Crime Pays

Michael Horowitz has published a list of reasons why the bad guys are winning in IT from the viewpoint of security. He spares no one.
see Computerworld – Michael Horowitz Why the bad guys are winning

Some of my “favourite” items from his list include:

  • 12. Small businesses have no computer techies on staff which makes them ripe for online banking fraud. (sounds a lot like schools where I have worked.)
  • 13. Economics dictates that software will be buggy (Amen. Other priorities than getting it right…)
  • 18. Windows does not do a great job of defending itself
  • 19. Least privilege ( He says “7” is OK for this but XP is not)
  • 20. Windows autorun ( Open door for malware…)
  • 28. Antivirus software (Needs multiple scanners on that other OS to have any hope…)
  • 30. The C programming language refuses to die (Chuckle…)
  • Of course all kinds of human frailty are included in the list and as systems become more complex, human frailty finds more ways to mess up security. My most amazing encounters with human frailty includes ordinary users of that other OS who have collected around 100 random “must have” applications from the web, many of them spyware, spamware or worse. Things like insects to replace the pointer in the GUI, or various “security alert” fixes… I have even been called to a GNU/Linux desktop to help install one of these things. Where is the logic in peoples’ brains which determines that because a PC can run any software it must run all software? That kind of defeats the argument that users seek the best software for the job when there is no job.

    About Robert Pogson

    I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
    This entry was posted in technology. Bookmark the permalink.

    4 Responses to Crime Pays

    1. Dann says:

      They forgot to mention that China basically has full access to the Windows source code base.

    2. twitter says:

      Vista 7 is just as broken as any other version of Windows. There were hacks for it before many users had it and despite the fact that business has wisely stayed away. I’m glad to see an author calling out Windows but they need to do their homework better than this.

      We should not blame the user for things that are clearly the fault of the OS. It’s not the user’s fault when something jumps out of their email preview panel or an advertisement on a web page.

    3. That’s reason number 50 to use a GNU/Linux distro. All those permissions get set to reasonable values in a distro like Debian GNU/Linux.

    4. Brian Page says:

      people forget that the PC that work at doesn’t belong to them.
      administrators forget this too and don’t bother to remove users’ admin rights to their workstations.

      at home, people are their own IT dept.
      this follows suit at work as well.
      then bad decisions made at home get made at work.

      even in large corporations: you’ll get one critical app that requires admin rights to run (thank you M$ and app vendor, I could choke you both) and now users assume the role of IT on their own workstations.

      bad decisions ensue.

    Leave a Reply