This post originated from an RSS feed registered with Java Buzz
by John Topley.
Original Post: Not Having A Blast
Feed Title: John Topley's Weblog
Feed URL: http://johntopley.com/posts.atom
Feed Description: John Topley's Weblog - some articles on Ruby on Rails development.
The MSBlast virus has been in the news
this week as Windows users across the world have been heard cursing Microsoft.
So who's to blame?
The obvious and easy target is Microsoft, with their shoddy products and
dodgy programming. Well that used to be true, but I don't buy that line of
thinking anymore.
The release of Windows
2000 was a watershed event for Microsoft as they made serious strides in
stability that Windows XP and Windows Server 2003 have built upon. A mistake
that Microsoft used to make was that they enabled all features by
default, which meant that Windows had to be explicitly locked down to make it
less susceptible to being attacked—a task well beyond most users. Windows Server 2003 is the
first operating system release from Microsoft where this is not the case and
where the system administrator has to actively enable the services they want to
use, which means that the so-called “attack surface”
of the platform is much smaller.
I'm not naive enough to think that all this means that Microsoft's operating
systems are now perfect. Nothing with the size and scope of Windows can be.
There are numerous flaws in Windows—many of them not yet discovered—which was why Microsoft created Windows Update to enable patches to be
downloaded. Microsoft could have enabled automatic updating by default, but
they're really between a rock and a hard place on this one because a lot of
people are uneasy about the thought of their computer automatically contacting
the mothership in Redmond, and because occasionally bad patches make it
out of the door that actually do more harm than good. I've turned off
automatic updating on my Windows XP box because I like to be in control of what
gets installed on my PC.
Users of other operating systems such as Linux or Mac OS X will tell you
that their computers are invulnerable to these sorts of attacks, which is
nonsense because such claims are untested. People who write viruses and worms
want their handiwork to get noticed, which means targeting the most popular
operating system. With an estimated 80% of the installed base, that
means Windows in its various flavours. Linux, UNIX and OS X are simply
not significant enough for these people to target.
Apart from the author(s) of MSBlast, I think that the average consumer of
Windows is to blame for not applying patches and for not using a firewall.
The excuse is that no one told them that they had to!
Computers are marketed and sold as an appliance that you purchase, maybe
customise a little and then just use until it breaks or you buy a newer one.
They should actually come with the social responsibilities that are attached to
cars.
If you drive a car then it is your responsibility to ensure that your vehicle
is kept in a roadworthy condition. This involves servicing it on a regular
basis. Owning a computer is not a responsibility-free zone. If you own a
personal computer that you connect to a network, then it is your responsibility
to make sure that you practice safe computing and do not jeopardize other
computers on that network. And that includes the Internet: the network of networks.
If you are a Windows user who has been affected by MSBlast or something
similiar, then this is what you need to do to prevent such attacks affecting you
in future:
Visit Windows Update on a
regular basis, or “turn on automatic updates” (search Windows XP
help for the phrase in speech marks.)
Download and install a software firewall such as the free version of ZoneAlarm. The firewall that comes with
Windows XP doesn't quite cut it because it only blocks nasty incoming
traffic.
Buy proper anti-virus software and keep the annual subscription
renewed. I use Norton
AntiVirus which works very well.
Download and install Ad-Aware to
remove any nasty spyware that's lurking on your PC. It's free!