Comment Articles

Model security from Microsoft?

Published: 12 Mar 2004 11:55 GMT

The company still hasn't put an indicator on the desktop for the most basic security function: backing up data. Yet the service pack represents a solid step toward helping the overwhelming majority of customers who are not security-conscious enough to secure themselves.

Microsoft's focus on ease of security also offers an instructive example for the Linux world.

Historically, Linux has enjoyed an advantage in design and user education. Linux inherited its strength in design from Unix. In contrast, Microsoft has had to make sure that its products remained backward-compatible with its original Windows infrastructure, which treated security as an afterthought. Moreover, Windows users tend to be far less tech-savvy than those who use Linux.

However, from its Protect Your PC campaign to the coming service pack, Microsoft appears to have "got religion" about the subject. If Linux is to appeal to the general public, security must get easier.

Linux does have a wide variety of tools to secure a computer running the open-source operating system, but administering a system using the tools is relatively difficult. One tool, Nmap, checks for open data channels, known as ports, that could be vulnerable to an attacker; the tool, however, does not analyse which ports might be threats.

Another tool, Tripwire, creates a digital fingerprint of each important file on a computer and tracks changes to those files. While the software provides good security, it is so hard to configure and use that most users don't try to run the security check. (A company, also called Tripwire, makes a full-featured commercial version that is much easier to use.)

And a good backup utility that doesn't require magnetic tape is still hard to find.

As Linux slogs toward becoming a viable desktop alternative to Windows, proponents know that the battle may hinge on the ability of developers to integrate such security into major distributions. What's more, they must find ways to represent the results in an accessible way for average users. Speaking about the Linux user interface in general, Linux luminary Eric Raymond said as much in a blog that he posted recently.