Charles Arthur On technology

'Windows wasn't designed with security - or, indeed, the internet - in mind. Its innards predate that use significantly'

When Bill Gates says, as he did recently at a packed conference of computer-security experts, that Windows is becoming safer all the time, he is being absolutely truthful.

This may seem surprising, as the "worm wars" between bizarrely named programs such as Netsky, MyDoom and Bagle grow ever more ferocious. But Gates (below) is being precise. He is not talking about the version of Windows that most people have on their computers. He is talking about the version that a tiny minority are using: the one that has all the latest patches and updates applied. He has it on his machine.

A great many people don't, and they're causing everyone, including themselves and innocent users (including those on non-Microsoft operating systems) a lot of trouble. They're the ones whose machines are still infected by worms such as Blaster, SoBig, and even Klez which, despite first appearing in April 2002, is still the fifth most prevalent virus on the net. And even when Klez appeared, it was exploiting a vulnerability (in Internet Explorer 5, but not later versions) that Microsoft had already fixed - in 2001.

Those people are also the most vulnerable to "phishing" scams that exploit weaknesses in Explorer to dupe people into handing over their bank, credit card, Paypal or eBay details, and to viruses and online hacking taking over their machines.

How many people are at risk? While there is no hard data as to how many people use which version of the operating system, a good guide comes from Google's visitor statistics. They reveal that 45 per cent of visitors use WindowsXP, the newest version. Of the rest, 24 per cent use Windows98; 18 per cent, Windows 2000; 3 per cent, Windows NT; 1 per cent, Windows95. (The rest use Linux, Macintosh and other operating systems; see www.google.com/press/zeitgeist.html).

At least half of those WindowsXP installations have never been updated to incorporate Microsoft's patches, because their owners won't know how to; and Microsoft shipped WindowsXP with the functionality to download those updates switched off. It also left the firewall turned off, and didn't close the "ports" to connect to services most home users would never need. Each of these problems is a fault of decision-making within Microsoft about the threats that the machines would face in a connected world.

Few people are better aware of those threats than David Aucsmith, responsible for Microsoft's "security architecture". "There's an army of people 'assisting' us in finding vulnerabilities in Windows," he said recently. Microsoft isn't lax in working on the fixes to holes discovered in Windows; in fact, says Aucsmith, only one attack has been the result of a vulnerability of which the company wasn't already aware. (He declines to name it, but evidence suggests it was last summer's "Blaster" worm.)

"But we can watch what happens when we release a patch for a flaw," he says. "There's a hacking tool that compares the patched operating system with the unpatched one, and generates code to exploit that." The problem is compounded in two ways. "Our Achilles heel is testing our patches against all the variations of customer software out there," said Aucsmith. "If we release a patch that futzes up a bank's software, there's hell to pay. The bad guys don't face the same constraints."

He also readily acknowledges that Windows wasn't designed with security - or, indeed, the internet - in mind. The development of Windows95 began in 1993. So although it came out just as the internet exploded into public use, its innards predate that use significantly. That's one area where rival operating systems have a definite advantage. Both Linux and Apple's Mac OSX are variants of Unix, built to handle multiple, potentially conflicting, users on a network. They presume that people may try to do bad things to the machine, and aim to forestall them; security is an axiom, rather than an add-on.

Microsoft is readying itself for the attacks that will be aimed at its next-generation operating system, Longhorn, due in the second half of the decade. But what if nobody gets the updates, or upgrades to the new version? Microsoft is, I understand, considering a trade-in system for users of older versions of Windows. But what about those using machines that can't run XP because they're too old? That, along with the question of whether Microsoft, or someone else, should foot the bill, means the idea is stuck inside the company for now.

Microsoft has produced a free "Windows Security CD" with updates to Windows (for all flavours from 98 onwards) valid until last October. Unfortunately, you have to order the CD online; and you need to set up a Microsoft .NET Passport account to do so. Microsoft's next "service pack" for Windows XP, due very soon, will turn the firewall on and the unused ports and services off. Future versions might even download the updates automatically.

It's a start, but unfortunately we aren't at the beginning of the problem. Next time you receive a phishing e-mail, or a virus, consider this: some people out there will believe them, and their machines won't protect them against them, even though - as Gates said - Windows is getting safer.

Microsoft Security Update CD: (www.microsoft.com/uk/security/protect/update.mspx)

Start your day with The Independent, sign up for daily news emails
Property
pets
Arts and Entertainment
tvGame of Thrones season 5 ep 4, review - WARNING: contains major spoiliers!
Arts and Entertainment
tvThe C-Word, TV review
Arts and Entertainment
The Ridiculous Six has been produced by Adam Sandler, who also stars in it
filmNew controversy after nine Native American actors walked off set
Sport
Danny Jones was in the Wales squad for the 2013 World Cup
rugby leagueKeighley Cougars half-back was taken off after just four minutes
Life and Style
The original ZX Spectrum was simple to plug into your TV and get playing on
techThirty years on, the ZX Spectrum is back, after a fashion
News
Tiger Woods and Lindsey Vonn are breaking up after nearly three years together
peopleFormer couple announce separation in posts on their websites
Sport
football
Life and Style
Google celebrates Bartolomeo Cristofori's 360th birthday
techGoogle Doodle to the rescue
Arts and Entertainment
Haunted looks: Matthew Macfadyen and Timothy Spall star in ‘The Enfield Haunting’
tvThe Enfield Haunting, TV review
News
news
News
The Mattehorn stands reflected in Leisee lake near Sunnegga station on June 30, 2013 near Zermatt, Switzerland
news
ebooks
ebooksA celebration of British elections
  • Get to the point
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Money & Business

Recruitment Genius: Claims Administrator

£16000 - £18500 per annum: Recruitment Genius: This is an excellent opportunit...

Recruitment Genius: Senior SEO Executive

£24000 - £28000 per annum: Recruitment Genius: A Senior SEO Executive is requi...

Recruitment Genius: Online Customer Service Administrator

£16000 - £18000 per annum: Recruitment Genius: An Online customer Service Admi...

Recruitment Genius: Digital Marketing Executive

£18000 - £22000 per annum: Recruitment Genius: This global, industry leading, ...

Day In a Page

Fishing for votes with Nigel Farage: The Ukip leader shows how he can work an audience as he casts his line to the disaffected of Grimsby

Fishing is on Nigel Farage's mind

Ukip leader casts a line to the disaffected
Who is bombing whom in the Middle East? It's amazing they don't all hit each other

Who is bombing whom in the Middle East?

Robert Fisk untangles the countries and factions
China's influence on fashion: At the top of the game both creatively and commercially

China's influence on fashion

At the top of the game both creatively and commercially
Lord O’Donnell: Former cabinet secretary on the election and life away from the levers of power

The man known as GOD has a reputation for getting the job done

Lord O'Donnell's three principles of rule
Rainbow shades: It's all bright on the night

Rainbow shades

It's all bright on the night
'It was first time I had ever tasted chocolate. I kept a piece, and when Amsterdam was liberated, I gave it to the first Allied soldier I saw'

Bread from heaven

Dutch survivors thank RAF for World War II drop that saved millions
Britain will be 'run for the wealthy and powerful' if Tories retain power - Labour

How 'the Axe' helped Labour

UK will be 'run for the wealthy and powerful' if Tories retain power
Rare and exclusive video shows the horrific price paid by activists for challenging the rule of jihadist extremists in Syria

The price to be paid for challenging the rule of extremists

A revolution now 'consuming its own children'
Welcome to the world of Megagames

Welcome to the world of Megagames

300 players take part in Watch the Skies! board game in London
'Nymphomaniac' actress reveals what it was really like to star in one of the most explicit films ever

Charlotte Gainsbourg on 'Nymphomaniac'

Starring in one of the most explicit films ever
Robert Fisk in Abu Dhabi: The Emirates' out-of-sight migrant workers helping to build the dream projects of its rulers

Robert Fisk in Abu Dhabi

The Emirates' out-of-sight migrant workers helping to build the dream projects of its rulers
Vince Cable interview: Charging fees for employment tribunals was 'a very bad move'

Vince Cable exclusive interview

Charging fees for employment tribunals was 'a very bad move'
Iwan Rheon interview: Game of Thrones star returns to his Welsh roots to record debut album

Iwan Rheon is returning to his Welsh roots

Rheon is best known for his role as the Bastard of Bolton. It's gruelling playing a sadistic torturer, he tells Craig McLean, but it hasn't stopped him recording an album of Welsh psychedelia
Russell Brand's interview with Ed Miliband has got everyone talking about The Trews

Everyone is talking about The Trews

Russell Brand's 'true news' videos attract millions of viewers. But today's 'Milibrand' interview introduced his resolutely amateurish style to a whole new crowd
Morne Hardenberg interview: Cameraman for BBC's upcoming show Shark on filming the ocean's most dangerous predator

It's time for my close-up

Meet the man who films great whites for a living