Performance versus security

By Martin Courtney
04 May 2005 View Comments
A Computing logo

There are apparently more holes in Microsoft operating systems than there are in a Swiss cheese, and this continues to present a dilemma to both consumers and businesses.

One course of action is to accept and install every single fix and patch that Microsoft issues (which can be annoying and intrusive enough in itself) while also making vain attempts to stop further attacks by installing every single category of security utility under the sun.

Or, alternatively, users can throw caution to the wind, eschew any type of security fix or protection and enjoy a desktop PC with a decent level of performance. In other words, it seems to be a choice between security or being able to use a PC that isn't overburdened by a myriad tasks running in the background, periodically interrupted by scans of one type of another.

At last week's InfoSec show there were numerous examples of security tools, ranging from anti-spyware to anti-spam and antivirus systems. The developers of these must surely greet each newly announced vulnerability with the barely concealed glee of ice-cream salesmen at the beginning of a heatwave.

As well as encouraging the IT industry as a whole to take a reactive rather than a proactive approach to security, pushing out flaky, hastily constructed security tools onto desktop PCs to plug the holes makes life doubly difficult for support personnel.

Patch management and vulnerability testing have already become two of the most time-consuming tasks that IT departments have to perform, and this is made harder by the rising number of helpdesk requests caused by running so many "invisible" programs.

If we take the example of firewalls, I've lost count of the number of times I've been called upon by friends or family to sort out problems with their internet access, only to find that a firewall is the culprit, as it has decided that the most secure configuration is not to allow any web traffic onto the system at all.

Of course, there is the other option open to Windows users who are fed up with having to plug security holes on a regular basis, and that is to switch to an operating system that doesn't seem to have quite so many vulnerabilities.

Microsoft argues that Windows is simply a victim of its own phenomenal success, and that the main reason hackers target it is because they know that they can inconvenience the maximum number of computer users worldwide. This may be true to some extent, but it does not absolve Microsoft, or any other vendors, from the responsibility to ensure their software is as secure as possible in the first place.

Building safe operating systems with more stringent user and application control doesn't seem too much of a difficult thing to do, and would find ready supporters both in businesses and at home. Of course, it might also put a lot of add-on security utility developers out of business.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

35 %
31 %
14 %
20 %