Practicing my holiday pontifications

I love fan mail, especially when it abuses my intelligence and/or lineage. But failing entertainment, the best thing I get from fan mail is (drumroll, please) … my next column topic!

Free IT resource TechNet: More ways to know it, share it, and keep it running. Sponsored by Microsoft Free IT resource Attend the SOA Executive Forum: Breaking SOA Bottlenecks SOAExecForum.com/may2007 Sponsored by InfoWorld

This week, I have Susan Isola of western Pennsylvania to thank. She wrote to ask about firewalls and the Mac platform's vulnerability to viruses and spyware. This is perfect timing because I need to rehearse my "Why your next computer should be a Mac" speech that I deliver to my family and friends over the holidays. It goes something like this:

"When one's the bad guy -- whether writing a virus or wanting to steal someone's data -- the smart strategy is to target the largest group of machines. Windows accounts for 90 percent to 95 percent of the systems in use today, and for every Linux or Mac virus, there are a thousand viruses for Windows. (No, my numbers aren't exact, but the gist is accurate.)

"Computers running Mac OS X or another BSD/Linux derivative are immune to attacks that are tailored for the Windows environment. Note the qualifier: If the attack exploits a platform-agnostic feature -- as in an application or a data structure -- then these non-Windows computers will also be affected.

"Although the overwhelming majority of malware is no problem for Mac and Linux users, it doesn't mean you get a free pass. Mac users need anti-virus and firewalls as part of their protection strategy. Linux users also need to employ firewalls -- although anti-virus programs for Linux are on the market, most of their usefulness comes from scanning content received from an untrustworthy (read "Windows") box. In both cases, the OS is an unfruitful environment for hostile code; I came across a great exposition of the "why" in an old post to Librenix."

For those wondering why I'm mentioning Linux at all when I so obviously prefer Mac: Wal-Mart sells it. Cousin Biff is going to ask. 'Nuff said.

Platform choices notwithstanding, I'm big on firewalls. Even if it's nothing more than a $50 D-Net-Link-Gear-Sys box from the local Mega-Lo Mart, a simple firewall is still a good first line of defense. I'm also a fan of software firewalls because I travel and at home I let guests use my networks.

The drawback to firewalls is that they require some expertise to set up and maintain. I feel for the ISP hell-desk staff who take calls from customers who bought a D-Net-Link-Gear-Sys box because I told them to and now can't connect. I have to stop myself when troubleshooting a new system and make sure I'm not doing something my firewall forbids.

I think some of my nearest and dearest will get the message. Now I just have to buy my plane tickets and make my list for Santa.

By the way, if you didn't get last week's security newsletter, it may have been snagged by your spam filter. Here's the link; extra bonus points if you find the offending five-letter word.