I can hear the talkbacks already: Why are you feeding the trolls, Dawson? What's with the flamebait? Not enough hits lately? Guess what? I'm getting plenty of hits lately, thank you very much, without resorting to flamebait. You know what I'm also getting plenty of lately? Malware.
It's not for lack of prevention, either. Our systems are well patched, antivirus is up to date, we're running antivirus at our gateways and we still have things slipping through the cracks. It's hardly an epidemic, but on fairly clean networks it's annoying and absorbs time I could spend elsewhere. Suffice to say, I've cranked up the antimalware settings on the firewalls to the point where the software warns me about potential performance issues.
This morning, one of our secretaries couldn't download a file emailed to her by the state because the firewall flagged it as infected. This was literally moments after I'd made changes to the appliance's malware settings, so I wondered if it might not be a false positive. We receive emails from this particular group within the government all of the time and the file was even an expected attachment, so I told her to forward the email to me. No, I'm not stupid, I just opened it up on the Ubuntu box on my desktop, scanned it, and, sure enough, it was infected.
My point here, though circuitously made, is that none of the three machines I use regularly (a MacBook, an aging desktop running Ubuntu, and a netbook running Ubuntu NBR) were vulnerable to the infection. One of my techs pointed out another infected file that made its way onto her network the other day so I could tweak the firewall, then promptly deleted the file from the Mac on which it had landed.
To some extent, this is just my learning curve with our new firewalls. Most were installed at the end of last year, so this is our first real stress test with a full complement of students and staff surfing away. So fine: they're tweaked and things are better. However, wouldn't it be nice to have a few more machines out there like the ones I use, impervious to the vast majority of malware floating about the web, whether they are behind our firewalls or not?
I know, I know...Macs are under attack, too, and no machine, *nix or otherwise, is "impervious." But I also know that the only machines on our network that have ever been infected are Windows computers. XP SP3 or Vista SP1: it doesn't really matter.
And yet, with rare exceptions, all my users need is a web browser, especially now that we have Google Apps. We have some mission-critical Windows-only software that we run on a Terminal Server and I keep a mighty tight rein on our high school Terminal Servers that run our computer labs. But really, what would happen if everyone with a Windows PC walked in tomorrow and had Ubuntu installed on their computer? How much less of a hassle would anti-malware efforts be? Infinitely less because they simply wouldn't exist.
Obviously I'm not going to do it; a forced migration to Linux would be cause for mutiny in some cases and I have far too many initiatives on the table right now to deal with training and migration. However, a goal of mine this year will be to identify users who are not wedded to Office and whose computing needs center on the Internet and multimedia and have them give Ubuntu a shot. I've made converts of plenty of students looking for hassle-free web-browsing and basic productivity. Can I convert some staff, too?