Friday, May 01, 2009

Why Windows is necessary

I had some thoughts related to the recent blog entry about Linux. Someone asked me why I gave it up. I probably would have asked someone the same question at that point. I remember back in college being very anti-Microsoft.

As I get further in to my career, I've learned one thing. Linux is not going to overtake Microsoft any time soon as accepted in the general public, and there are some reasons.

A) After many semesters of teaching some of the introductory courses, I see the trouble people have with the Microsoft Windows operating system. I consider Windows to be simpler than the Linux operating system. If all machines went to Linux tomorrow, we'd be reducing access to computers and technology, which would hold back society. People will give up rather than learn it.

B) Managers are scared of open source software. If a catastrophic failure occurs, there is no one to sue. If, however, there was a flaw in the Microsoft operating system that caused problems, people can turn around and sue Microsoft. They may not win, but there is comfort in that.

C) There are a lot of applications that were designed for Windows that people use. Without the use of Windows compatibility layers, these tools don't run in that environment. Most companies won't bother emulating the operating system, because that adds complexity, and they certainly won't bother re-writing. The company my father used to work for had an OS/2 application that was written in the 1980's. They were still running this operating system in 2001 on a bunch of machines just for that one application.

D) People push how secure the Linux operating system is, as well as browsers such as Firefox. Are they inherently more secure? Yes, they are. I don't doubt this. Part of the reason, however, is that if I am a hacker I am not attacking those platforms. Why? Two reasons. First, because the people using them are more computer savvy, so you are trying to hack smarter users - and a hacker wants the easiest targets possible. Secondly, there are more people using Windows and Internet Explorer, so one nasty little targeted virus hits a larger user base. If there were suddenly a large portion of the market using any tool, be sure that people will attack it and find exploits. It's not worth it to write a Linux virus today.

The reality is that in many ways in our own lives, we tend towards "this is not what I know" as a reaction to new things. For all of you who are very pro-Linux, think of how you would react if someone wanted to replace something you are comfortable with with something new. Most people resist change, and that's just the way the world works much of the time.

These are the things you would have to overcome if you want to get a society over to Linux. It's not good enough to say "well, it's more secure" - because people won't give up what they know for that promise. In that way, being hacked is in many people's minds much like speeding - no one ever thinks they are going to be the one pulled over until it happens.

It doesn't mean I like it. This is just what I consider the reality. You can only change in small increments. You would likely never be able to walk in to a company and say "I think we should all go to Linux" because you'd probably hear "I think you should go to ...somewhere". The larger the company, the more resistance to change.


Fred T said...
This comment has been removed by the author.
David J. Csuha, CPP, CFE said...

Hey Eric,

I didn't want to use up too much comment space, so I addressed the issue and security students here:

Fred T said...

Hey Eric,

David is right. My comment took up too much space so I moved it.

Viewers can read my response here:

Professor Cameron said...

Dear all, don't worry about comment space, love, me