Why is Windows so dangerous to use?

Some might think that Windows is safer because it is commercial and not open source. I will show in a few examples why that is completely wrong and it is worse for governments, security agencies, police, hospitals, and any place where data needs to be secure.

The problem starts with a program that is designed to be a master to the machine and as a result a master to the individual that uses the machine. I have worked in the computer business for nearly 40 years and the one thing that a company always asks for is a way to tie the customer to them specifically and reduce the effectiveness of competitors. The problem in Windows is not the fact that it is easy to hack, it is designed to be hacked. Because Windows does not write the device drivers or programs that run on top of the system, they need to allow a vendor or device driver manufacturer a method to completely take over the machine. I have written these drivers and programs and I know that if I have an application on a person's desktop, I OWN the machine in approximately 30/1000 of a second after it starts.

The real problem is that many manufacturers write programs for Windows and the result is that you end up with the same problem, originating from the same cause, as the massive flux of viruses. In Linux the applications are open and when I install a program, anybody can look at the source ( and I always do ) to see if it is doing something I don't like or using me in some way. This is not possible with proprietary code and if you think their nature is to act in your benefit with that advantage, you are very naive.

Government use of Windows is even scarier and if you knew what I know, you would never consider using Windows in any application that involved secure data. I will not cite specific examples as it relates to government or medical data bases, because I don't want to be killed as the messenger bearing bad news.

The secondary problem is that once the companies realize how bad it is and how difficult and costly it is to convert to Linux or other open source code, they also realize it is easier and less costly to pass the damage onto customers. It is a mess and the change to open source is not a walk in the park, but the alternative is the continuous erosion of security to the point that all digital data ultimately becomes corrupt and unusable.

People seem to confuse the fact that data can be secure with an open method and the obfuscation and concealment of the method. The fact that passwords exist and are implemented by comparing is hardly some secret knowledge that allows me to "know" a password because I know that it is checked by comparing. It is like saying "We need to make the methods of brick laying and brick making a secret, because terrorists will use that information to find ways to destroy buildings." That almost seems to make sense ,almost.

ADDED: The difference between Linux and Microsoft can be described very simply. Linux is like a deadbolt lock that anyone can see there at your door and the security is achieved by keeping the key safe, the Microsoft approach is to obscure the mechanism of the lock and leave the keys laying on the ground in front of the door. When people get upset that everyone is breaking into their house, they sell a new lock and then proceed to sell the keys to the criminals and profit on both sides. Ingenious!


jordaenne said...

Hi Paul.
Just dropped in to say HAPPY VALENTINES


see you during my next blogging.

Automated Intelligence

Automated Intelligence
Auftrag der unendlichen LOL katzen