyware][tag:virus][tag:malware][tag:microsoft][tag:security][tag:windows]

Be Sociable, Share!