I just read this article on security advice by Kevin Mitnick and I’m equal parts pissed and laughing at it. It’s a classic case of ignoring the elephant in the room and it really makes me wonder where Mitnick’s integrity is since I don’t think he’s a particularly stupid person.

He starts the article with the old “We live in dangerous times. Evil hackers can attack you with their viruses!” line and then proceeds to outline ten steps he feels will increase your safety and security. Some are common sense recommendations that I agree with:

1. Back up everything
2. Choose strong passwords
3. Be diligent with applying security updates
4. Use encryption for sensitive data
5. Disable unused services
6. Use a firewall/router to restrict/limit access to your machine
7. Encrypt your wireless networks with uber-strong passwords using WPA

All these points I agree with. All are basic, simple, common sense things everyone should do, but often do not. His other recommendations are what give me pause:

8. Use commercial antivirus products
9. Use one or more anti-spyware applications
10. Avoid Internet Explorer and disable scripts in your email client

This is where I completely disagree. Recommendations 8-10 can be simplified to one step:

1. Stop fucking using Windows already

So many security issues are a direct result of using Windows and the shit programs that come with it. Yeah, you can stop using IE and Outlook and switch to a more secure browser and email client like Firefox and Thunderbird or whatever is fashionable, but honestly you’re just slapping on band-aids and not addressing the big issue. Windows is shit. Windows is insecure and Microsoft has a bad track record with security patches. The operating system was designed with the user as administrator. It’s bad. Forget about all the evil “hackers” out there writing viruses to take over your computer. Focus on the company that pushes an insecure and shoddy operating system and the parasite corporations that make their daily bread supplying antivirus and anti-spyware products. It’s a daisy-chain of fear. Do you think it’s in these corporation’s best interests to make Windows a truly secure and sane operating system?

I’m reminded of the whole “War on Terror” bullshit. “Terrorists can attack us anywhere. We are not safe. 9/11 will happen again.” These are statements to perpetuate a falsehood. To maintain fear and redirect attention away from the source of the problem to it’s spiral, spin-off resulting maladies. Do you think it’s in the best interests of Halliburton, Blackwater and the host of other corporations that benefit from the “War on Terror” within the United States and abroad for America to ever be “safe”?

The issue is not with the faceless virus and trojan writers out there. The problem lies with Microsoft, it’s dangerously insecure product and the mass of companies that have made an economy from “protecting” you when in fact all they are doing is perpetuating the problem. Yet, attention is redirected away from the sources of the problem and planted squarely on faceless, nameless and evil “hackers” from remote and foreign places that want to take control of your computer, your credit and ruin your life. You are told that you need protection (and as a Windows user, you most certainly do), strangely similar to the Mafia stereotype of the gangster extorting “protection” money from a shopkeeper, lest this same goon bust out his windows or burn down his business. In fact, this is a good analogy. Imagine this as a dialogue:

Goon: Youse want ta buy a PC, huh?
Consumer: By golly, I guess I would!
Goon: I got dis one here, real good price. I gets a discount, see?
Consumer: Wow, okay…sounds great.
Goon: No problem. But hey, listen…I like youse. You look like a good kid, so I’m going to do you a favor and clue youse in on da situations. Dis ain’t no safe neighborhood, see? Dere’s dese Russian hackers out dere that don’t give a fuck about youse wife and kids. Dey’ll rob youse blind, see? What youse need is some protection or else they can fuck you over real good, see. Now, like I’d said before, youse look like a smart egg so I’m goin’ to help youse out. I can give protection, see?
Consumer: Oh my stars and garters! Russian hackers! Nothing is sacred! Yes, please help me, you good man.
Goon: Hey, no problem. See, I’m a nice guy. A family man, you might say. But listen, I got a wife and kids too and I gots to provide. I can’t just do this for free, although I’d likes to. Tell ya what, you pay me dis amount of money a year and I make sure youse safe.
Consumer:Hot dog! That sounds like the plan! Here’s a check! Oh, by the way…what if I forget and miss a payment?
Goon: Trust me buddy, youse don’t want ta miss a payment. Jus’ trust me.

The danger is not with the invisible miscreants out there. The danger is with Microsoft, antivirus corporations and manufacturers that sell computers with Windows pre-installed, charging you for a license regardless of whether you intend to use it or not. It’s wrong. It’s dirty. It’s a genuine security risk.

If you can’t afford a Mac or want to be adventurous and perhaps learn a little, go Linux. From personal experience I can say that Ubuntu Linux is an excellent alternative (I currently use Kubuntu, a variant of the operating system). I love Linux. Mac’s OSX is a great system, but for me, Linux is where’s it’s at. Either way, just stop using Windows.

This entry was posted on Wednesday, November 15th, 2006 at 2:49 pm. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.