The Open Source

SAN MATEO (05/23/2000) - This week Linux fans kept me up late at night reading mail about why the "I Love You" virus, worm, or Trojan horse (depending on how you prefer to classify it) demonstrates that Microsoft Corp.'s Windows architecture is inferior to that of Unix.

Frankly, I never thought there was any question as to whether Unix is superior to Windows, although I should add that being superior to Windows is hardly a gargantuan achievement.

If you had asked me last week, I would have told you the weak link that allowed the "I Love You" virus to do so much damage was Microsoft Outlook. The flood of letters made me realize that it is not enough to stop there. But even after I considered all the issues my readers raised, I still don't think Linux is the answer to this problem.

Neither is the answer virus-detection software, nor is it mail filters designed to catch problems at the mail server. In most cases the only way to know when to look for a virus is after you find out it is loose by the trail of damage it leaves behind. By then it is too late for many people to use virus-detection software or e-mail filters to protect themselves.

You may be surprised to hear that I do not believe the answer is to cripple Outlook by disabling its capability of running attachments as programs.

It irks me that many technical users who were smart enough to avoid opening this particular attachment seem to feel superior to those who were caught by the virus. But I challenge those users to give me a legitimate technical reason why people should not be able to open any attachment to any e-mail message.

Why isn't it preferable to create an environment where people don't have to know the difference between opening a file to view its contents and opening a file to run its contents? Most people I know don't want to know the difference between viewing and running a file. And I don't think they should have to.

Every reason why you can't safely open an executable e-mail attachment today can be traced back to a flaw in the design of the mail program, operating system, or both. But the concept is sound.

In that case, Microsoft is doing the right thing by attempting to deliver what people want. Where Microsoft has gone wrong is by delivering what people want without enough regard for the safety they need.

Microsoft has added a safety feature here and there, but in fact there is really only one reliable way to give users what they want without sacrificing the safety they need: You design the typical desktop computer to run programs only within a tightly controlled security sandbox.

Yes, I'm talking about network computing. No, I'm not talking about the Windows Terminal Server kind of network computing. Terminal Server is just warmed-over thin clients. And thin clients simply move the point of vulnerability from the client to the server, with potentially disastrous consequences.

I'm talking about Java-style network computing, although Java itself isn't the issue. The real issue is the capability of running applications without allowing them access to anything but the obvious necessities such as display, keyboard, and mouse.

Microsoft can deliver this kind of environment. But it won't. The only way to build a truly safe execution environment for applications is to insulate them from the guts of the system. In other words, to make Windows safe, the Windows execution environment has to become more abstract.

This creates a big problem for Microsoft. A safe, abstract execution environment is relatively easy for competitors to reproduce on platforms other than Windows. And we all know which way the decision will go if Microsoft has to choose between its hold on the desktop and the safety of its customers.

Yes, Linux is already safer than Windows, but it isn't bulletproof. If Linux advocates want to capitalize on the failure of Windows to deliver a safe environment, Linux programmers should prove it can be done. One way might be for the Linux community to fully embrace Java.

Regardless, Linux alone won't solve the problem. Network computing will.

Nicholas Petreley is the founding editor of LinuxWorld (www.linuxworld.com) and works with Linux Standard Base. Contact him via e-mail at nicholas_petreley@infoworld.com.

Join the newsletter!

Error: Please check your email address.

More about Microsoft

Show Comments

Market Place