Microsoft deserves no credit

Summary: Criticism of computer security coverage which simply omits Microsoft's role when its software causes a lot of damage but gives Microsoft a positive mention when the same damage is addressed by Microsoft

SECURITY news is distorted for many of the reasons we have covered here before. Glyn Moody recently commented on the MSBBC's failure to name Microsoft or Windows when only Microsoft Windows and other Microsoft products are affected by security problems. Now he writes about "moving beyond the Microsoft monoculture", which is a similar type of rant that says:

One reason that I no longer look at press releases is because nearly all of them in the field of computing make one, huge, annoying assumption: that the entire world uses Microsoft products. This means that the vast majority of press releases are not just irrelevant to my needs, but positively insulting to my worldview.

And there is a particular circle of journalistic hell reserved for PR companies that send out press releases about the very latest terrifying, deadly, apocalyptic virus that I simply *must* know about. Because these too assume that everyone is using Microsoft products, and therefore don't even bother mentioning the rather relevant fact that it is generally *only* those benighted souls still staggering through the Microsoft miasma that are affected.

That omission is not some minor detail, because it blurs the distinction between malware and Windows malware. As a result, it leads non-technical users to assume that malware is a universal and unavoidable fact of computing life, and that you just have to accept that your machine will be trashed every so often, and your bank details stolen once in a while, and that you will always have to fork out what is literally protection money to one of the anti-virus companies for constant updates to their software (unless you know about free software apps like ClamWin, of course.)

"Sorry, we don't sell flash drives anymore" is another new example of what happens when people simply assume that all computers run Windows. To quote the concluding words:

I have a question. What will vendors do once that viruses become more common in, say, memory cards? Of course those will not be perceived as OS problems, either. Are those storage devices going to be banned as well? No wonder why Microsoft could come up with the stupid idea of banning infected computers from the Web...

From the same blog we now have: "Emergency at the University: A PC problem or an OS that is defective?"

On Jan 20th, 2011, I posted an entry on my office network and, jokingly, put up a picture in which viruses were pawning the Windows computers. Well, that picture became prophetic: while the Windows 7 machine gradually collapsed, the XP one became a zombie that got the entire University Internet service in trouble for a whole week. However, my Mandriva box emerged pristine, completely unscathed. This is the account of what happened.

Jeff Hoogland too wrote about the subject some days ago, noting that people who use GNU/Linux have none of the same problems Windows users experience:

I sometimes forget in addition to Windows itself being costly, most people get conned into spending further money on "protection" software.

But the more interesting comment comes from this new blog post which covers an issue we talked about in last night's TechBytes episode. To quote:

Yes, yes. I saw the news. Microsoft disabled a botnet and now applauds itself for carving away 39 percent of the world’s spam.

I’m going to go out on a limb though. I say: If they hadn’t come up with such a long string of sub-par operating systems, thereby inventing both the opportunity to process huge volumes of spam, and the niche markets for anti-spam and security software … well, we wouldn’t have this problem in the first place.

PandaLabs reports that "Creation of New Malware Increases by 26 Percent to Reach More than 73,000 Samples Every Day" and needless to say, they are not talking about GNU/Linux.

It is essential that people start naming that OS and call out Windows when it is clearly Microsoft's fault. Information of this kind should be made explicit, not vaguely implied. ⬆