Home > Technobuddy > Archives > 2007 > August > 24 > Entry
DEL.ICIO.USComputer myths
The Atlanta Journal-Constitution
There’s no lack of experts when it comes to computing. Everyone from your brother-in-law to the guy down the street is willing, even eager, to offer advice.
Most of us were introduced to my favorite computing myth when someone helped as we sat down to a computer for the first time.
“Don’t worry,” the wise expert may have told you. “Nothing you can do will hurt the computer.”
The point of that lesson? Even the teacher can be wrong.
There are thousands of ways you can kill a computer and they aren’t limited to physical abuse. Fail to update your anti-virus protection and risk losing all your data. Don’t use an Uninterruptable Power Supply, or at least a surge protector, and your computer can go up in a puff of smoke.
One widespread myth is that — compared to any other operating system — Windows has more holes than all the nation’s golf courses together. You are told that Linux, Unix or a Macintosh using an operating system based on Linux are all bulletproof, while Windows is time bomb.
I won’t argue that Windows perfectly secure. But a study by the federal government found that in 2005 “out of 5,198 reported vulnerabilities, 812 were Windows operating system vulnerabilities, while 2,328 were Unix/Linux operating vulnerabilities (and) 2,058 were multiple operating system vulnerabilities.”
Another myth involves cookies, the high tech variety. Most of my readers think they are pure poison for a computer.
A computer cookie is a small text file. It’s often used - in a good and harmless way - to make things easier for you when you log onto a Web site. For instance, if you create a personalized page at the Weather Channel site with the weather for your town, a cookie is created on your computer’s hard disk. That cookie is used - each time you log onto the Weather Channel site - to create your personalized page.
Cookies aren’t viruses or spyware. They aren’t even programs. They are just text files.
Can they be harmful? Sure. But the bad cookies are usually found on hacker sites or x-rated sites. Just as is true in real life, if you stay in safe neighborhoods while cruising the Web, you’ll usually be fine.
Just as they think cookes are bad, many people think surge protectors offer an ironclad defense against lightning strikes.
That’s not so. If a bolt of lightning hits the power line going into your home, there’s a good chance it’ll turn your computer into a crispy critter. That lightning bolt jumped across a big hunk of sky before it hit your powerline and it can sure jump an inch or less inside your surge protector.
Folks, if those things were lightning protectors, that’s what it would say on the box. Instead, surge protectors attempt to shield your computer from surges in electrical current. A lightning strike isn’t a surge, it’s a danged tusami.
Finally we come to screen savers. At one time they had an important mission. Old black and white computer monitors often suffered from a problem called “burn in”. If you left something on the screen long enough, the image burned into the screen’s posphorus coating.
An LCD screen doesn’t suffer from that problem at all, and modern color cathode ray tube monitors are reasonably immune. So screen savers are good for blocking the screen from prying eyes or just for amusement; but do nothing to save a screen.
That’s it for computers and myths. I’ll leave you with one bit of lore that’s absolutely true: Your computer is most likely to fail at a time when you need it most.
Permalink | Comments (13) | Post your comment | Categories: Columns
Comments
By Mark
August 24, 2007 3:18 PM | Link to this
I won’t argue that Windows perfectly secure. But a study by the federal government found that in 2005 “out of 5,198 reported vulnerabilities, 812 were Windows operating system vulnerabilities, while 2,328 were Unix/Linux operating vulnerabilities (and) 2,058 were multiple operating system vulnerabilities.”
I’m not sure what point you are arguing, since you stated that you are not arguing for Windows security. But, certainly you have read that report yourself to investigate it before using it in your blog. The “Unix/Linux” section summed up all AIX, Solaris, OSX, HP-UX, BSD, Linux and every other independent varieties and codebases of Unix. You could not conclude that product “X” was very flawed because of a look at the sum of a very large set of products that included “X”.
By David
August 24, 2007 4:10 PM | Link to this
*“Don’t worry,” the wise expert may have told you. “Nothing you can do will hurt the computer.”
The point of that lesson? Even the teacher can be wrong.*
You can always re-install an operating system, and if you regularly back-up your data you will find that the worst injury you will suffer is the loss of a couple of hours to re-install your imperfectly secure windows.
By Roy Schestowitz
August 24, 2007 5:41 PM | Link to this
mark’s comment beat me to it! That ‘study’ was criticised to death quite some time ago when it was published. It’s funny how people span the sum to support some hypothesis.
By Alfred Bool
August 24, 2007 9:07 PM | Link to this
You can say what you want, it remains that I have spent countless hours fixing Windows machines that had been messed up by viruses and malware.
After 10 years of using Linux on a variety of machines, none of which had a virus detector, I still haven’t seen ONE virus on Linux.
Are you being paid by Microsoft to spread nonsense?
By PatrckB
August 25, 2007 8:05 AM | Link to this
In my opinion, the biggest security risk of any computer is between the keyboard and the chair.
The biggest security threat to any company is not that their technology is weak but that their processes are weak. For example, I bet that local company that had the big customer information loss had excellent firewalls. But they had a major data loss because they didn’t have adequate process controls. The people-part is where we techies have the biggest trouble.
Computers are complicated. Microsoft has tried to make it usable by non-technical users while at the same time incorporating the latest and greatest online technology. The home computer is as secure as the person running it makes it. There has alway been a conflict between computer usability and computer security. Microsoft has taken some steps in both directions. Whether it is enough is a matter of opinion.
Patrick
By john noonan
August 25, 2007 9:27 AM | Link to this
You said: “But a study by the federal government found that in 2005 “out of 5,198 reported vulnerabilities, 812 were Windows operating system vulnerabilities, while 2,328 were Unix/Linux”
But, that study listed applications that actually were not part of Linux. The number of Windows vulnerabilities were all actually Windows integrated components. So your statement is incorrect. Nix systems are more secure, at least I can safely view a .jpeg file.
By Prootwadl
August 27, 2007 11:29 AM | Link to this
You can always re-install an operating system, and if you regularly back-up your data you will find that the worst injury you will suffer is the loss of a couple of hours to re-install your imperfectly secure windows.
It’s actually a lot easier to use a partition imaging utility like Drive Image or Ghost to take a snapshot of your Windows boot partition, and then perform a restore of the image whenever Something Bad Happens. :-)
I do this regularly for all OSes before I perform any sort of system update or major application install, and it gives me a nice way to return to a past state without having to rely on OS-specific recovery features (which I generally don’t trust).
By Prootwadl
August 27, 2007 12:10 PM | Link to this
One widespread myth is that — compared to any other operating system — Windows has more holes than all the nation’s golf courses together. You are told that Linux, Unix or a Macintosh using an operating system based on Linux are all bulletproof, while Windows is time bomb.
I think the claim that Linux, UNIX variants, MacOS (X or classic), and other platforms are “bulletproof” is a bit of a stretch.
All operating systems have flaws, and that is true of large-scale mainframe OSes like IBM’s Z/OS and Unisys’ OS2200 and MCP, not just OSes designed for smaller servers and/or desktop boxes.
Even the big players with long histories encounter problems now and then or make interesting design decisions.
The statement that Windows is a relatively insecure OS, however, is still a fairly provable statement — both in terms of its basic design, and also in terms of the specific implementations of Windows that have been created by Microsoft.
The study you cite has been roundly rejected and discredited on multiple fronts, BTW. Do a little bit of Google searching on the subject to discover the kinds of “Apples and Oranges” comparisons that were made by that particular study’s author.
Even if the basic Windows architecture were a sound one, the presence of subsystems like ActiveX are huge potential security holes. No OS designer in their right mind would create such a subsystem in today’s connected world, at least in this programmer’s opinion.
By George E
August 29, 2007 10:48 AM | Link to this
I’ve heard of accounts being compromised by “KEY COUNTERS” or those that can count your strokes to violate your security. My question: when you would type a normal 8 key ID, would it confuse the counter if you purposely “made” a mistake, back-spaced and then entered your real key?
By Bill
August 29, 2007 11:33 AM | Link to this
Hi George, I think you mean key stroke loggers. They literally record every keystroke. So, unless there really are key counters - and hey anything is possible - your method wouldn’t work. A keylogger would record everything, including the fact that you used the backspace key.
By PatrckB
August 29, 2007 5:09 PM | Link to this
George,
The technique you’ve heard about is this: you purposely mis-type your password with a few bogus characters and then this is the key use the mouse to highlight the wrong characters and then over-type with the correct characters. The key logger software can’t detect the mouse highlight and so it doesn’t know that the correct letters appear somewhere else and not at the end. I’ve never tried it because it’s too much work. :-)
By Rick
September 3, 2007 10:46 AM | Link to this
In addition to the above excellent criticisms, please note that most bugs discovered in any OS are discovered by the developers. Hardly ever does Microsoft disclose bugs they find. Linux developers always disclose the bugs they find.
Another flaw in the article: the Mac OS is not based on Linux. It is based on Unix BSD, a very different operating system.
By Bill
September 3, 2007 8:27 PM | Link to this
To see the criticisms that Rick is mentioning, you need to click on the earlier item called ‘Computer Myths.’