So, OK, we Mac and Linux users didn’t completely escape the sobig.f worm unscathed, as some of us are on Windows users’ Outlook address books. (sobig.f spoofs outgoing e-mails with addresses from Outlook, so, for example, it makes it look like I personally mass e-mailed sobig.f to hundreds of thousands of people.) So, not only am I getting the worm mailed to me, I am also getting a ton of bounces from people I have never even heard of. Luckily, Mail.app has learned to treat them as junk mail, and I only have to look at one or two a day now.

OK, this may be a little dishonorable, but a lot of times I’ve escaped from having to fix someone’s Windows computer by saying something along the lines that oh, well, I have a Mac, I haven’t run Windows in years.

Anyway, the Washington Post published an article that squarely puts the blame on the how Windows was designed. “Microsoft Windows: Insecure by Design.” (Link from Slashdot. Not to say that MS purposefully designed Windows to be insecure, just that its legacy makes it inherently insecure.

A lot of people try to pin the blame on the idea that these kinds of catastrophes happen only because Windows is the most dominant OS in the world. Which is only partially true. Sure, Windows owns the lion share of the desktop market. But, on the other hand, most of the Internet is run on UNIX or on a UNIX-like system (i.e., Linux or Mac OS X.) All mission-critical systems, like nuclear power plants, nuclear subs, MRIs, PET scanners, pretty much have to run on a NIX. (Nothing like an enormous magnet going out of control and causing a fire extinguisher to get torn off the wall and fly through the air like an enormous bullet when NT BSODs. Or a how about a nice Chernobyl-like disaster? *shiver) And while there have been exploits that have targeted NIXes and caused some damage (anyone remember that worm back in the late ‘80’s/early ‘90’s), they are few and far between, considering that about 75% of all servers run some sort of *NIX, *and are pretty much accessible to the entire planet.

Now, seriously, though, a lot of these problems would go away if MS just shipped Windows with sane defaults. Such as closing the ports that are easy to exploit. But I think their problem is that they need these ports to be open, not from a technical standpoint, but from a marketing/financial standpoint. (Can we say RPC equals huge backdoor by which MS 0wns your computer?) For example, without RPC (which was targeted by MS Blaster) I think that MS would have a harder time policing your system and making sure you didn’t pirate XP. (I could be wrong. I have never used XP. I really don’t want to touch it unless I absolutely have to, which, hopefully, is never.) I’ve said it before, but Mac OS X and most sane Linux distros have got it right. There is absolutely no good reason to run as root (or its equivalent.) There is absolutely no good reason why you should be able to completely reformat your hard drive by accident, because of a typo.

Anyway.

Wow. This blog is quickly turning into a supergeek adventure. It’s time to switch focus, perhaps.