May 4, 2002

MS security causes sad day

Life sucks when: You have to pull an e-mail account that you manage from service. Particularly when this account is for your Dad. My Dad can be reached at Tom and I will be keeping Thomas. The TJV account is closed.

Why you ask? The account was hacked with the klez virus. He cleaned his hard drive, as he had no choice it or another virus took the hard drive out. He took another hard drive and put it in that machine and started fresh. This may have also infected his new laptop. Yes, all of these machines run Windows (the swiss cheese security system). My dad is more than computer savvy and Windows is not a consumer OS, as it is nothing more than an e-mail away from destroying everything digital you own (among many other issues, which I spend hours assisting friends and relatives with their continual problems with the MS OS). Microsoft continues to lie about its focus on security and the basic problem is the OS itself, it is not secure and it seems it will never be secure. UNIX has some issues, but has many more years of development under its belt, which is why is far more secure. UNIX variants (Apple Mac OS X, Linux, BSD, etc.) all have the advantage of years of experience and advanced developers working on the OS.

Keeping a MS box secure requires somebody with a lot of experience and they are not cheap. The MS total cost of ownership being lower than UNIX is a myth and unfounded. If you have MS open to the outside world (Internet server, DSL at home, or unfiltered (through virus scanner) e-mail, etc.) you need an MS security expert focussed on ensuring the sanctity of whatever is considered valuable on the MS boxes. This person will cost as much, if not more, than a senior UNIX systems administrator (who are, by and large, veterans in UNIX security also as it comes with the territory).

Too many folks (that are near and dear to me) have had MS servers hacked or been victims of viruses in the past couple of weeks. Granted the MS boxes hacked may not have been watched over by MS security experts, but that is what it takes.

Making choices, as far as what language to develop Internet applications, should keep in mind lock in factors. A UNIX only or a Microsoft only solution that requires the application be only run on a certain type of server has never been a great idea. This becomes even more apparent now. In my opinion this has never been a good option. Fortunately, there are many more options available that run on nearly all OS platforms. These include: Perl, PHP, Java (JSP), Python, ColdFusion, etc. Each of these languages have their own plusses and minuses, but if a certain OS platform becomes an unavailable option the applications can relatively easily be moved to another OS. This is not the case with ASP, and even less so the .Net framework (as noted before. Sure ASP can use ChiliSoft, but that is a very short term solution (as you know if you have ever had to use it, it buys you time to recode everything into a portable application language) and requires double to triple the hardware resources to run it compared to ASP on MS or any other language running natively.

All of this is just the beginning of the reasons why I most likely have bought my last Windows machine. The other reasons fall into the areas of trust and pricing. This explanation may follow soon.



Web Mentions

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License.