Microsoft CEO Steve Ballmer is highly skilled at being “a little cocky” as he trumpets the global desktop dominance of his company’s Windows operating system.
“Ninety-five percent of the world’s computers run Windows,” Ballmer proudly told an audience of students at Sweden’s Royal Institute of Technology on Monday. “They don’t run Mac, they don’t run Linux.”
Microsoft is also very good at suggesting that Windows malware is an industry problem rather than one that’s a direct result of its own lax security.
1. It’s a Monoculture
If Steve is to be believed, 95 percent of the world’s desktop computers run Windows. That, in biological terms, is what we call a “monoculture,” meaning that there is an overwhelming predominance of one particular species.
Such a condition is generally toxic in biology–introduce a single pathogen known to affect the leading species, and you wipe out them all!–and so it is, too, in the world of computers. What could make life easier for a malicious hacker than knowing she’ll hit the majority of the world’s computers with a single worm?
Linux, by contrast, offers considerable strength in its diversity. Not only are there myriad distributions of Linux, but there are also multiple shells, packaging systems, mail clients and even underlying architectures in use, making it much harder for malware to hit more than a small proportion. Sorry, bad hackers!
2. Permissions
It’s inevitable that human computer users are going to forget what they should do, or maybe even deliberately ignore the “should” in favor of what they want right now–like porn, pictures of cute kittens, or whatever.
On Linux, that’s OK, because their computer accounts are looking out for them. Even if they slip and click on that malicious link, the most any malware can do is trash their individual computer and files.
Windows? Well, the picture’s not so rosy. In fact, Windows users are pretty much given administrator access by default. So, a momentary human weakness can lead to widespread devastation starting with a single computer.
Microsoft’s proposal about isolating affected computers is like closing the barn door after the horses have escaped. Hint: It’s before they go that you need to do that, Microsoft–like when you’re establishing permissions to begin with.
3. Closed Code
No one but Microsoft developers can see Windows code. Some may argue that that makes it more secure–the bad guys can’t see it, right?
Wrong. It’s a proven fact that open code improves security by enabling the countless good guys around the globe to inspect it, test it, and fix it as necessary. There is no such thing as security by obscurity.
4. Reliability
How many weeks go by without any unplanned downtime, Windows user? None, you say? And how about you, Linux user: What’s unplanned downtime, you ask?
That’s right. Whether it’s due to malware or something else, Windows computers involve a lot of downtime. Linux computers don’t. For business users, in particular, that’s plain and simple.
5. Price
Finally, Windows may not seem like it costs anything, since it comes bundled on most PCs for sale today. But honestly, do you think Microsoft is a not-for-profit organization? You’d better believe that price is factored in, and you’ve already paid it.
With Linux, not only do you not have to pay for your operating system–though you can, if you want extra support–but you also don’t have to keep upgrading your hardware to keep up with the exorbitant resources Windows demands. Free doesn’t mean worthless–it just means without cost.
None of this is to say that Linux, or any other operating system, is perfect. The difference, though, is that no other operating system has created a monoculture and then tried to lay the responsibility for security on the industry as a whole the way Windows has.
It’s not computer security that’s a problem for business–it’s Windows. Try something else and you may like what you find.
Follow Katherine Noyes on Twitter: @Noyesk.