Glyn Moody posted “The Huge Hidden Cost of Microsoft Software” on June 30, 2009, on Computeworld UK’s web site, and a similar article on Slashdot. In the post, Moody discusses how various UK government organizations had to spend a great deal of money cleaning up the Conficker worm. Moody explains how this is a “hidden cost” of running Microsoft software in your environment, much as Microsoft and others have tried to claim there are “hidden costs” in running free open source software and Macs.
There are certain of Moody’s points I agree with. More malware exists for Windows than for Mac OS X and Linux combined. That’s just a fact. If the PCs in your organization become infected with malware like the Conficker worm, it can be extremely time-consuming and costly to clean up the mess. Again, it’s a fact. If you ran Linux or Mac OS X throughout your organization instead of Windows, a Windows worm like Conficker would be stopped dead because it can’t infect those operating systems. Fact. But the conclusion that this is a “hidden cost of using Windows” may be true to some degree, it’s not quite on target. Allow me to explain.
I work in a company with approximately 2,000 Windows PCs, maybe 50 Macs, a small number of Sun Solaris workstations, and a data center including Linux, Windows, Solaris, and mainframe operating systems. In an environment like this, with so many Windows desktops, you might be thinking I’ve had to clean up some massive infections.
Ironically, in my 20+ year career, the biggest malware mess I ever had to clean up didn’t affect Windows at all, and it wasn’t at the shop where I work now. The culprit was a little Classic Mac OS virus code-named “WDEF“. Infection via WDEF was very Mac-like. It “just worked”. If an infected disk was inserted into a Mac, it instantly infected the Mac’s hard drive. You didn’t have to run any programs or do anything. If you inserted a clean disk into an infected Mac, that disk became infected. The WDEF virus managed to find its way onto every Mac in our company and on to most of the floppy disks. I was able to trace it back to a disk a single employee (yeah, it was me) brought into the office from home. I can’t tell you how many hours I spent cleaning up that mess (we had only a dozen Macs but literally hundreds of floppies to scan). I only found it because I was showing a co-worker how Macs didn’t really need antivirus software by running a scan with a free tool called Disinfectant. It was very humbling to see it detect WDEF, in addition to being painfully ironic.
It was also a valuable lesson. Over the 10+ years I was a Mac user, I had downloaded lots of free Mac software. When I ripped the shrinkwrap off my first antivirus package (bought after the WDEF incident), I was shocked to see how many viruses had already infected my supposedly “superior” system. During my time as a Classic Mac OS user, I saw more viruses than I’ve seen since… even though I’ve primarily been a Windows user, and still download lots of free programs. Mine may not be the typical experience, but it’s a true story.
Moody’s stories and mine share a common theme – and it’s obviously not Microsoft software. Take proper security precautions, no matter what computer you’re using, or you will pay a price eventually. I’m willing to bet if you investigate any of those very expensive cleanup deals mentioned in Moody’s article you’ll find that certain basic security precautions were ignored that would have cost FAR less than the cleanup effort for Conficker eventually did. Maybe they merely needed a cheap hardware firewall to keep the worm from getting in, or a cheap antivirus package to detect and clean it, or just to deny administrator access to their employees. As far as I’m concerned, Microsoft may share some of the blame but the bulk of it lies with the organizations themselves. I can say that with confidence because our 2,000-machine Windows environment didn’t see a single Conficker infection. Not one. (And no, I wouldn’t be so bold or stupid as to say that we “never will”… only that we’ve made all reasonable precautions to prevent such an occurrence. That’s about as much as you can ever really say about your security.)
While Mac users have been relatively free of malware, viruses have existed for OS X, Mac malware has made it into the wild, and it has resulted in the creation of a Mac-only botnet. I’ll bet if you could find the owners of the Macs whose systems are part of that botnet, they’d tell you they don’t need antivirus software because they’ve got a Mac, and Macs are immune to that stuff…
Linux has been relatively immune as well, but it too has seen Trojans, viruses, and other malware. The threat to Linux is nothing compared to the situation on Windows, but that doesn’t mean there is “no” threat.
If you go through life with the assumption that your platform of choice is totally secure, completely immune to malware, and impervious to hackers, the odds are good that you’re going to find yourself very sadly mistaken one day… just like I did when I ran that disinfecting program on my Mac those many years ago. Good security is a “hidden cost” of owning a computer, no matter whose logo is on the box or whose is displayed when you start it up.