Opinion: The crackers currently have the whip hand over Windows, and Microsoft's assertion that Internet Explorer is now part of the operating system shows its flawed reasoning.
Worried sick about the latest rash of Internet Explorer security problems? I have the perfect solution for you, one thats even better than switching to Mozilla, Firefox or Opera. Switch operating systems: Go to Linux.
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS.
The Microsoft apologists next cry about how if these alternative operating systems or open-source programs were as popular as Microsoft programs were, their users would be in just as much trouble.
Really? Lets look at the latest security news about Internet Explorer and Mozilla Firefox. Microsofts fix
for one of the latest Internet Explorer holes was to deactivate the broken part, ADODB.Stream. Some fix.
The folks in Redmond still dont have solutions to IEs other problems, and they cant even give users a straight answer
on when you can expect a fix.
Yes, it appears that XP SP2 will take care of this set of problems, but what about people using other versions of Windows? Will there be a similar broad-ranging patch for them? They sure wont be getting an updated version of Internet Explorer, since Microsoft has made it clear that there will no future standalone versions of IE because IE is now part of the operating system.
That, of course, is part of the problem and an example of the kind of fundamentally flawed thinking that ensures that Windows will never be a truly secure operating system. A browser, which has no other purpose in life than to be a window to the world outside the local computer, should never
be part of the operating system.
Now, lets look at the latest Mozilla bug.
This bug affects the Mozilla suite, the Firefox browser and the Thunderbird e-mail client. Just like the IE ones, it enabled crackers to run remote programs on Windows computersno othersand it had been described in theory long before anyone demonstrated an exploit for it.
Security Center Editor Larry Seltzer takes a different view of the bug in Mozilla on Windows. Click here to read more.
In early July, a way was shown on how to exploit the problem. By July 7, it was fixed. IE bugs? Still unfixed.
You know there might be something to this whole notion
that open source speeds up security development.
What I find especially funny about this, though, is that the problem really wasnt with Mozilla in the first place. Mozilla simply revealed an XP holethat Web pages could invoke the "shell:" program, which in turn would let a cracker run pretty much any program they wanted. Not good.
Yes, other browsers wouldnt let you get at this hole, but my point is that while Mozilla did provide a keysince destroyedMicrosoft put the keyhole there in the first place. Heck, Microsoft knew there were problems with "shell:" a year ago
and its still not patched. Now, Microsoft plans to close this hole in SP2.
Hmmm ... let me see now. It took open-source programmers less than a day to fix it, Microsoft programmers still havent fixed the real problem, and its been more than a year. I know which record Im more impressed by!
Want to stop the Windows security and patch management madness for good? Its simple: Get a good Linux desktop.
Next page: A Linux desktop for you.