Bob's Tech Site


Previous | RSS | Next

Should Windows users be banned from the Internet?

Recent articles in the tech world from sites like ComputerWorld and VistaReadyGames (the links are no longer available) have been suggesting this harsh and radical idea. Recent distribued denial-of-service (or "DDoS") attacks from Windows PCs that took down Twitter, Facebook and other social networking sites could lead us to consider Windows completely unsafe and close our web servers off from them. But is blocking Windows users a good course of action, and could it even be achieved if we tried it?

Is Windows the problem?

The most common argument posed to excuse Windows security is that as the dominant operating system (or "OS") it is the main target of hackers. This is true to an extent, but as the market leader it also gains the benefits of the top security software companies in the industry and the benefit of security experts in Microsoft itself and its business clients. The key issue here is generally the user. I am not saying Microsoft is totally blameless here, but as we will see in subsequent sections there are several good reasons why Windows is as insecure as it is.

Windows must maintain compatibility

We all saw the outcry when Windows Vista was released and the world cried, "Hey! My old software doesn't work. This operating system is terrible!"

The result is that deprecated and known-to-be-vulnerable components of the OS have to be maintained for compatibility purposes (and subsequently patched and re-patched for each vulnerability). Users then happily run their bug-riddled software and blissfully wonder why they have to download updates all the time.

Microsoft has tried to remedy these problems to an extent by flagging up an absence of security software, rewriting much of the kernel in their latest releases and offering "XP compatibility mode" in a packaged virtual machine instead of baking it into the operating system, but Windows will still have many of these problems moving into the future as there is no obvious solution to this problem.

Most Windows Users are still using Internet Explorer 6

Despite recent campaigns such as (there are over 70 sites of a similar ilk) IE6 still remains popular. It is a relic of the last browser war where Netscape Navigator was squeezed out of existence before Internet Explorer was left to stagnate. It hasn't been too innovative since the turn of the millennium, and as a result is also the chief cause of most security problems because malicious sites target this browser specifically. Microsoft moved to IE7 by default for Vista, but the corporation can't force Windows XP users to upgrade IE6 until they finally deprecate Windows XP.

Most Windows users don't have adequate security software installed

Despite the best will of PC World and other boutiques' sales teams attempts to sell expensive copies of Norton 360 and McAfee Security with all new machines, most Windows users have little or no security software installed. This isn't always intentional, and is usually caused out of ignorance or simply failing to renew their subscriptions once their protection has expired.

These people come from the same majority which open random emails with dodgy attachments, (ironically) run bogus anti-virus checkers on the net and click ‘OK' on every pop-up. Unless someone who knows better tells them otherwise, they will continue to do this. Microsoft has added security centre to nag people about not having adequate security, but unfortunately it doesn't work in the majority of cases as it does not motivate people to protect themselves.


It pains me to say it, but Windows is not the beginning and end of the problem. Microsoft is making the operating system the majority of people want. Unfortunately for the internet, the majority of Windows users consist of non-IT literate people who demand everything works without hassle, whatever the consequences (before I get flamed, I am not saying ALL Windows users are like this, but it tends to be the opinion of the general populace as I have experienced them on forums and whose computers I wind up fixing).

What can we do?

The answer is NOT to ask everyone to buy a Mac or install GNU/Linux, BSD or some other Unix variant over their Windows partition. Nor is it the answer to filter every Windows user from the internet, which would be a logistical nightmare and take out the vast majority every-day users (but seriously please partisan supporters of alternative operating systems).

The answer is to re-educate people. As they start using these services and becoming components in botnets, direct them to security software. If they don't want to fork out for one, simply suggest free alternatives they can download from the net. They are usually just as good, or in the worst case are better than nothing. If all else fails, act like an insurance salesman and point them to a folder of their beloved family photos (which won't be backed up) and while they're reminiscing about those occasions tell them what will happen if they don't get security software. Persistence is the key and unless people are motivated to protect themselves they won't.

Also, by posting in forum signatures, personal websites and social networking profiles in prominent places that Internet Explorer 6 users need to update their browser you can increase awareness of the situation. Some users don't even know what a browser is (they just assume "the blue E" is the only way to access the Internet), so be patient and answer any questions calmly. If everywhere they look on the net views their browser with disdain they will do exactly what most consumers always do in that situation: get a new one. Even if they stick with Internet Explorer, we still raise awareness about what a browser is and why it is important to update.

If Windows 7 sees the rush we're all expecting from the hype IE8 might make this a moot point, but in the meantime it is important to send people this message.