August 4, 2003

'Scuse me, ma'am, do you have a license for that computer?

- by Lee Schlesinger -
Should computer users be required to qualify for a license before they're allowed on the Internet?

After all, you need a license to drive. The idea is that an objective party can certify that you can operate a potentially dangerous vehicle in a community full of vehicles, to ensure the safety of others as well as yourself. Leaving a driver unlicensed could result in grievous personal harm and substantial economic damage. (Of course an unlicensed driver could be one of the best on the road. In other words, lack of a license doesn't mean a driver is unskilled. The licensing mandate is designed to bring those who are not well-trained up to a certain standard.)

The only difference between operating cars and operating computers is that computer drivers are unlikely to injure anyone (unless they drop a monitor on their foot). Insecure computers, on the other hand, are fly paper to malware that can damage the owner's computer and those of others on the same network, leading to wasted time at best and potential economic harm.

I offer the idea as eWeek is publishing a Chicken Little story about "brewing hacker activity." Apparently experts are worried about hackers exploiting a serious bug in all versions of Windows that was discovered two weeks ago.

I sympathize with the poor Windows users. Most of them didn't choose to install an insecure operating system. When they or their employers bought their computers, Windows came with them; most hardware vendors don't offer any other choices, thanks in part to Microsoft's unfair and anticompetitive practices in the '90s.

Now they're stuck with a few unpleasant choices: keep current with the almost weekly patches from Microsoft (an impractical tasks for anyone but individual users); add firewalls, virus detection software, and other hardware and applications to plug the gaps in the operating system; or switch operating systems to something demonstrably more secure, such as Linux.

I still use a Windows computer alongside my Linux laptop. When I ran Windows Update on it earlier this week, it found 16 serious operating system flaws it needed to patch. The process took several days because not all the patches installed the first time -- many of them hung during the patching process. No organization can afford to spend so much time managing routine security upgrades across all their PCs..

Someday, some software developer is going to make a fortune by writing an application that searches a Windows PC and creates a configuration file that a Linux installation program can use to install the settings and applications that correspond to what's already installed under Windows. An application like that is a crucial missing ingredient in the recipe to make migration to Linux relatively painless.

Until we have such a thing, why not require users to know the fundamentals about maintenance, upkeep, and security before we let them drive off the lot, or at least before they hit the information superhighway? I hate bureaucracy as much as the next guy, but a little training up front could stop a lot of heartache down the road.

- Write for us - and get paid! -

Category:

  • Security
Click Here!