I've been so busy patching all my Windows machines lately that I don't have any time to enjoy how Microsoft has made my computing experience easier and more fun. Like you, my days and nights have been eaten up by a worm named Blaster, MSBlast, LovSan or whatever the little wriggler is calling itself now. (Can't these hackers make up their minds?) Just when I get a moment's rest, the worm keeps slithering back because it's merrily running on a gazillion PCs out on the Net.
 The owners of these computers failed to install a security patch Microsoft posted July 16. eWEEK Technical Director Jim Rapoza may have been thinking of people like this when he wrote in his Aug. 4 Tech Directions column that today's PCs are too powerful for untrained individuals. People shouldn't buy a PC, Rapoza wrote, unless they're willing to learn all the aspects of controlling it.
That's an intriguing notion, but I'd turn it around. Perhaps Microsoft shouldn't be able to release a new version of Windows until it's been examined, line by line, by a panel of outside security experts. Think of this brain trust as the Supreme Court of Software. When this group gives its seal of approval to the code, out to consumers it goes. (Microsoft could call the newly idiot-proofed operating system Windows for Dummies.)
Read eWEEK's special report on Windows security issues.
How would such a panel come to be? Many executives in the computer industry don't seem to want any yucky consumer protection stuff to become law. So we'd have to implement this without relying on government intervention. Instead, we could use the private market.
The next time Microsoft wants to claim that one of its operating systems is "the most secure version of Windows ever," corporate leaders would sit on their purchase orders until the Redmond, Wash., company posted a security bond. To make it adequate, the bond would be, oh, let's say, $50 billion. Microsoft has that much in its cash reserves alone, and the funds are just lying around doing nothing. We could put that money to work and get the economy moving.
If your enterprise was hit with a costly worm due to poorly tested Windows code, you could surf to a Microsoft Web page and simply withdraw an amount of money equal to your staffing and downtime expenses. To keep anyone from dipping into the fund more than once, each of us could type in our own unique Windows Product ID numbers.
Do I think this fund would actually get established? It's as likely as SNOBOL's chance in hell. (If you're naughty enough to be sent to the underworld, you can't program in SNOBOL because the daemons make you use MS-DOS 1.0 for eternity.)
On the other hand, there is a precedent. Many manufacturers of surge protectors guarantee to repair or replace your hardware if it's damaged by an electrical surge while connected to their gizmo. These manufacturers exhibit confidence in their products. Anyone who's met Microsoft CEO Steve Ballmer knows he radiates confidence. Perhaps he'll be bold enough to restore faith in his company with a "We'll eat your worms" money-back offer.
Click here for more on worms.
It's not as if Microsoft lacks resources. In recent financials, the company showed an 85 percent profit margin on Windows. In countries where Linux is a stiff competitor, though, the margin drops. In Thailand, Microsoft sells Windows and Office together for the equivalent of $36, according to an Aug. 14 Wall Street Journal article. The difference between $36 and the combined $300 or so street price that's paid in the United States is a kind of "stupid Americans" tax. That would finance quite a worm fund.
I find it interesting that Blaster and related worms affect only the more "advanced" versions of Microsoft's operating systems, including Windows 2000, Windows XP and the new Windows Server 2003. According to Microsoft, Windows ME isn't vulnerable.
Funny thing, that's exactly the version that's running on one of my old, vintage laptops. I sometimes take it with me when I travel. So unless I uncharacteristically become an early bird, I won't be catching any worms. Discuss this in the eWeek forum.
Brian Livingston is editor of BriansBuzz. com and co-author of "Windows Me Secrets" and nine other books. His column appears every other week in eWEEK. To send tips, visit www.briansbuzz.com/contact. Send your comments to eWEEK@ziffdavis.com.
|
