Journal heironymouscoward's Journal: Plague, prophet, patches, and publicity 1
Last year I predicted that the End was Nigh for the naive Internet based on trust and hope. The weak spot is the Windows DNA, the monoculture that exposes the majority of Internet users to a seething mass of hostile parasitic software programs.
This was my original analysis.
Now, MyDoom seems to be doing what I predicted. OK, chance are that this attack will fail. A bunch of new tools will be developed to root out and kills the worms that sneak in while the virus has opened the doors. A section of the Internet will be marked "infected" and eventually cordoned off.
It's a sign of our total lack of an answer that we blame the users.
"Don't open attachments!" sounds great advice. But it's like "Don't click the wrong button!" What attachments? What the fuck is an attachment? Everything is windows, popups, how can we tell what's hostile, what's normal, what's friendly, what's deadly?
I'm getting emails now with attachments sent as zip files. Inside the zip file is a binary disguised as an html file, a large number of spaces hiding the '.exe' extension. A WinZip exploit...
There is no end to this, no way to educate users to "work correctly". Blaming the user is a standard technique for misdirecting blame, but it's no help in this case.
In my company the difference between the remaining few Windows PCs and the Xandros workstations is striking. On the one hand we have systems infested with spyware, trojans, worms, and occasional viruses. Regular Windows patches, virus scans, elimination of 'easy' email tools like Outlook, spyware cleaners,... all necessary to keep the machines working. On the other hand we have perfectly functional Linux boxes that do what we need and have no issues. None. Zero.
One of my team, using a Windows PC at home, has lost her collection of photos and music at least twice now. Each time she takes her PC back to the shop, where they reinstall XP. (I do not do tech support for Windows boxes. Nope.) This time I will install her Xandros.
I'm impressed how hard-core Windows users can maintain the illusion of survivability, and I'm curious to see how long this lasts for.
Such illusions have a nasty tendency to collapse all at once. It takes only one prominent person, institution, or company to declare that it is replacing all its Windows workstations with Linux. Not because of cost or performance, but because of security. Security. That one word spoken often enough will send millions of people scrabbling for something, anything, to save them from the hell that the Internet has become for them.
I believe that this - more than any banal comparison of price and features, more than any marketing or advocacy, more than any critical mass or industry support - will be the reason that Windows gets wiped off the desktop ("flushed", I call it). I also believe that we are not far from this time. This year, or early next year. Two more serious attacks like MyDoom and the bubble will burst.
Of all the Linux distros I've tried, Xandros is by far and away the best. Definitely a worthy contender for "desktop Linux for 2005". But I suspect that RedHat and SuSE will be more successful, simply because they have been around longer.
Microsoft must be aware of this issue and apart from patches and publicity, they are surely working to find a longer-term solution. But to be honest, I can't think of one that would work except to deprecate the Windows DNA and port their applications and platforms to Linux or *BSD. For their sake and the sake of their clients, I hope this project is well-advanced. The alternative is going to be ghastly.
Well... (Score:2)