Do something

Windows 7大罪

Windows 7によってマイクロソフトはあなたのコンピュータの法的支配を確立し、その権力をもってコンピュータユーザーを利用しています。


"あなたのコンピュータとネットワークのセキュリティは2つの事にかかっています:自分のコンピュータとネットワークを保護する為に何をしているか、そして他人が彼らのコンピュータとネットワークを保護する為に何をしているか。 あなたが保護されたネットワークを維持するだけでは充分ではありません。もし他の人が保護対策を維持しない場合、我々はみな攻撃され易くなってしまいます。保護されていないコンピュータが多数インターネットに接続されていると、ワームはもっと素早く、もっと大規模に広がり、分散型サービス拒否攻撃がより簡単に世に送り出され、スパマーがメールを送信する為のプラットホームが更に多くなってしまいます。インターネット上における平均的なコンピュータが保護されていなければいないほど、あなたのコンピュータは安全でなくなります。"

-- Bruce Schneier

But how do you know your computer is secure? If you're using proprietary software, you don't! With free software, even if you don't have the skills to evaluate the software, you can be certain that someone else can.

Windows has a long history of security vulnerabilities, enabling the spread of viruses and allowing remote users to take over people's computers for use in spam-sending botnets. Because the software is secret, all users are dependent on Microsoft to fix these problems -- but Microsoft has its own security interests at heart, not those of its users.

In 2005, a vulnerability was discovered that affects all versions of Windows from Windows 3.0, released in 1990 until Windows Server 2003 R2 from December 2005, with XP and later versions most severely affected. The problem, which affects the Windows Metafile image format, a format commonly used for clip-art and other vector images. Files containing specially crafted 'Escape codes' allow for arbitrary user-defined function code to be run when displaying the image fails.

Security researcher, Steve Gibson, believes the flaw may be intentional, too.

The situations where such files are viewed is wide:

  • Viewing a website in Internet Explorer.
  • Previewing an image on your desktop or using Windows Explorer.
  • Previewing an infected email in Microsoft Outlook or Outlook Express.

Microsoft even introduced a new class of malware, the macro virus -- allowing seemingly innocuous spreadsheets and word processing documents to contain malicious programming code in Microsoft Office.

Part of the issue of Windows security comes from the fact that that by default, administrator accounts are used and expected by many applications -- these adminstrator accounts also allow malware to attack the operating system.

In free software this would be treated as both a technical issue and a social problem -- if software needs to do things as an administrator, it needs a good reason to do so, and if it prevents users from doing the job without risking their privacy and security, it is anti-social.