Open Windows

Written By : Wayne Brooker
July 2004

Perhaps like me you've sat head in hand through Windows' lengthy installation procedure and read the hype splashed all over the screen in a rather feeble attempt at keeping us amused while several thousand Megabytes of bloatware are pumped onto our hard drives.

One of the things that attracted me to Windows XP in the first place was Microsoft's crowing about it being their most secure operating system to date, a claim that now looks slightly ridiculous in light of the almost endless barrage of critical security patches that they shamelessly throw at us.

When I use my computer my needs are usually quite straight forward. I want a productive tool that's both reliable and secure. I'm happy to have paid a little more for useful tools like a calculator, or even a media player if it supports enough formats, but I don't want half-baked movie making apps or chat software that's so woven into the fabric of my operating system that removing it is like getting chewing gum out of your hair.

Over the past twelve months I've sat in a festering state of anger watching helplessly as my taskbar grows fuller and fuller, not with useful stuff that could actually help achieve my tasks, but with software doing all the basic security tasks that should already be handled by my far-from-cheap operating system. SpywareGuard, Zone Alarm, Pop-up Stopper, Anti-Virus software, it all eats at my resources and serves to nothing more than allow me to operate in the relative safety that should be afforded me by my operating system. It seems I'm wasting an increasing number of CPU cycles protecting my data rather than working with it!

Precisely why is it that it's so easy to hijack my system? What kind of basic safeguards are missing from Windows that some idiot somewhere can remotely change my home page and my search settings? What is so dreadfully wrong that, without my knowledge or permission, icons can be plonked straight onto my desktop, or registry entries written or changed so easily and furtively?

If someone kept breaching the boundaries of my property and leaving things on my lawn I'm sure the police would at least pretend to take the matter seriously, so why is this breaching of my PC not treated in the same way? At the very least this is trespassing, if not something a whole lot more sinister, but I'll bet good money nobody in a position to do anything about it would be in the least bit interested in my weary complaints.

So who's accountable when some piece of malicious code breaches your operating system's absent security and changes your dial-up settings so you spend the next few hours on a £5 per minute premium rate number? Or tracks your browsing habits reporting back to companies who then either bombard you with spam or sell on your information to others? Should we all be prepared to pay a small sum to fund a regulatory body to police this type of problem or should this be directly paid for by the operating system vendors? And despite the Internet's foundations in freedom of speech and anonymity, has the time now come to take steps so that people can be more easily tracked without the cloak of false identities and virtual servers they can so effectively hide behind at the moment?

I fully understand that it wouldn't be fair to lay all of this at the feet of Bill Gates, one of reasons for Windows' poor security record is due to its worldwide popularity which inevitably means it becomes a much bigger target. He does however have to shoulder some of the responsibility for the ridiculous ease with which Windows can be breached, and I don't mean by offering cash rewards for grassing on worm and virus authors AFTER the damage has been done!

Let's be honest, any other business selling just about any other product would have been forced to close its doors by now if its product were as badly flawed as Microsoft's are. Sell me a TV that I have to keep modifying to stop my neighbours changing the channels and watching porn through my living room window and you can bet I'll be straight back to the store demanding a refund. Sell me a shirt with a tracking device sewn into it that logs my movements and reports back to a central location and you can be sure the authorities would be involved in no time. So what's the difference? Does the virtual world mean we have to accept virtual law? Is the invasion of our privacy online any less of a crime than the invasion of our privacy under any other circumstances? And if not, then who's doing anything about it?

Forget about convoluted security settings and "trusted" websites. This is the 21st century and my operating system should be smart enough to know when something suspicious is going on and alert me to it. Not with some strange error code that takes a fortnight to decipher, but with a simple and straightforward warning and request for approval. All additions to my system should be logged by my operating system and removing any of them, along with their associated registry entries and changes they've made, should be as simple as a click of the mouse.

I love the Internet and all it represents, but I can't help but believe that so many of its problems are caused by its single biggest strength, anonymity I'd have no problem with having to register my details, my REAL details, with a trusted Internet body who I knew were not going to reveal them unless forced to do so by the courts, and then be issued with some kind of identity/activation number that was required in order to operate on the 'Net. You can bet that I'd not be browsing kiddy porn sites or distributing malicious code if I thought the trail led straight to my door. A simplistic view maybe, and one that will have the privacy purists chomping at the bit, but I'm sorry, if you've nothing to hide then you've nothing to fear. And like I mentioned, getting your details would be a function of the courts and you'd have to have done something pretty serious before this happened. I'm not advocating mass prosecutions for ogling women of few clothes, or even for taking a curious read through some bomb making site, I'm talking about the planning of a terrorist attack where an email is intercepted, or tracking the source of a virus that's just brought down multinational industry and cost them millions.

There needs to be a simpler way to identify the real identity of users on the 'Net in extreme circumstances, and whether that comes though some kind of registration scheme or as a result of the tightening of current protocols that let people operate from behind a shield of smoke and mirrors doesn't matter. The medium that once let us all have our say without fear of reprisals is now letting lowlifes take that same medium and slowly destroy it from the inside without fear of reprisals, and I believe we may need to sacrifice some of our cherished freedoms in order to track these degenerates down and deal with them properly.

+++

We'd love to hear your thoughts on this article. Just follow This Link.
You may even win our monthly "Star Letter" award!
     
Website Design and Graphics Copyright Wayne Brooker 2004
All images Copyright 3DVelocity.com unless otherwiste stated