Microsoft Holes Exploited Again

As if the last security hole in Internet Explorer was not enough, here’s yet another reason to drop Microsoft Software. This time it’s their cash-cow, Office:

Attackers are exploiting the just-patched vulnerability in Internet Explorer (IE) by hiding malicious ActiveX controls in Microsoft Word documents, according to security researchers.

“Inside the document is an ActiveX control, and in that control is a line that makes it call out to the site that’s hosting the malware,” said David Marcus, the director of security research and communications for McAfee’s Avert Labs. “This is a pretty insidious way to attack people, because it’s invisible to the eye, the communication with the site.”

This all reminds me of a sieve – full of holes.

If I was a small business using Microsoft application software today, I would be dropping it faster than a red-hot rock. If I was a CTO I would be planning now how to migrate away. will protect you from malicious ActiveX in documents, Firefox for web browsing and Thunderbird for email will do the same whilst allowing you to continue to use the Windows OS as you plan the final step to freedom. Ubuntu will complete the process.

If you need help, there are companies out there who can provide support and technical assistance. 😉

Windows is Doomed…

After reading this post several times and thinking about the implications of it. I think the author (sorry, but I couldn’t find your name anywhere) has really stumbled on something here.

The basic premise of the article is to do with Microsoft’s takeover attempt of Yahoo, and how poor Windows is as a scalable platform for building out a very big Internet presence:

There’s no way on God’s earth that Microsoft can switch all of Yahoo’s services to being based on Windows. The IT costs and the time needed to migrate Yahoo’s applications to Windows boggles my mind. It would probably cost more than whatever Microsoft ends up paying for Yahoo.

I thought about this and think that there is even more to support the author’s conclusion than he mentions.

I started to think about all these new “big businesses” out there he(she?) mentions. They are all using Linux and other Open Source software to build out these hugely massive infrastructures. We know about Google and Amazon et al. But there is more… PayPal, a subsidiary of eBay, but a business that is taking on the old-world banking industry – especially as a credit card payment processor – build their transaction processing platform on Linux and they have discussed before how they can easily scale their infrastructure by just adding a few $1k blades with Linux on them.

If any of the recent big on-line businesses had tried to build out their infrastructure on Windows, what do you think the outcome would have been?

  • Cost. This would have been a non-starter for most. How much in software licenses would a Google need to have spent? Server software, database licenses, middleware, system administration tools etc etc. The mind boggles just how impractical it would be to try and do this with proprietary software. And of course, don’t forget the extra hardware needed to run the bloated code in the first place.
  • Flexibility. How easy would it be to go back your proprietary supplier and ask for new features, fixes, patches? And – oh yes – ‘I’d like them tomorrow please’. This just isn’t possible or realistic with the old-world software businesses. Businesses like Google and the others rely on change. They are dynamic businesses. They need to move fast and adapt.
  • Reliability. Really. Windows, in whatever guise you like – Vista, SBS, NT – are just not man enough for the job. BSODs galore and crappy single-user file systems mean you need hundreds, or thousands, of individual boxes each running expensive software just to give yourself some sense of reliability. Although of course it isn’t in reality. Windows doesn’t scale and it’s a pain to manage when you have lots of them. It’s a desktop operating system masquerading as something it isn’t.
  • Security. Yep. Would you trust your data to a Windows architecture that is so wide open to abuse it has grown a whole industry of parasites that supply further process-cycle-sapping applications that endeavour and “hope” to find intruders and malicious code?

The trend to use Linux is not just with the “new kids” however.

We have seen how, recently, Specsavers the Opticians have replaced everything in their network with Linux. From the tills to the back-office servers and more recently their Active Directory user authentication system for OpenLDAP. Here’s a lovely quote from them about the impact their migration has had:

As well as freedom from vendor lock-in, Specsavers says it is getting “superior performance, reliability and security at a significantly reduced cost in comparison to proprietary solutions”. It says it is now “enjoying a reduced need for maintenance, and increased reliability”.

I was also rather surprised yesterday when I was reading a piece about Oracle.

“WC: Pretty much all of Oracle’s internal production and development systems run on Linux across the whole company. Linux by itself is across the whole company. Also uses a lot of Python. It’s really across the whole co. 10,000 Linux servers that run Oracle on-demand.”

[WC = Wim Coekaerts, VP of Linux engineering, corporate architecture.]

Did you get that? Linux is running pretty much everything in Oracle…

If M$ do buy Yahoo, they will, undoubtedly, open the biggest can-of-worms imaginable. And probably the first nail-in-the-coffin for Windows. Especially in the enterprise.

So, think about it. Next time you need to role out some new business applications, would you go with the Desktop OS that needs excessive maintenance and support to just pretend to be a server, and that might have a limited life expectancy anyway. Or deploy the enterprise scale OS that can be customised for your infrastructure and hardware, which is proven to be extremely secure and is used by many (if not all) of the biggest and most successful companies in the world? Oh yes, and it doesn’t cost an arm and a leg to buy either. In fact, it can be yours for nothing. Free. Zilch. Zero.

Remember too – that you can also run the same OS, properly configured, on the Desktop too. Why do you think PC manufacturers are literally falling over each to bring out new, low-cost, Linux powered laptops (Asus, Everex, Acer, Via, Palm, Intel, LeMote, OLPC, Dell, Lenovo)? Barely a day goes by without a new announcement. It certainly isn’t because they aren’t any good…

3000+ Good Reasons to Dump Windows. Every day…

Everyone knows that there are lots of Viruses, Malware, Spybots and the like out there….

But now, according to the BBC these malicious programs have reached unprecedented levels.

Reports vary but some estimates suggest there were five times as many variants of malicious programs in circulation in 2007 compared to 2006.

Security company Panda Software said it was getting more than 3,000 novel samples of so called malware every day.

And it gets worse…

Security software testing organisation AV Test reported that it saw 5.49 million unique samples of malicious software in 2007 – five times more than the 972,606 it saw in 2006.

And to cap it all…

Most of the malicious programs detected by these security organisations are aimed at the various versions of Microsoft’s Windows operating system.

Now there are many reasons why the criminal hacker writes mainly for Windows, and most are to with the very poor system level architecture of the file and operating system itself.

There are countless examples and descriptions on the Internet as to why viruses and the like do not seem to target Unix, Linux and Macs and they all, in the main, boil down to the fact that these systems use proper, multi-user file and process management.

As with any virus in the real world, if it can’t jump from one host to another, it can’t propagate and will simply die or fester on its own. This is just the same with computer viruses.

Microsoft’s Windows OS, when connected to the Internet, is just like the world’s biggest toddler’s nursery. You know (if you’ve have ever had kids) how they all mix fluids and spread diseases between themselves faster than you can get a tissue to wipe their dribbly nose.

On a “proper” computer operating system, the analogy would be each kid living in a hermetically sealed bubble. But with the tools to be able to communicate and transfer “solids” through appropriately secure membranes specifically fit for purpose.

Go on, dump Windows.

[Update] I just went and checked the latest WILDLIST. The list of all “active” known viruses actually in the wild. Just read the list and look at the names. Notice how many are for non-windows architectures… About 2. One for Javascript and one html based.

VirtualBox: Seamless Windows

I have one web based service provider that requires me to use Internet Explorer – Parcelforce; the courier firm.

I have been using IE running on Wine up until recently – but I had never got printing to work quite right. You see, when I schedule a shipment for something, their software creates a barcode and label in PDF for me to print. But their system needs me to have IE and the Windows version of Acrobat installed so the label pops up in an IE with the Acrobat Reader plugin window.

I have asked them to support Firefox and Linux but they didn’t even have the courtesy to reply to my email…

Anyway – Wine and IES4LINUX worked for me very well, but I have had to save the pdf file to disk then open the Linux version of Acrobat and print it from there. I have recently moved partitions around on my PC and am running a new install of Ubuntu, so I decided to try a different route for a change…

I installed VirtualBox (the latest .deb from their web site which is 1.52) on my Ubuntu Gutsy desktop and then dug out my old CD of Windows XP and started the install.

What a palaver that was! I had forgotten how laborious the install is: I have an XP “upgrade CD” so had to go and find my Full version of Windows 95, show it that, then type in the stupidly long code and answer lots of questions. And it seemed to take so long to actually copy the stuff to the VM. Then you get the Activation question, registration and lots of network activity…

However, once I’d got it installed, it booted up just fine (In fact it boots much faster in a VM than I recall it doing natively) . After installing VirtualBox’s “guest additions for Windows” you get an improved Windows graphics driver and better mouse control too. The mouse just works when you move the pointer over the VirtualBox guest window or back to the Linux desktop. No need to switch mouse control between the two OSes.

The other nice feature is something they call “Seamless Mode”. This is really cool, it means your guest OS can appear on your desktop without having to be inside a window. By that I mean you can run application (say notepad) and it will appear as a single window on your desktop. Here’s a picture to show you what I mean…

Screen Shot

It’s a bit of a chore just to get access to a barcode label from ParcelForce, but I can do it. It only took me about an hour and I haven’t had to go and buy any software (I already owned my old copy of XP Home and Windows 95) or have to dual boot my computer.

The virtualisation engine is Open Source, the host OS is Open Source. And if Parcelforce would wake up and smell the coffee perhaps they might even keep a customer.

« Previous Page