Resetting Priorities

67

I was amused earlier this week by the news sweeping the ether-web about the so-called “GodMode” folder present in Windows 7 and 32-bit Vista.

The news in itself was not amusing: the presence of a √ºber-configuration folder for Windows power users seems a useful thing, I must admit. What was amusing was the hoopla generated by the discovery of a hidden Easter egg in Microsoft’s flagship product, while all the while, a much bigger story remains in play.

Microsoft continues to sell consumers an operating system that needs anti-virus protection.

It’s not like they keep it a secret: if you install Windows 7, there’s three things splashed up on the screen for users towards the end of the process: configure the OS, activate the OS, and get anti-virus software.

To me, there’s something fundamentally wrong with knowingly send out a piece of software that’s vulnerable–so vulnerable that you have to tell users your product is unsafe until they get third-party protection.

I can understand releasing something with unknown vulnerabilities–nothing’s perfect, after all. Even Linux distributors recognize that no system is unhackable, and I’ve never heard one claim that their distro is completely secure–just more secure than Windows. Unfortunately, that seems to be a bar that’s very easy to jump over.

Time and again, it is demonstrated that computer users have traded so-called simplicity for security. The ability to download and install any application with just a few clicks is more important, it seems, than keeping personal and business data private.

This is more than a few hard drives getting wiped: in early 2009, the Ponemon Institute estimated that every time a company has a data breach, it costs an average of US$6.6 million to correct the problem. Around the same time last year, Gartner put out a report that put the global price tag for breached systems at US$1 trillion annually.

And yet, here we are, still buying software that is known to be vulnerable and makes it ridiculously easy for viruses to be installed on the operating system. Or Trojans. Or granting so many permissions to a “regular” user that physical compromising a system is child’s play.

With the wave of new Linux-based smartbooks, netbooks, and phones hitting the market, there are still critics who complain about an alleged lack of features in Linux. Even if this notion were accurate, and I am very sure it’s not, let me put the question to them: why would you rather have the latest gadget installed on your system as opposed to personal data security?

As a group, computer and electronics users need to reset their priorities. It’s not about the nifty toys and Easter eggs you can find in Windows. It’s about what personal information malicious users can find in your Windows.

I believe that time is about to come soon, when the widespread dispersal of Linux-based devices will demonstrate that while no system is perfectly secure, there’s a lot of systems that could be switched to something more secure than Windows at a far lower cost than US$1 trillion every year.