Michael Gracie

Sophos just released their latest Security Threat Management Report, and the news is not good for all. Viruses are waning, but malicious malware designed to steal you blind (say financially-oriented trojans) is up dramatically. The Sobers and Netskys of the world still lead the charge, but the face of deliver is simply changing.

Then, in the wake of this news, Sophos (who I feel generally maintains an unbiased reporting approach in order to preserve their credibility), adds the following footnotes to their distribution charts:

For malware…

All of the above malware works on Windows; none is capable of infecting Mac OS X.

and their families…

Again, all of the above malware works on Microsoft Windows; none is capable of infecting the Apple Macintosh operating system.

They go on to say…

“It’s more vital than ever that all organisations use an integrated security solution to protect against intrusion, as well as blocking known and unknown malware. On top of this, hackers seem happy to primarily target Windows users and not spread their wings to other platforms. It seems likely that Macs will continue to be the safer place for computer users for some time to come - something that home users may wish to consider if they’re deliberating about the next computer they should purchase.”

This couldn’t be much more timely. I was recently accused of being a well-crafted shill (for OS X, despite the fact I generally promote Linux side-by-side), and a “clueless machead.” Well, let’s just set the story straight.

I was a Windows user since the days of 3.1, moving to 95, then migrating carefully along the NT-based set. I never got an infection (I spent a hoard of money on protective mechanisms), but since I put my machines through their paces, I saw the “blue screen of death” on numerous occasions. Then I stuffed Linux on my Dell laptop, and I was hooked. My “in-the-know” friends lent a helping hand, while my less inclined colleagues continued to struggle with Windows. I found freedom to do what I wanted with my desktop - but it took time. The ensuing months found me spending more and more of my work day on the Linux side of that tricky little dual-boot, dual-drive Dell, even though that work day was primarily financial in nature.

Then one day, I get handed a Powerbook - told to toy with it on a rainy weekend. I did, and what I found was the best of both worlds, so I bought one myself. I’ve stuff a fresh database server on it, used it to test web apps, compiled Gimp and Ethereal for it, and hoards of other half-fun, half-needed things. And I’ve even protected it with anti-virus software (mostly to prevent passing something on to others). It has never crashed to memory dump or been infected, and I can (surprise) still use it to send email, build financial projections, and write letters. And, Linux is still the platform of choice when bringing a server up.

I can’t help but be biased now, but I’ve put in the hours. I promote OS X because the shit works, and I hate seeing my friends struggle (and I hate reformatting their Windows machines, and reinstalling XP, too, although I do it anyway). I’ve gotten numerous people to switch to Linux (and if it had training wheels, they would have probably stayed). Only one migration to OS X as a result of my preaching (due mostly to cost), but it has stuck. Put in the time, or fork up the dough - both are fine by me.

I don’t own Microsoft or Apple or Red Hat stock either.

***UPDATE***

Regardless of what’s really the case, a battle ensued over at Slashdot, and the arguments were top notch.

And the future is reserved for the minority.

In the wake of the Windows Genuine Advantage “issue,” Peter Cullen, Microsoft’s chief privacy strategist speaks out. Slashdotters are throwing the bullshit flag over it, calling for companies to take the UNIX bull by the horns and screaming for more Linux on the desktop.

I’ve converted half a dozen folks to Linux in the last year. Unfortunately most of them have switched back. Why? Learning something new is just too much work for most people, even if it does mean less hassles from viruses, spyware, and their computers disclosing its contents to some “big brother.”

Microsoft knows this.

***UPDATE***

A call for Linux “training wheels” has been made.

After years of tried and true service in the backoffice and among the highly technical set, UNIX-like operating systems are tooting high tones on the mainstream desktop. I am sure those historically “in the know,” having tackled Linux, OS X and other flavors for their computing needs, are feeling rather smug right now.

But wait! In the midst of “other” operating systems failure to deliver decent security (and maybe even fail to deliver to the store shelves in one piece), all of a sudden threats to the underdogs are being spoke of everywhere.

Does the newfound popularity make Linux and OS X vulnerable to technical attacks, or simply the target of pundits’ attacks?

A proof of concept has been released for a virus that can affect both Windows and Linux machines.

As those systems are attached at the hip, with the majority of desktops running Windows and a slew of servers running Linux, this is not good news.
Read more »

Bill Husted breaks down some needed tools you have to have to stay safe from evildoers lurking on our computer networks. Firewall, anti-virus, anti-spyware, and you are set. But for how long?

“Unfortunately, given the state of computer security, your term of enlistment is for life.

I disagree. A lifetime’s enslavement is only for those who can’t stand change (or just aren’t willing to step out of their comfort zone for a bit). You could prepare yourself for the future by studying the past. Pick a new operating system - one that ends with an “X” instead of starting with it. You might be waiting a long long time for a less “invasive” solution.

I can sit around crying the glories of open source. I can post repeatedly about its benefits, and its momentum. You don’t have to listen.

And it may not matter anymore, as open source now controls ALL the money - or something like that. The Swiss government is switching to Linux.

According to Steven Roemerman, precisely “81% of you are suckers,” and I am going to agree. Fortunately, Steven is no blowhard (like me). Instead of just smearing all of you, he has provided some simple, straightforward tips to keep your [Windows] machine safe from intruders.
Read more »

I have always been a little cautious with my Linux install, not because I don’t trust it, but because I don’t trust those on the outside who might decide to tool with it for less than honorable reasons. So it is nice to see that someone is paying attention to Linux users. While the Vexira Central Command app is designed primarily for mail servers, the product does include embedded anti-virus and anti-spyware functionality as well. Vexira does make a standalone anti-virus product for Linux, but it is still a bit behind - being applicable to the 2.2.X kernel.

I would be interested (and enthused) to see Vexira extend some of this to the desktop. In the meantime, if anyone out there knows of others doing this, please let me know.

DirectRevenue, the ad outfit turned spyware vendor (and name change addict - see Is This Software On Your Hard Drive?) has been sued for alleged computer hijacking. The lawsuit contends that DirectRevenue’s software willfully disregards plaintiffs’ rights to use and enjoy their personal property,” and is purposely damn hard to get rid of as well.
Read more »

A colleague is working on cramming an awful lot of gear into a very tight space, and trying to get it all to run on a custom kernel configuration. But it just doesn’t compare to the following: Linux system squishes into Ethernet connector.
Read more »