“Trojan-ridden warning system implicated in Spanair crash”

It should have become obvious to people when the north-eastern US power outage happened a few years ago: malware is dangerous. The computer world is riddled with flaws that make it possible for a kid playing around on the computer in his bedroom (or more recently, a programmer writing a Trojan intended to steal money from bank accounts) to, all unaware, bring down vital services for a huge area, or as in this case, contribute to bringing down a plane.

What to do about it? Well, the first thing would be DO NOT USE AN INSECURE FREAKIN’ CONSUMER OS LIKE WINDOWS ON VITAL CONTROL SYSTEMS!

A report released earlier this week says that 99.4% of malware is written for Windows. Why? It’s not just because Windows is the most common OS today, running on an estimated 80% of consumer systems; there are many more Linux servers running on the Internet than Windows ones, yet malware that targets servers (or tries to automatically run on any system) is almost exclusively aimed at Windows systems.

Windows was designed as a single-user system. Security is hard to do and annoys people, so programmers won’t design it into single-user systems. Such systems, the thought runs, don’t need to protect themselves from their user, because if the user does something stupid, he’s the only one that suffers. They don’t need to protect users from each other either, because there’s only one user to deal with.

Malware that targets people is also inevitably targeted at Windows, because Windows users can easily be tricked into letting such programs run. They’re trained to let programs run, not to think about whether they should let them run.

The problem is that when you try to bolt on security as an afterthought, it leaks like a sieve. There’s no defense-in-depth, all a malicious person has to do is get through a single layer of security and he owns the OS, and the machine it runs.

I doubt much malware will ever be written for Linux, and certainly not successful malware. Linux is based on a multi-user OS that was designed from the ground up to protect the system from its users, and protect the users from each other. On a Linux machine, only a system administrator has the power to open the system to that kind of subversion; even if a user does manage to install malware, he can only damage his own files with it, he can’t infect the system itself or the files of other users. The model had survived decades of bored college students before Windows was even a glint in Bill Gates’ eye.

The upshot: there is a secure OS, easily and freely available today, that will prevent disasters if used on industrial control systems. It is called Linux. Windows is not an equally-secure substitute, no matter what Microsoft claims, and it never will be.

Nothing’s going to change because of this post, except that I feel a little better for saying something. Businesses are still going to choose Windows, because a company like Microsoft, and an OS like Windows, is “too big to fail” (sound familiar?). Linux will continue to get the short end of the stick, except in places where technical people are given free rein and an absolute minimum budget (like server rooms). And disasters like Spanair flight 5022 will continue to happen. But some day people will start to put two and two together, and Windows will slowly be banished from control systems everywhere. Let’s hope it starts happening soon.