Noodiversity

Montréal, 27 Aug 2003

A while back, I wrote of how much more interesting diversity is in magazines that have really tough crosswords. Essentially, it's nice to have a checkered relationship with your reading material, to want to throw things at some of the columnists while knowing that there are friendlies writing in there as well. The magazine can’t represent everyone, but it is comforting to feel that the window the magazine provides on the world lets one see both trenches in some battles.

With the reactions to a really bad month of virus infections (including the first time I've had to deal with a non-hoax virus since 1992 ... on a pair of Windows 2000 machines nailed by the Blaster worm), my first reaction (true to expected form) was along the lines of “Macs rock”. Well, they do, but in addition to all the usual stuff, Macs’ relative rarity rocks. That rarity has saved all us Mac users from a lot of virus-related stupidity, I would expect.

Back in 1992, I purged the aging family Mac Plus of nVir A and B virii using the venerable freeware Disinfectant. At that point (and not for much longer), each OS was more or less its own community. Mac users swapped floppies and even sometimes binaries on pitifully small Mac sections in BBSes, and users of DOS and the occasional brave Windows user had their own, somewhat larger circle of data movement. Mac and PC users interfaced in person, by teletype and on the printed page. Reading a DOS disk was still an ordeal for Mac users and your average DOS machine knew nothing about Mac. So, if a floppy was travelling from point A to point B, it was likely A and B were running the same OS. If A were infected with something nasty and put bits of it on B (and many Mac floppies were full boot disks at that point in time, to reduce the interminable disk swapping one had to deal with on single-drive, hard-disk-free machines), then B could become infected.

Now, something like 80% of my correspondents are PC users (less than in the general population because a Mac user tends to draw or convert other Mac users, and because I'm in the education and arts sectors), if they get a virus and send me infected files, I don't become infected because Windows virii don't run on Macs. If I open a macro-virus-infected Word document using conversion, the macros usually get mangled or stripped, so no worries there. If I get a Mac virus and send it to my Windows compadres, something similar happens and I turn out to be not much of a vector. Some 20% of my correspondents are at risk. Some of them are probably running Classic Mac OS, and if it does bad things to OS X, it may not “work” for them. Because I'm usually sending straight text, HTML or PDF-from LaTeX, it's unlikely I will be sending anything executable at all. I have the built-in OS X firewall up and running, but otherwise I live in blissful peace, virus-wise. Not entirely because OS X is built on a pretty bombproof framework and is lovingly updated in Cupertino at regular intervals, but just because it can be a few jumps in some directions before I hit another potential carrier of the largely hypothetical Mac virus.

Lumping all of Windows together for a second… my Windows friends are in a different situation. They likely have a Windows-use rate over 80% among the people in their address book, and an MS Office saturation of close to that if not more They’re fantastic vectors for infection, unless they’ve taken the time to install firewalls and virus detection software. Windows may be built to allow some pretty disturbing things (“seamless execution of remotely-requested processes” is not a capacity I’d want. I want logins, warnings and dialog boxes before someone messes with my computer from afar), but its ubiquity is its real weakness. The overcrowding is reducing the distance the fleas need to jump.

Blaster is interesting in this respect: it is happiest on recent, high-tech versions of windows. The older cousins (95, 98) and the dumber cousin (ME) were blissfully under-powered and didn't have the “feature” of an RPC server-thingy, complete with gaping holes. Blaster could've been much worse, I imagine, if it had exploited a feature common to all Windows implementations. So a bewildering diversity of Windows-this and Windows-that was good for Windows users: not just the lucky low-powered ones, but the ones who got infected a little slower or got hammered by somewhat less garbage traffic due to the lack of epidemic among the peasants. Further Babelization, with each security hole appearing in smaller portions of the population, would slow a virus further, I would imagine.

But… what about compatibility? I want to communicate with the other computers out there, my Mac already has to learn weird things like Windows File Sharing and CDs that eat long filenames. What if it had to learn the obnoxiousnesses of the descendents of BeOS, NeXTStep, Amiga, Commodore and OS/2 Warp, in addition to some upstart every few years? The answer is simple, if you ask me: standards. XML, Java, LaTeX... whatever. Hopefully, although the formats will be consistent and exploits will be written out of the standards, the bugs on each platform will be different. The conditions to Blast a Commodore would differ from those required to disable Steve Jobs’ Next Insanely Great Idea (be it Mac or NeXT). And so a virus-writer would get less bang for their effort, not just in terms of how many targets are available of a given OS, but also the distance a virus has to travel across uncooperative computers would be increased, and the number of easy targets visible from each infected computer would be reduced.

I won't pretend to expect an eradication of virii under this scenario: large organizations standardized on one OS would still be juicy targets, and someone would probably work out a virus of such infernal beauty that it could hit some significant fraction of the computing world... but virus successful writing would be much harder, and when the real show-stopper arrived, it would be an interesting piece of computer science, I imagine, to dissect the virus once CS departments recovered from the damage, so there would be some redeeming social value.

So, to everyone running a minority OS, take heart, ignore those arguments over performance and feature lists (you know you should win them, but arguing them is like beating your head against a brick wall). Rest contented, instead, with the one feature of your OS Microsoft will never engineer, buy or copy: eccentricity.