💾 Archived View for gem.trechnex.com › posts › winban-inet.gmi captured on 2023-01-29 at 15:58:14. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-06-03)
-=-=-=-=-=-=-
19th August 2009
This blog post was originally a rebuttal to a pair of spicy blog posts that suggested Windows users should be banned from the Internet to protect everyone else from DDoS attacks. Publishing "hot takes" for boosted social media engagement was still quite a novel concept at the time, and both of them have since been taken down by their authors.
Recent articles in the tech world from sites like "ComputerWorld" and "VistaReadyGames" have been suggesting this harsh and radical idea. Recent distributed denial-of-service (or "DDoS") attacks from Windows PCs that took down Twitter, Facebook and other social networking sites "could" lead the technology industry to consider Windows completely unsafe and close our web servers off from them.
But is blocking Windows users actually a good course of action, and could it even be achieved if the technology industry actually tried it?
https://en.wikipedia.org/wiki/Denial-of-service_attack
The most common argument posed to excuse Windows security problems is that as the dominant operating system (or "OS"), it is naturally the main target of malicious hackers.
https://en.wikipedia.org/wiki/Operating_system
https://en.wikipedia.org/wiki/Microsoft_Windows
That is true to an extent, but as the market leader, Microsoft also gains the benefit of the top security software companies in the industry providing their expertise. The key issue here is generally the actions of the end user. I am not saying that Microsoft is totally blameless here, but as we will see in subsequent sections there are several good reasons why Windows systems are often less secure than they should be.
We all saw the outcry when Windows Vista was released and the world cried, "Hey! My old software doesn't work anymore. This operating system is terrible!"
The result is that deprecated and known-to-be-vulnerable components of legacy Windows have to be maintained for compatibility purposes, and then subsequently patched and re-patched for each vulnerability. Non-techies then happily run their bug-riddled software, and in their blissful ignorance wonder why they have to download updates all the time.
Microsoft has tried to remedy these problems to an extent by flagging up an absence of security software, rewriting much of the kernel in their latest release, and offering an "XP compatibility mode" in a packaged virtual machine instead of just baking it into the operating system; But Windows will still have many of these problems moving into the future, as there is no obvious solution to the problem.
https://en.wikipedia.org/wiki/Windows_Vista
https://www.howtogeek.com/howto/5460/our-look-at-xp-mode-in-windows-7/
Despite recent campaigns such as ie6nomore.com (there are over 70 sites of a similar ilk), at the time of writing, Internet Explorer 6 still remains extremely popular. It is a relic of the last browser war where Netscape Navigator was squeezed out of existence. Microsoft has not been innovative with the default web browser on Windows since the turn of the millennium, and as a result Internet Explorer 6 is the chief cause of most security problems, because malicious sites target that browser specifically.
Microsoft moved to Internet Explorer 7 by default for Vista, but the corporation cannot force Windows XP users to upgrade Internet Explorer 6 until they finally deprecate Windows XP itself.
https://en.wikipedia.org/wiki/Internet_Explorer
https://en.wikipedia.org/wiki/Windows_XP
Despite the best efforts of computer stores like "PC World", and other boutiques' sales teams' attempts to sell expensive copies of "Norton 360" and "McAfee Security Suite" with all new Windows machines, at the time of writing most non-techies do not seem to have adequate security software installed. This is not always intentional, and is usually the product of ignorance, or failing to renew subscriptions once their protection has expired.
https://en.wikipedia.org/wiki/PC_World_(retailer)
https://en.wikipedia.org/wiki/Norton_360
https://en.wikipedia.org/wiki/McAfee
These are also the people that will open random emails with dodgy attachments, (ironically) run bogus anti-virus checkers on the net, and click 'OK' on every pop-up. Unless someone who knows better tells them otherwise, they will continue to do this.
Microsoft has added security notifications to nag people about not having adequate security, but unfortunately that does not work in the majority of cases, as it does not motivate people to protect themselves.
Windows is not the whole problem. Microsoft is making the operating system that the majority of people want and use on a daily basis. Unfortunately for the wider Internet, the majority of Windows users seem to be non-IT literate people that demand everything works without hassle, whatever the consequences, and understandably so.
The answer is **NOT** to ask everyone to buy a Mac, or install Linux over their Windows partition. Nor is it the answer to filter every Windows user from the internet, which would be a logistical nightmare and take out the vast majority every-day users. (Although I suppose it would please a subset of Linux users that want to live in their own special corner of the Internet!)
The answer is to ensure that Microsoft sells Windows with sensible security defaults, and for the technology industry to educate ordinary people about the security implications of what they are doing with their computer. As non-techies use their laptop, they should be regularly directed to install security software. If the people around you do not want to pay, then you can suggest free alternatives that they can download from the net. Those solutions can often be just as good as the commercial packages, and in the worst case they are at least better than nothing.
If all else fails with one of your relatives, you could act like an insurance salesman and point them at a folder of their beloved family photos (which won't be backed up), and while they are reminiscing, remind them about what could happen if they don't install security software. Persistence is the key, because unless people are actually motivated to protect themselves, they will probably not!
Those of us that work in the technology industry, or tinker with computers for a hobby, can also post reminders in our forum signatures, personal websites and social networking profiles that Internet Explorer 6 users need to update their browser. Many people do not even know what a browser is, and may just assume that "the blue E" is the only way to access the Internet, so this may educate them without being patronising. If everywhere a non-techie user looks on the net views their browser with disdain and tells them to fix it, then they will do exactly what most consumers always do in that situation: get a new one. Even if they stick with Internet Explorer instead of switching to Mozilla Firefox (or the newer Google Chrome), then there will be a wider awareness for users about what a browser is, and why online security matters.
https://en.wikipedia.org/wiki/Firefox
https://en.wikipedia.org/wiki/Google_Chrome
If Windows 7 sees the rush that we are all expecting from the hype, Internet Explorer 8 might render all of this a moot point; But in the meantime it is important to send people the message that Internet Explorer 6 is dead, and they need to switch to something else.