howtogeek at April 2nd, 2013 11:49 — #1
Originally published at: http://www.howtogeek.com/141944/htg-explains-why-windows-has-the-most-viruses/
We all know that Windows is the most malware-ridden platform out there, but why is that? Windows is the most popular desktop operating system, but that isn’t the only reason – past decisions made Windows a fertile breeding ground for viruses and other malware.
codinghorror at April 2nd, 2013 15:15 — #2
I still think the decision to let Windows NT users log in as root / superuser / admins by default is going to go down in history as one of the most expensive mistakes in computing history.
Unix got this right, never trust the user by default, always sudo to superuser / root when you need it!
geek at April 2nd, 2013 15:28 — #3
And of course, when Microsoft tried to fix this problem with User Account Control, everybody revolted and the Vista hate was so bad the OS never took off.
Fresh coat of paint, temper the UAC popups slightly, and rename it to Windows 7... and everybody loves it, even though it's the same thing under the hood.
And now everybody is hating on Windows 8, which isn't unreasonable, but it's very likely that Windows Blue will be well-received even though it's just a service pack. I think people just like to complain.
What's interesting is our Windows 8 book has 104 reviews on Amazon, and the vast majority of them are people complaining about Windows 8 (while still giving us a good rating, thankfully). When we run articles about Windows 8... almost no pageviews. People have some serious hatred of the new Start screen.
sam at April 2nd, 2013 15:33 — #4
Not me ... I never ever see it thanks to http://www.stardock.com/products/start8/ .
mmitchell151 at April 2nd, 2013 16:24 — #5
I too agree!
I gave Windows 8 a try to see how it was I work IT and wanted to at least get a feel for it. I'm not a big fan of the Start screen but think it will improve as more Modern UI apps are made.
Yes people do like to complain, while I use Windows machines at work, I prefer Linux on my home computers. I had always been a KDE user on Open Suse and remember all the fuss that everyone made when Gnome 3 came out. I just recently switched to Gnome 3 and love it. While I'm sure some minor changes have been made to it since then I imagine it is still very similar to when it first came out.
jfitzpatrick at April 2nd, 2013 16:34 — #6
I've always been puzzled by that decision. It's not like they didn't have lots of computing history to look at when they decided to allow the average user so much power over their machine. If nothing else we'd have fewer problems with botnets and spam if limited accounts were standard.
xhi at April 2nd, 2013 16:46 — #7
One click and it's gone. Poof!
andrewrobert7 at April 2nd, 2013 18:21 — #8
Having it as default makes sense to me. Plus, it can be gone with a few clicks. It isn't much extra work to make them an average user.
anon_user at April 2nd, 2013 18:41 — #9
I love Vista and actually preferred it over Win7, that's not to take anything away from 7 but as you said it is basically the same kernel.
But windows is the most popular in terms of worldwide use and to think like a malware writer, you're bound to go for the majority vote especially if it means you can make a few £$ etc through the ransomware.
codinghorror at April 2nd, 2013 19:24 — #10
Safe by default is the correct default.
Unsafe by default is never the correct default.. this is like arguing that cars should not come with safety belts unless you install them "with a few clicks". Safety belts should be the default!
andrewrobert7 at April 2nd, 2013 20:05 — #11
how is admin by default unsafe? sorry typing with one hand
codinghorror at April 2nd, 2013 20:08 — #12
Further, due to the strong separation between normal users and the privileged root user, our Linux user would have to be running as root to really do any damage to the system. He could damage his /home directory, but that's about it. So the above steps now become the following: read, save, become root, give executable permissions, run. The more steps, the less likely a virus infection becomes, and certainly the less likely a catastrophically spreading virus becomes. And since Linux users are taught from the get-go to never run as root, and since Mac OS X doesn't even allow users to use the root account unless they first enable the option, it's obvious the likelihood of email-driven viruses and worms lessens on those platforms.
Unfortunately, running as root (or Administrator) is common in the Windows world. In fact, Microsoft is still engaging in this risky behavior. Windows XP, supposed Microsoft's most secure desktop operating system, automatically makes the first named user of the system an Administrator, with the power to do anything he wants to the computer. The reasons for this decision boggle the mind. With all the lost money and productivity over the last decade caused by countless Microsoft-borne viruses and worms, you'd think the company could have changed its procedures in this area, but no.
andrewrobert7 at April 2nd, 2013 20:18 — #13
Really? If it wasn't an administrator then nobody would be able to change who was and wasn't.
andrewrobert7 at April 2nd, 2013 20:23 — #14
Plus, OS X doesn't have as many viruses because it doesn't have as many people, which this discussion was about originally!
(I read the article, I know that there are other reasons too)
mmitchell151 at April 2nd, 2013 21:51 — #15
While yes the fact that Windows gives users more permissions by making them administrators, thats not why there are more viruses that effect Windows vs Linux or OS X. That just makes it easier for an attack on Windows.
Probably 90% of all the computers in the world use Microsoft Windows thats why there are so many more viruses that effect Windows they have a bigger target. If Linux or Mac had 90% of the computers that is where the hackers would be focusing their viruses at.
uart at May 7th, 2013 08:41 — #16
Aren't you guys forgetting something? This was the same company that pissed off alot of younger, less, powerful companies out there to date.
Back then Microsoft was stepping on alot of toes, locking people out of their own software either through the courtrooms, or just by "sheer bullying", creating their own 'pirated' versions of it (like Steve Jobs said) which lead to the birth of Win16-32 viruses of all sorts.
Companies like Peter Norton, 1dirplus (wonderplus), Borland, Netscape, Oracle, Sun and our own homegrowned Hilgraeve Hyperterminal - The list goes on... [google]
Hackers worked at these places and when the lights went out...
This is the main reason Linux is gaining momentum; People don't like parents in their lives once we get a taste of that open source! True.
the_caveman at October 28th, 2013 22:54 — #17
One thing that wasn't mentioned is that a large focus of the earlier versions of Windows was compatibility. Computers were long term purchases, Windows was fairly expensive and people viewed these machines as investments, especially businesses. They expected the PCs and all connected peripherals to remain functional for years. Having to replace a printer or custom piece of software because the new OS wasn't compatible was pretty offensive to some. End users viewed this as planned obsolescence and to them it was unacceptable. Consequently, Microsoft, in an effort to keep low skilled users happy, prioritized compatibility over security. At the time, this wasn't even a particularly bad thing. Until high speed internet connections became affordable to home users and small businesses, viruses didn't spread very efficiently. I think their main fault was to be slow and reluctant to change once this began to change. They stuck their head in the sand and by the time they realized their mistake, the damage was done and their reputation was cemented.
geek at July 11th, 2014 14:26 — #18
This topic is now closed. New replies are no longer allowed.