August 12, 2009, 6:10 PM — I often point out that Windows is insecure. It's so insecure, in fact, that I, in all seriousness, propose that ISPs (Internet Service Providers) should start forcing users to secure Windows-since neither users or Microsoft will do the job, Windows PCs should be banned from the Internet. That said, nothing, and I mean nothing is really secure.
People keep having this delusion that security is a product. That, if you just buy some magic box, you'll have a program or an operating system that's as secure as Fort Knox. Or, if they just use a Linux desktop or a Mac, they'll be safe. I wish!
It doesn't work that way. Security is a process, it's not a product. Some systems are more secure than others. Linux, as anyone who pays any attention to security news knows, is a lot more secure than Windows. If we were talking cars, Linux would be an Audi A4, the Mac, BMW 330 and Windows would be a mid-70s Ford "Hit here to blow up" Pinto.
But, any car can be in an accident, and any car can be hit hard enough to junk it. It's all about the odds and driving safely. Driving safely on a computer or a network means knowing, and using, their available security features. For example, any machine that's exposed on the Internet should have an enabled firewall.
Without one, it's like leaving your car keys and a bottle of rum in the front-seat of your unlocked car. You're just asking for that car to vanish.
You should also, no matter what operating system or program you're running, make sure you install all the security patches as they come on. Period. End of statement. You don't want to wait a week because these days, the second a fix is made public, the crackers are busy releasing zero-day exploits. If you wait around to install a fix, chances are good, especially if you use your PC a lot on the Internet and it's running Windows, that it's already been compromised.
So, in short, if you want to avoid wrecks on the information superhighway, you need to learn to be a safe PC driver. If you keep up-to-date with patches and security software you should be fine. If not, well, don't be surprised if you find your PC busy attacking Twitter one day and turning over your credit-card numbers to professional thieves the next.