POSTS

Screw Microsoft

Blog

Well, the reason you’ve not seen updates in the Philolog or here is because the majority of my time for the last two days has been spent helping keep my company’s mail systems on-line while being hammered by yet another Windows virus.

Yet again (and again (due to the horrible security model underlying the inherently insecure operating systems)), users all across the Internet have been forced to endure network latency, system slowdowns, mangled mail, and missing mail. Thanks for dicking us over, Microsoft.

I took a look at their security tips site which addresses how to maintain your PC / Systems (i.e. patch them, update their scan files) but what are we supposed to do when systems not under our control are leveraged against us? Answer: We can’t do a damn thing, we trust you bozos to do your job and write secure software.

See, this virus took unprotected computers, united them, and then directed them to repropagate themselves. Ever hear of SETI@Home - harnessing millions of computers to work on a problem (in this case processing files to see if there were signs of intelligent life)? Imagine the same style of distributed computing structure attacking a mailing address.

No amount of patching or firewalling could have fixed this - only Microsoft creating an operating system that uses a decent security model could have.

On the up side, no problems on my Mac or my Linux / Unix machines - well except they had to suffer many, many virus propagated / propagating messages. Then again, as they run on secure operating systems, it wasn’t an issue.