The Mac Observer

Skip navigational links

Just a Thought - David Pogue Points Out The Windows Paradox

by - October 22nd, 2004

In David Pogue's latest column for the New York Times, titled The Security Paradox, he discusses the odd state of affairs Microsoft and its patch update strategy, and the virus ad worm writers who take advantage of the holes in the Microsoft products the patches are suppose to fix.

Mr. Pogue relays a story in which he was surprised to find out that virus writers usually write and release their malware into the wild only after Microsoft releases a patch for it. Because, as a Microsoft manager explained to him, it isn't the script kiddies and actual virus writers who are finding these flaws in the first place. From the article

Instead, what usually happens is that some brainiac at a university or security firm usually finds the hole, and then notifies Microsoft. Microsoft then puts together a security patch, which it releases to its millions of customers to protect them.

Only then do the hackers and virus writers learn about the security hole and how it works — by studying Microsoft's patch. The problem is that it takes weeks or months for Microsoft's patch to get distributed to all those millions of customers. (Three weeks after Microsoft releases a patch, only half of all PC users have installed it, according to an expert interviewed by PC World.) The hackers simply beat Microsoft's fix to your PC's front door.

Therein lies the paradox of which Mr. Pogue speaks. You can read the full article at the New York Times.

So, this is yet another validation of the dictum: If you build it, they will come. In this case, Big Redmond builds the patch and then come the viruses and worms.

As Mr. Pogue points out in his piece, it certainly is a noggin scratcher as to why it is that all of the brain power at the command of Bill Gates has yet to figure a way to make its products more secure.

At the same time, don't let anybody tell that it is more secure by virtue of those endless patches; it seems that the more the folks at Microsoft patch, the more they need to patch. In fact, they have patches for their patches.

We can't believe that no one at Microsoft has the answer to its software security problem. It could be that the guys with the ideas to fix the problems are being overridden by those with other agendas, as is often the case in many large companies. Or perhaps the management at Big Redmond is pinning its hopes on Longhorn, much as it did with XP. In the meantime, Windows users, and the rest of the computer using community suffer.

The really sad thing is that, while there are some individuals, governments, and companies who have decided to explore possibilities beyond Microsoft, the unfortunate truth is that far too many steadfastly refuse to even entertain the notion of jumping the Redmond ship. That means that, at least for the foreseeable future, malware writers will have fertile ground to play in.

is a writer who currently lives in Orlando, FL. He's been a Mac fan since Atari Computers folded, but has worked with computers of nearly every type for 20 years.

You can send your comments directly to me, or you can also post your comments below.

Most Recent Columns From Just A Thought

The Just A Thought Archives

Recent TMO Headlines - Updated October 25th

Mon, 6:43 PM
Apple Fixes Two-Factor Authentication Setup Bug
Mon, 6:22 PM
Anticipation and Joy: Abusing Autonomous Cars For Fun
Mon, 6:10 PM
Dyn DDoS Attack Shows IoT's Inherent Security Weakness
Mon, 3:46 PM
TMO Background Mode: Interview with Author and Podcaster David Sparks
Mon, 2:05 PM
Apple Releases watchOS 3.1 with Charging Fix, Message Effects Improvements, More
Mon, 1:51 PM
Apple Releases macOS Sierra 10.12.1 with Improved Apple Watch Unlock, More
Mon, 1:45 PM
TMO Daily Observations 2016-10-24: DDOS Attacks, Internet of Things, and HomeKit Security
Mon, 1:20 PM
Apple Releases iOS 10.1 with Portrait Camera for iPhone 7 Plus, Replay iMessage Effects, More
Mon, 11:32 AM
AT&T to Buy Time Warner in $85.4B Deal
Mon, 9:00 AM
Shimo VPN Client for Mac: $19
Mon, 8:00 AM
How to Fix Apple Watch Contact Syncing Problems
Sun, 12:04 PM
MGG 628: Cool Stuff Found and The DNS Achilles Heel
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!