Just a Thought - David Pogue Points Out The Windows Paradox
by - October 22nd, 2004
In David Pogue's latest column for the New York Times, titled The Security Paradox, he discusses the odd state of affairs Microsoft and its patch update strategy, and the virus ad worm writers who take advantage of the holes in the Microsoft products the patches are suppose to fix.
Mr. Pogue relays a story in which he was surprised to find out that virus writers usually write and release their malware into the wild only after Microsoft releases a patch for it. Because, as a Microsoft manager explained to him, it isn't the script kiddies and actual virus writers who are finding these flaws in the first place. From the article
Instead, what usually happens is that some brainiac at a university or security firm usually finds the hole, and then notifies Microsoft. Microsoft then puts together a security patch, which it releases to its millions of customers to protect them.
Only then do the hackers and virus writers learn about the security hole and how it works by studying Microsoft's patch. The problem is that it takes weeks or months for Microsoft's patch to get distributed to all those millions of customers. (Three weeks after Microsoft releases a patch, only half of all PC users have installed it, according to an expert interviewed by PC World.) The hackers simply beat Microsoft's fix to your PC's front door.
Therein lies the paradox of which Mr. Pogue speaks. You can read the full article at the New York Times.
So, this is yet another validation of the dictum: If you build it, they will come. In this case, Big Redmond builds the patch and then come the viruses and worms.
As Mr. Pogue points out in his piece, it certainly is a noggin scratcher as to why it is that all of the brain power at the command of Bill Gates has yet to figure a way to make its products more secure.
At the same time, don't let anybody tell that it is more secure by virtue of those endless patches; it seems that the more the folks at Microsoft patch, the more they need to patch. In fact, they have patches for their patches.
We can't believe that no one at Microsoft has the answer to its software security problem. It could be that the guys with the ideas to fix the problems are being overridden by those with other agendas, as is often the case in many large companies. Or perhaps the management at Big Redmond is pinning its hopes on Longhorn, much as it did with XP. In the meantime, Windows users, and the rest of the computer using community suffer.
The really sad thing is that, while there are some individuals, governments, and companies who have decided to explore possibilities beyond Microsoft, the unfortunate truth is that far too many steadfastly refuse to even entertain the notion of jumping the Redmond ship. That means that, at least for the foreseeable future, malware writers will have fertile ground to play in.
is a writer who currently lives in Orlando, FL. He's been a Mac fan since Atari Computers folded, but has worked with computers of nearly every type for 20 years.
Most Recent Columns From Just A Thought
- Apple's New Cards: Aces and Kings? - September 14th
- Power to the People - September 1st
- Too Soon To Zune - August 28th
The Just A Thought Archives
- Mon,8:17 PM
- Apple Plans to be Part of Coming Big Media Changes
- 7:15 PM
- Tim Cook on Poor iPad Sales: ‘It is what it is’
- 6:26 PM
- After Hours Market Likes Apple’s Record Q2 Earnings
- 6:10 PM
- MCX Member Best Buy To Accept Apple Pay
- 5:55 PM
- SKEYE Nano Drone Fits in Your Hand: $34.99
- 5:33 PM
- Tim Cook: Apple Watch Coming to Other Countries in Late June
- 5:15 PM
- Apple Bumps Dividend 11 Percent, Expands Shareholder Returns to $200 Billion
- 5:01 PM
- Apple Reports Record 2nd Quarter with 61.1 Million iPhones Sold
- 2:04 PM
- TMO Daily Observations 2015-04-27: Apple Watch Heart Rate Tracking and Band Limitations
- 11:31 AM
- Here’s the Airlines Supporting Apple Watch
- 10:29 AM
- Discover Coming to Apple Pay this Fall
- 9:28 AM
- Apple’s iTunes Store gets Red Cross Donation Page for Nepal Earthquake Support