Today is a good day to code

On Security

Posted: December 31st, 1969 | Author: | Filed under: Uncategorized | No Comments »

On Security

Picture of IrvinOne of the things that confuses me to no end is why companies keep using Microsoft Windows all the while insisting that they want to have a “secure computing environment.” That makes no sense whatsoever. The reluctance of many companies to adopt anything for their corporate desktop that doesn't have the flag of Redmond waving on it is insane. First of all, if your goal in designing a system is security, why would you use, at the core of it all, an operating system that has glaring flaws?

The only logical explanation to this is that it must have something to do with the proliferation of Microsoft office. Office is a great piece of software. It has its problems and its security holes, but all-in-all it is clearly the best productivity suite.

That being said, is it really so much better than using Star Office, or Open Office and an email client like Evolution or Thunderbird? Is Office for Windows really so much better than Office for Mac? While I am on a roll asking rhetorical questions, is exchange really that much better than PostFix / Sendmail / whatever ldap server there is for Linux?

I have been working, no slaving really, over IIS 6 for the past few days. I am an avid Apache user. When I first started playing around with Red Hat Linux a long time ago, I hated Apache, but I tolerated it because it was free. After I actually took the time to figure some of it out now working with IIS seems like drudgery at the lowest levels of the computer. Windows Server 2003 is nice, but I wouldn't say that it was $800 better than Ubuntu, or whatever Linux is out there. I definately wouldn't say that Server 2003 is better than OS X Server in any tests.

Back to my original premise. If a company wanted to run a truly secure system, they would have a Linux server running at the core of the system with Ubuntu linux workstations. Everyone could run as a non-administrator user, and they could still install Flash and other application that really shouldn't require an administrator to install them. Microsoft has done a really good job of making it seem like the hassle of installing software if you are a regular user in Windows XP is the company who distributes the software's fault. It isn't, the reason you have to be an Admin to install the Flash Player is because Internet Explorer is part of the OS. It makes sense to force a user to log in as administrator to modify the OS. What doesn't make sense is why enterprises are still running windows.