September 18, 2003 FROM THE DESK OF DAVID POGUE
How Susceptible Is Your Operating System to Viruses?
I’ve just discovered the best way to learn about computers: Write down what you know in an e-mail column and send it to 237,000 people. Believe me: Whatever holes they discover in your knowledge, they’ll set you straight.
Last week, for example, I mentioned that an anti-virus program is a necessity these days if you use Windows. I grumbled that that meant forking over money (plus an annual subscription) to companies like McAfee and Symantec, two companies that are not known for, ahem, customer-support excellence.
But dozens of you called to my attention a number of free anti-virus programs from other companies. “I have been using the version of AVG (
http://www.grisoft.com/us/us_dwnl_free.php) that’s free for personal use,” wrote one reader. “It has stopped all viruses without fault. And Grisoft has never sent me a single junk mail or distributed my information—a refreshing thought indeed.”
I tried AVG, and it’s great. (Other readers recommended free and cheap anti-virus programs like Avast,
www.avast.com; F-prot,
www.f-prot.com; Sophos,
www.sophos.com; and NOD32 Anti-Virus,
www.nod32.ie.)
I also wrote that Mac OS X and Linux are virus-free because they offer virus writers a much smaller “audience” than Windows -- a notion that’s been much repeated in the press, most recently last week’s BusinessWeek cover story. That, as it turns out, is a myth, no matter who repeats it. There’s a much bigger reason virus writers don’t like Mac OS X and Linux.
“Unix [which underlies Mac OS X] and Linux ARE more secure,” wrote one reader. “They have been developed, open-source style, by people who know exactly what they are doing. Unix and Linux have had at least 10 years of battling hackers to better themselves. This leads to an extremely secure environment.”
Many of you also pointed out simple design decisions that make Mac OS X and Linux much more secure than Windows XP. For example:
* Windows comes with five of its ports open; Mac OS X comes with all of them shut and locked. (Ports are back-door channels to the Internet: one for instant-messaging, one for Windows XP’s remote-control feature, and so on.) These ports are precisely what permitted viruses like Blaster to infiltrate millions of PC’s. Microsoft says that it won’t have an opportunity to close these ports until the next version of Windows, which is a couple of years away.
* When a program tries to install itself in Mac OS X or Linux, a dialog box interrupts your work and asks you permission for that installation -- in fact, requires your account password. Windows XP goes ahead and installs it, potentially without your awareness.
* Administrator accounts in Windows (and therefore viruses that exploit it) have access to all areas of the operating system. In Mac OS X, even an administrator can’t touch the files that drive the operating system itself. A Mac OS X virus (if there were such a thing) could theoretically wipe out all of your files, but wouldn’t be able to access anyone else’s stuff -- and couldn’t touch the operating system itself.
* No Macintosh e-mail program automatically runs scripts that come attached to incoming messages, as Microsoft Outlook does.
Evidently, I’m not the only columnist to have fallen for this old myth; see
www.sunspot.net/technology/custom/pluggedin/bal-mac082803,0,1353478.column for another writer’s more technical apology. But the conclusion is clear: Linux and Mac OS X aren’t just more secure because fewer people use them. They’re also much harder to crack right out of the box.