I wrote a brief and sarcastic piece on The Homeland Security software virus initiative the other day. But the more I thought about it, the more the system bothers me and my flip response seems woefully inadequate. Thus I have no other choice but to do it again.

First, I am a MAC User. I have been for about 15 years. My conversion from PC user was swift and unquestioned. There are currently 4 MACS in my house, and one on my desk at work (actually it's under the desk but who's counting). At the company where I work there are about 500 PC and 15 MACS. My friend in the IT department estimates that they have spent about 2800 to 3000 man hours in the last year on virus relates issues. How much of the anti-virus time was spent on the MACS? About 15 minutes. Which is how long it took to explain to the head of the IT department that MACS running OS X are not affected by viruses.

The argument used to be that Apple's Market share was too small to be of interest to virus creators. That may have been and may still be true. But the technological truth is it would not be possible to write a virus for a MAC running OS X.

Why? Well for the PC folks here's the simple answer. To install any executable piece of code on a MAC running OSX you need to authenticate with and administrator name and password. Even if you are logged on as the administrator - heck even if you are logged on as the Root User with god like powers of every aspect of the system - you must authenticate to install. Since there is no way for a virus to know the admin username and password it can't install anythng.

This is one of the things I love about the MAC. It is one of the reasons why I fought fiercely when the IT department wanted to switch my group to PCs.

Another bit of accepted wisdom is that MACs are more expensive than PCs. I have paid that premium to own my MACs and to buy the upgrades to the operating system. I have paid that money in part to be free from worrying about viruses. Now I am being forced to pay for a Federal system created to cope with the problems created by the poor security of an operating system I chose not to buy.

I can hear the argument that this is a matter of Homeland Security and that we all must be willing to make sacrifices to ensure the safety of the nation. In my opinion I already have. Now I am forced to contribute tax dollars to help deal with problems caused by the multitudinous holes in Windows security functions that are readily exploited by sociopathic geeks with some minimal talent for writing code.

If this is truly a matter of Homeland Security worthy of a response on the scale of US-CERT then why doesn't Tom Ridge and company go to the source of the problem and pay a little visit to the folks in Redmond. These people, aka Microsoft, have flooded the marketplace with an operating system with security approaching the level of that on our borders. I want to see news coverage of Ridge and Ashcroft sitting down with Gates and Balmer and telling them "Look, the weak security of your operating system has created an area of national vulnerability. You need to do something about it. Now. Not only will we not protect you from the consequences this situation creates, we will be part of the consequences."

This will never happen of course. Instead, my tax dollars are being spent to bail Microsoft out of taking any responsibility. In the entire US-CERT website I did not find any mention of Microsoft or its Windows operating system as being a part of the problem or a part of the solution. So I am going to take the only action open to me. I am going to sign up for US-CERT Cyber Security Alerts. Now every time I get a notice of another Cyber Attack I can sit back and enjoy a a safe, secure OS X chuckle. I have many good friends who are PC users and I hate to be laughing at their expense but they chose their operating sytem as freely as I did.

Posted by: Stephen Macklin at 01:21 AM | No Comments | Add Comment