by Larry Magid
I was busy all day Wednesday following two seemingly unrelated news stories: the cyberattacks against U.S. and South Korean government Web sites and the announcement that Google is developing its own operating system.
That got me wondering whether those stories were related.
The assaults on government Web sites were a so-called distributed denial of service attack whereby thousands of computers around the world simultaneously request access to servers, making it impossible for legitimate traffic to get through. The computers carrying out the attack aren’t owned by bad guys but by regular people and businesses whose machines have been commandeered into a “botnet” or “zombie army” as a result of being infected by malicious software.
There are lots of ways to distribute this type of malicious software but the most common method is called a “drive-by download,” in which a computer becomes infected by visiting a Web site that was either set up for this purpose or commandeered by hackers to distribute this type of software.
For a PC to be infected, it has to be able to run the malicious software and, as it turns out, the overwhelming majority of malicious software is designed to run on Windows. So these “zombies” that are shutting down government Web sites are mostly Windows PCs. And therein lies the connection between the two stories.
Like any device connected to the Internet, PCs running Google’s Chrome operating system wouldn’t be exempt from malicious software. Indeed, Chrome will be running on top of Linux, which also has been affected by malicious software. But so far, Linux and Macintosh machines have been far less vulnerable than PCs running Windows.
There are lots of theories about why that’s the case. One school argues that Windows is inherently less secure, while others say it’s simply a larger target. While that first explanation might have some merit, the second one is undeniable. With about 90 percent of the world’s personal computers running Windows, it’s no surprise that bad guys put their development resources into the platform that will give them the greatest impact.
So from a security standpoint, what’s good about a Google operating system is that if it’s well-received, there will be more computers running something other than Windows. Bad guys will have to diversify their development efforts or reach an ever-decreasing share of the world’s computers.
But that doesn’t mean there wouldn’t be security downsides to a Google operating system. Google has said that its OS will be highly Web-centric, encouraging the use of Web-based applications like Google Docs and Spreadsheets, Gmail, Yahoo calendar and other programs from Google and its competitors. That introduces a major vulnerability.
With Microsoft’s PC-centric approach, applications like Microsoft Office can run even if there is no Web access. Web-based applications depend not only on the client having access but on the server as well. So if Google’s servers come under attack, there is risk that its Web-based applications will fail until the attack is resolved.
There is also the security risk of storing your data on those servers. While there are many advantages to so-called “cloud computing,” one disadvantage is that your data can be compromised if someone breaks into that server. We could have another “single point of failure” problem if a significant percentage of the world’s PC and Internet users start to store their data on Google machines.
I’m not suggesting that Google doesn’t have good security. The company tries very hard to protect its users’ data. But so does Microsoft. It’s just that the bigger a company’s market share gets, the more likely it and its customers will be attacked.
Of course, all of this assumes that Google will be successful in eroding Microsoft’s share of the market. Based on the public’s lackluster interest in Linux PCs, Google has an uphill battle. Even among netbook PCs, which at first mostly used Linux, Microsoft enjoyed a 96 percent market share as of February, according to NPD Group.
Linux, like what Google is promising for its Chrome OS, loads faster and requires less computing power than any current version of Windows. And there are plenty of excellent Linux software programs, including the Firefox browser and several office suites that rival Microsoft Office. But there remain many programs that run only on Windows, so many individuals and companies will continue to use Windows, even if they can get a free and arguably better operating system somewhere else.
If I used my PC only to access the Web, get e-mail and do word processing, I’d be very happy with Linux. But while those activities probably account for 90 percent of my PC use, there are other programs I simply can’t do without. That may change over time, but there are some very smart people in Redmond, Wash., who will do all they can to keep the Microsoft franchise alive and dominant.
Be the first to comment