Windows

Why is Windows so insecure?

Get It Try It

Why is Windows so insecure? The easy answer is that it's obvious: it's because so many pranksters, and now professional criminals, can wreak havoc with it. Windows is the punching bag of evildoers everywhere. It has no defenses. It's designed wrong from the start. It cannot be repaired. Things will only get worse.

Nobody is forcing you to use Windows. You have a choice. Starting now, you must exercise that choice or be ostracised from the Internet community forever. People no longer care that you are clueless, driving without a licence: they want you gone. They find you a terrible irritation and annoyance and will do anything legal to see you no more.

Windows is insecure not only because the clowns in Redmond write such crappy code, but because the inherent design of Windows - or lack thereof - does not allow for adequate security. And in today's world, security is vital.

Windows started as an add-on for MS-DOS, and MS-DOS was hardly more than an x86 cross-assembled upgrade to CP/M, the home computing 'operating system' of choice of the 1970s. There were no directories, and there were no hard drives, and diskettes were eight inches in diameter, and you could switch between them, but that was all.

Microsoft gradually introduced 'Unix' thinking into MS-DOS with hierarchical file systems, twisting the forward slash into a backward slash just to be different, re-aligning their compiler for Unix compatibility, using Unix APIs to access MS-DOS data on disk, but the system itself did not change: it remained the same 'hardware interface' it always was.

Microsoft Windows was put on top of this flimsy foundation. Two years after the introduction of the Macintosh, one year after the start of the NeXT project, Microsoft had what many IT experts saw as the most pitiful product ever to enter the PC market place. Things were so bad that Microsoft could not move their windows around on screen. Radsoft had been doing it for a year - and in 'text mode' to boot - but those loveable Microsofties weren't good enough for the task. Microsoft Windows version 1 was a pitiful exposure to loud ugly semi-graphics with next to no functionality or usability built in.

Windows took off in 1992 with the introduction of the new LIM (Lotus Intel Microsoft) memory standard for the PC. Suddenly there was enough memory for even Microsoft's bloat monsters to run. Stores sold out in no time. Steve Ballmer traveled to New York to rip up the joint venture with IBM. All forces were concentrated on the 1992 goal of releasing Microsoft Windows 3.1.

The world was not connected in 1992. Tim Berners-Lee had invented the 'web' some years earlier, but it had not yet reached home computing. The only connections people knew about in 1992 were Novell NetWare connections. NetWare was insecure, but there were no outside threats.

Viruses proliferated already back then, but did so via diskette. They could attach themselves to executables, or they could be boot sector viruses. Only vigilance kept machines clean - even then.

Mosaic and Java Beans signaled the birth of the World Wide Web. And Bill Gates almost missed the boat: it wasn't until very late in the game that the tyrant of Redmond understood its significance. The Windows 95 update was planned primarily as a way to bring PC computing to secure 32-bit - where David Cutler had been for the past seven years.

David Cutler is the man who created the operating system VMS for Digital Equipment Corporation. VMS is respected as one of the most bulletproof operating systems ever created. In 1988 Cutler was in Seattle with a DEC research team, and word reached Microsoft that DEC were planning on removing Cutler from that team. Emissaries were sent to talk to Cutler, who eventually agreed to take on a position with Microsoft instead, bringing his entire DEC operating system project 'Prism' cross-town to the Redmond campus.

But 1988 was also pre-web, and Cutler, for all his operating system savvy, could not and did not understand the exigencies we have today, and besides: he was building a LAN file server with NT, not a workstation operating system. It was only when the Gates lackeys decided to clue Cutler in that he found out what their real intentions were, and there was no way he could retrofit security onto an already existing Windows model that Gates insisted be used.

The result, ultimately, was Windows NT version 4, and it was the end of David Cutler's sojourn in Redmond. Today he races cars, sponsored by Microsoft 'so they keep me from pissing all over them', and Microsoft are back to their old tricks, the blind leading the lame, rewriting code and ruining software. And the design of Windows, with the design of the underlying MS-DOS, never changed. And it never will.