Is Windows or is IT the problem with security?

http://news.cnet.com/8301-13505_3-9970323-16.html

Michael Fiola, formerly an investigator with the Massachusetts Department of Industrial Accidents, was charged with possession of child pornography. He lost his community’s respect, many of his friends, and his family. His crime? He was given a Windows-based laptop that was riddled with vulnerabilities that were or became prey to malware.

An investigation showed he hadn’t downloaded the pornography. His computer did:

When the DIA issued Fiola his Dell Latitude laptop in November 2006, it
was so badly configured that it may well have already been hacked, said
Tami Loehrs, a forensics investigator hired by Fiola’s defense team. The
Microsoft Systems Management Server software on the laptop was
misconfigured and was not receiving critical software updates, and the
laptop’s Symantec antivirus software was either misconfigured or not
working properly, she said.

“He was handed a ticking time bomb,” she said.

In this case, it’s called Windows. Or, more accurately, an IT department that inflicted a poorly implemented Windows environment on Mr. Fiola.
Could this have happened with Linux or the Mac? Yes and maybe.

Yes, because weak IT yields weak security.

But maybe, because both of these Unix-like systems handle security much better than Windows traditionally has. But that’s not really the point.

No, what’s really the point is things like this and the case where a teacher was accused of exposing her class to
pornography.

The article ends with

Did Microsoft create this problem for Mr. Fiola? No. If anything, it
sounds like his IT department is to blame. But if it were me, I’d beMac OS Logo
asking for a Mac when joining a new company. With the Mac, my odds of
having a Fiola-esque experience go down dramatically.

Which makes me think of another article I saw that indicates

MacOS experienced 50% growth as a primary development platform and 380% growth as a targeted platform during the period.

Zemanta Pixie

About the author

Security Evangelist

Leave a Reply