10 Lessons Google Must Learn About OS Security

By Don Reisinger  |  Posted 2009-11-19 Print this article Print

News Analysis: Google is new to the operating system market, so it has to demonstrate that it understands how to build and maintain a secure Web OS. The history of Windows security has shown there are many avenues of attack against a desktop operating system. There are even more potential attack strategies for an online OS. But whether Google has learned the many hard lessons of Web security is very much in doubt at this point.

Much has been made of Google's intentions in the operating system space. The company has made it clear that it wants its products to be used on netbooks. It wants to be the first major company to deliver an online operating system that can compete with the likes of Windows 7 Starter Edition and Linux distributions. But is Google really prepared for the challenges that await it? Creating and maintaining an operating system is a dirty business. It takes a lot of effort and understanding of what malware producers are trying to do.

Realizing that, Google needs to be prepared. It needs to understand that how well it secures the online world means nothing when it comes to operating system security. Sure, its creation will be an online OS, which makes it a little different from Windows or Mac OS X, but the basic premise remains: Malicious hackers want to take control over operating systems for their own financial gain. It's sad, but true.

That's why Google must learn some basic lessons if it wants to be successful in the OS space. Here are some lessons that Google will definitely need to face:

1. Malicious hackers want in

The first lesson Google must learn is that malicious hackers want to hit as many computers and their users as possible. For the most part, that has meant that they've focused their time on Windows. But as Mac OS X gains in popularity, they have switched gears to also target Apple's operating system. Given the hype and fanfare that will undoubtedly surround Chrome OS, it's not beyond the realm of possibility for Google to have to face many more malicious hackers than it might expect. They want in. There's no doubt about it.

2. Users need all the help they can get

When it comes to operating system security, some of the blame can be placed on users. They click on attachments they shouldn't, they open links to unknown places and much more. Realizing that, Google needs to do what Microsoft and Apple have done and make Chrome OS as simple as possible. Important security matters should be handled by the software. Users simply can't be trusted to make the right decisions.

3. Nothing is totally secure

It's easy for software vendors to say that their operating systems are the most secure on the market, but it's even more important for them to acknowledge that no matter how safe an operating system might be, it's never totally secure. Overconfidence could get Google into trouble. Is the operating system secure? Sure. But be ready for exploits. They will be coming.

4. Google presents a big target

Google should also realize that it's a major target. The hacker community is not fond of Google. The community considers Google, like Microsoft, to be a major target that it wants to take down. So far, hackers haven't been all that successful with the company's search and online products. But that could all change when Google attempts to maintain security on an operating system. Watch out, Google.

Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel