Net Pioneer Wants New Internet

Over at Wired they have an article about a ‘new Internet’ that is in development. There is a lot of discussion about the ‘clean slate’ vs the ‘incremental changes’ idea of implementing this new idea.

David Clark is heading up the ‘clean slate’ group that is working on their ideas at the National LambdaRail.

“Look at phishing and spam, and zombies, and all this crap,” said Clark. “Show me how six incremental changes are going to make them go away.”

Well. Let me tell you about ONE change that will make about 90% of that ‘crap’ go away, Mr Clark. Stop using Windows!

The statistics clearly show that Windows is not an ‘Internet Ready’ operating system. Sophos, a major Anti virus vendor just released the results of a test that they did – and an unprotected Windows system has a 50% of being compromised in the first 12 minutes of being attached to the Internet. In the first quarter of 2005, 8000 viruses were released into the wild for Windows.

A lot of people respond with “Well, Linux and Mac don’t have the market share. Virus writers don’t want to target them because there are not a lot of them out there.” To that, I say – Hogwash! Let’s look at the numbers.

2005 Win XP W2000 Win 98 Win NT Win .NET Linux Mac
June 64.9% 19.1% 3.6% 0.7% 1.5% 3.5% 3.0%
May 64.5% 19.4% 3.9% 0.8% 1.4% 3.3% 2.9%
April 64.0% 19.7% 4.1% 0.8% 1.4% 3.3% 2.9%
March 63.1% 20.2% 4.7% 0.9% 1.4% 3.2% 3.0%
February 62.0% 21.1% 5.1% 0.9% 1.3% 3.2% 2.9%
January 61.3% 21.6% 5.3% 1.0% 1.2% 3.2% 2.8%

So, according to the stats from the w3schoolsLinux and Mac have about 3% of the on-line market each. If there were 8000 virus writing in Q1 2005, would you not expect to see about 6% of them to target Linux and or Mac? Where are those 500 viruses? They are not there – because it’s a combination of factors that makes Windows such a choice target, not just pure numbers.

Windows was designed as a single user system. It was not designed as a networked system from the start. It has had all of these bells and whistles added on after the fact. Shoe-horned on, if you want the truth. *nix (OS X, BSD, AIX, Linux etc) have all been designed with networking as a core concept. When you design a system with networking as a core concept, you tend to give some thought as to how to make sure that people that you do not want in are not allowed in. It’s as simple as that.

Microsoft did not have security as a core concept until Windows XP SP2 – about 2 years ago. BSD has been doing it for 30 years. You make the choice.

I am not saying that there will never be security issues with these other OS’s – rather that they are more secure by default. It’s like a house. If you are going to store valuables, what are you going to store them in? A grass hut or a steel vault? Even if you choose the steel vault and you leave the door wide open, you are going to have problems.

So – instead of doing a rip and replace on the Internet to improve security, lets go ahead and deal with the source of the problem. The Internet is a collection of networks of computers. Let’s push the security to where it belongs – the computers that make up the networks. Asking the network to secure it’s self is like asking the roads to stop people from breaking into our houses.

So, lock the doors to your house, and make sure that it’s not a straw house.