joined:Mar 14, 2013
My issue with Windows stems from spending far too much time charging customers for sitting on my butt and watching some utility scan Windows computers for malware. Frankly, it's embarrassing.
My wife and I have an old Windows XP machine that we use for income tax preparation. That machine sits in her sewing room and is only turned on for taxes (and only exists because the tax software requires Windows). Interestingly enough, the tax software we use would work just fine on every version of Windows from XP to 8.1 with no alterations.
Last year I downloaded a new copy of Malwarebytes and installed it and, inevitably, ran a scan. Even though the machine had not been turned on for almost a year, the scan found a few bits and pieces. Then I ran a spybot scanner and it found a few issues. We did our taxes, turned off the machine and went to bed.
The next day a client called and I went out to their site to install and configure a new machine for an existing employee. The machine had Windows 7 on it (almost no businesses use Windows 8 or 8.1 and even though Dell and HP claimed to no longer offer V7 they will when a customer demands it or threatens to go elsewhere. I spent the usual few hours adding the computer to the domain, moving data, re-installing applications, etc.
Then I installed an anti-virus utility and Malwarebytes. Interestingly enough, it was exactly the same Malwarebytes as I had installed the day before on our XP machine. And the spyware app was also the same. They installed the same and worked the same - and found the same types of malware - across a decade and a half of every iteration of Windows.
You cannot do that with MacOS. Nor can you do that with Linux. You might be able to create virtual machines that would accommodate all these iterations but that would require a lot of fiddling.
It didn't even make sense because, as we all know, MS (and MS's partners) make a great deal of money from requiring a new version for every iteration of the OS. Not to mention the money MS makes for the new credentials needed by the techs and the new training so users can learn all the little cosmetic changes. So why would scanning utilities, arguably more complex than simple "programs", work virtually unchanged across such a wide spectrum of OSes?
Then I remembered that MS has a free - but not bundled - malware application of its own. Users have to learn about it and download it and install it separately. Why wouldn't MS just bundle it?
More importanly, why wouldn't MS - presumably with the source code to all of these operating systems - simply FIX the flaws that allow all this malware free reign inside their systems instead of yet-another-add-on?
The answer is simple. I don't think they can without disrupting the business model they've built around their operating systems. I think that a basic decision made in 1994 by Bill Gates when MS was moving from Windows 3 to Windows 95 precludes a simple fix and that decision was perpetuated when they moved from their old DOS-based systems into the NT era in the late 1990s.
Gates did not see the Internet as a big deal. In fact, he was not hesitant to label it as a fad. It was for this reason that the early versions of Windows 95 (and all versions of Windows 3) had no tcp/ip stack. If you ran Windows 3 you had to find your own tcp/ip stack and install it if you wanted Internet access.
Gates thought his market was small businesses (big business used big computers) and home users. People using spreadsheets and word processors who mostly did not need to share files; and if they did, they'd use SMB (Windows for Workgroups) or Novel. The other big market Gates envisioned was video games.
But games needed fast graphics and the only way to get that was to tie the graphics more closely to the core of the OS; what was known then as "ring zero" and now as "kernel mode". Here is a brief essay on the idea of security "rings" (along with an even better commentary at the bottom): [osronline.com
So instead of running in ring 3 (or "user mode") the graphics for Windows 95 was tied to kernel mode; or ring zero. This is a basic difference between *nix and Windows operating systems and this design received a great deal of flack back in the day.
If a hacker can design a program that will bridge the gap between user mode and kernel mode then it will have complete control over that system. And putting graphics in kernel mode facilitates that and explains why we had Windows exploits that loaded and executed by having the victim simply mouse over a pixel on a malicious web site.
Enter NT. In Windows, all the kernels from XP onwards are known as "NT Kernels"; based on "New Technology" and designed in the beginning to operate with RISC (Reduced Instruction Set) CPUs. But because of a need to preserve some backwards compatibility, MS did not execute the change between the older systems and NT perfectly and there are many ways to bridge the gap between user mode and kernel mode in NT.
Here is an excellent essay on just exactly how to do it and why it works on all iterations of Windows from XP through to at least version 7: [blackhat.com
And here is an example of how to do it... with source code: [exploit-db.com
You will notice that last post claims that it will work for all versions of the NT kernel from XP through to version 8.
And here is an explanation of how it all gets handled in Linux: [duartes.org
With all of this data available - and presumably available to Microsoft - one would be led inescapably to wondering why MS has not actually fixed the problem instead of pasting fixes onto the OS as time passed.
I don't know the answer to that other than to speculate that it might have been because of costs, reluctance to force all of its partners to change their products, or some antipathy to losing face. All I know is that Windows is insecure by design.
Apple's original OS for the Mac was also insecure but Steve Jobs was smart enough to bite the bullet and move to OS-X before the situation became critical. And his experience with NEXT led him to the Mach kernel which is, basically, Unix.
So if you have read this far you should understand why all of those "conventional wisdom" remarks are misleading. MS operating systems are not targetted just because they occupy so many desktops... they are targetted because they are easy to crack AND there are lots of them. Linux is not secure because there are fewer of them (really, there are millions of Linux boxes on the Internet and many with static IP addresses) but because the design of *nix makes it much more difficult to crack.