Windows nasties can affect ROS users tooBy Chris Williams. Published: 5th Mar 2004, 04:29:47 | Permalink | Printable
It's true, it's trueEditorial Once upon a time, RISC OS users could grin in a rather smug manner as the current wave of Windows worms and viruses wreaked havoc on the Internet. Emails carrying infected payloads would be effectively neutralised when opened on an ARM powered machine. TCP/IP services vulnerable on other systems wouldn't be running on a RISC OS machine. Very smug, indeed.
RISC OS, to be honest, is not the most secure OS on the planet and that's an understatement: it's hopeless at security. The phrase, 'security through obscurity' was made for RISC OS. The DCI4 documentation for writing network device drivers is kept confidential for security reasons, but that didn't stop it from being leaked in various formats. Complacency in end users is also an issue: the RISC OS platform is currently so small that even the would be virus writers have left the scene and whilst the network services provided by RISC OS have never been security audited, there's no publically known exploits purely because no one's really bothered to look and poke around. Having said that, RISCOS Ltd. introduced a firewall into Select in order to, amongst other things, help protect ShareFS users.
Compared to the rest of the IT industry, the RISC OS scene is as laid back as a Glastonbury hippie who's been told that cannabis has finally been legalised. When you realise that every application runs its !Boot file automatically when "seen" by the Filer unless the user remembers to hold down the control key and that any application can hook into the kernel or freely disable the firewall, you might as well give up trying and don those tie-dye t-shirts and sandals. Ignorance is bliss, right?
Times change and now RISC OS 4 and Select can be comfortably run on a suitable Windows PC, using VirtualRiscPC. In some ways, Windows is more secure than RISC OS and in others, it's less. The bottom line is that Windows is just as susceptible to viruses and malicious exploits as RISC OS. The big difference between Windows and RISC OS is that, and this may shock you, a lot of people use Windows and there's a lot of nasties in the wild for it. This is precisely why Windows users can't be complacent like us RISC OS users: anti-virus kit, anti-malware and full firewall protection are essential in this day and age. This includes VirtualRiscPC-SE users.
With many dealers touting emulation solutions by offering PCs fitted out with VirtualRiscPC-SE and RISC OS 4, what efforts are being made to ease the culture shock of moving from RISC OS to using Windows? How far should the RISC OS user base go to educate its users on the dangers of Windows security, or have our years of smugly watching the horrors of the likes of Nimda, Code Red and Blaster unfold taught us lessons that some Windows users have yet to pay attention to?
The drobe.co.uk editorial team faced an interesting predicament earlier this week, when Neil Spellings of the Aemulor team emailed in to warn us of a Windows virus doing the rounds. On the one hand, we wanted to inform the corner of the userbase who use Windows with RISC OS of the annoying Beagle worm, but on the other hand, we weren't particularly happy with extending our editorial domain to cover top Windows hints and tips.
"I can understand your position," Neil commented to drobe.co.uk, adding that the worm's propagation email does indeed look very genuine.
"I guess as more and more 'RISC OS machines' are based upon WindowsXP with VirtualRiscPCSE, users are going to have to be more aware of the plethora of security alerts and patches for those systems if they don't want DoS attacks against them, or to catch viruses."
Neil primarily alerted us to the worm because he also runs spellings.net, a web services company that has RISC OS users as some of its clients. NoughtPointOne, who host iconbar.com and other RISC OS related websites, also alerted users to the presence of the worm.
R-Comp is one particular dealer that sells WindowsXP PCs that feature VirtualRiscPC-SE and RISC OS 4. We asked them what they were doing to ensure that RISC OS users who are new to Windows, or new to administrating their own PC, are protected from the 'net's nasties.
"We encourage all users to not use Outlook Express, and instead get them using MessengerPro on RISC OS, since almost all viruses these days exploit the Outlook family and are email transferred anyway. If the RISC OS side is used for email there's really no major risk," explained an R-Comp spokesperson. R-Comp's portables also ship with anti-virus software as standard and they recommend users install Adaware to get rid of any accidentally acquired malware. Also, most of R-Comp's customers are broadband Internet users and therefore rely on firewalls in their home network routers for protection.
"Overall, I feel the threat from viruses and security vulnerabilities is pretty low, especially if the user is using the machine primarily as a RISC OS machine."
Please, if you're subjecting yourself to Windows, make sure you're using some form of anti-virus package and a firewall. Don't open attachments unless you're absolutely sure of their contents. Follow the links at the bottom of this article and may we never have to devote future drobe.co.uk bandwidth to the subject of Windows and security.
Viruses are bad, mmm'kay
10 handy tips on Windows security
ComputerWorld's security corner - aka IDG
MicroSoft's security website - stop sniggering at the back
Previous: LCD offer for new Iyonixes
Next: Select for Iyonix needs cooperation
DiscussionViewing threaded comments | View comments unthreaded, listed by date | Skip to the end
Please login before posting a comment. Use the form on the right to do so or create a free account.
Search the archives
Today's featured article
Manchester RISC OS Jaunt
Martin Hansen does Northern dealers
21 comments, latest by Anon on 3/1/04 9:06PM. Published: 21 Dec 2003
New email editor in MessengerPro 3
StrongEd and Zap call their Union
16 comments, latest by JGZimmerle on 30/4/05 10:15PM. Published: 28 Apr 2005
News and media:
RISCOS Ltd •
RISC OS Open •
MW Software •
Advantage Six •
CJE Micros •
Liquid Silicon •
Chris Why's Acorn/RISC OS collection •
The Register •
The Inquirer •
Apple Insider •
BBC News •
Sky News •
Google News •