Tuesday, February 22, 2005

Grudges and Security

After spending half of my day off mending my neighbor’s broken PC, and then later trying to watch the latest trailer to The Hitchhiker’s Guide to the Galaxy, I have a few grievances to air.

First: Internet Explorer is inherently vulnerable to exploitation. This became clear as I tried to run Windows Update on my neighbor’s computer. When I started, the browser had been compromised by several malware applications, but it occurred to me that I was using this weakened browser to improve the security of the machine. The simple fact is that IE is designed to install software on the computer, and that’s far more than you should ever trust a browser to do.

Windows Update should not use IE. It would be easy for Microsoft to write a stand alone program that could do the updating (they use a separate program now, but it must run in IE), which would free their browser to be a significantly scaled down tool for browsing the web, instead of a tool for websites to browse your computer.

I think that if IE were to cut back in its abilities, that some corporate IT groups would be disappointed at their new inability to control their users’ computers. Hopefully, they would eventually realize that the greater level of security makes up for any inconvenience. Microsoft, on the other hand, will not likely choose to limit their ability to access our machines.

Second: Quicktime is an okay media player. My brother loves it, and fortunately it doesn’t generally disappoint. I like that it allows for frame by frame advance and rewind (try to get Windows Media player or Real player to do that), and it’s the only media plugin that (with the professional version) sometimes allows you to save movies that are played with it. I don’t like how it installs a TSR that runs on startup, and I find that it can’t handle nearly as many media types as Windows Media player (for the record, I don’t think that any player has had the versitility that Media Player 2 had). Still, nothing else can play .mov files, so Quicktime has its place.

My beef is that you can no longer download Quicktime by itself. It now comes bundled with Apple’s media management program iTunes. I have not ever had a good experience with iTunes (I used it to install some stuff on my sister-in-law’s iPod), and if I had really wanted to have a bulky, bloated media manager, I would use Music Match. If I ever had an iPod, I would look long and far for another way to put music on it (in a way that could be played back, that is).

I have one other point to make. I just finished reading a tutorial titled “How to fix Mom’s computer”. It has six general steps to take to remove malware and viruses from a windows PC, and to give it a bit of protection from future infection. I also read through the (extensive) comments that followed. Some were helpful, listing other programs that might be used (I was amazed at how many anti-spyware utilities are out there) or giving tips on timing or ways to remove persistent bugs. A huge number of comments said basically, “Buy her a Mac.” These comments generally missed several points:

1) The repair techniques in the article cost nothing to implement, other than time (they argued that the repair time was valuable enough that it justified buying a Mac, but in reality your non-billable hours can’t be counted the same as your billable hours).

2) They believed that Macs are secure based on the anecdotal evidence that they haven’t had any viruses or spyware.

3) There is a lot of software that is only available for the PC, making it difficult to switch.

4) If you really want to run a secure OS, just install a free version of Linux and get all the goodness of OSX without buying new hardware or software, and with a more Windows-like interface to boot.

In the end, the Mac/Windows debate is not a trivial one. I feel a bit like a bully by arguing for the gorilla of operating systems, but those Mac users were so arrogant and snobby that I just couldn’t go on without some form of rebuttal.

I’ve been reading a book about encryption, which at times addresses a number of issues relevant to security in general. One important realization is that an insecure system is far more dangerous than no security whatsoever. This is both a strength and a weakness for Windows. It is a strength because many Windows users are fully aware that they are using an insecure system, and therefore they take secondary measures to protect themselves and their systems. The downside is that most Windows users are lulled into a false sense of security and, like my neighbor, are in fact totally exposed. Mac users almost all believe that their systems are totally secure, unlike their benighted, Windoze using friends.

This is Eric, reporting live from my soapbox.

No comments: