Fighting the Good Global Cybercrime Fight: Q&A With Security Guru Mikko Hypponen, Part 2
Mikko Hypponen has spent the past 20-plus years studying malicious software, including everything from "Brain" -- the first PC virus, dating back to 1986 -- all the way up to Stuxnet and today's most sophisticated global malware.
He's widely considered one of the world's foremost experts on information security, and he's played a key role in taking down numerous international rings of cybercriminals.
TechNewsWorld recently had a chance to speak with Hypponen about his views on the need for a new model of law enforcement in order to fight global cybercrime effectively. That discussion is presented in Part 1 of this two-part series.
Given the ongoing debate about the relative merits of the various operating systems and platforms when it comes to security, however, we asked him to share his thoughts on that topic as well.
TechNewsWorld: It seems the majority of malware targets Windows. Do you think that's just because of its ubiquity, or is there also something about the technology that's weaker?
Mikko Hypponen: It's a complicated issue. If we separate computers and smartphones, we have computers running Windows, OS X and Linux on one side, and we see much the same spread on the smartphone side with Windows Phone, iOS and Android.
On the computer side, Windows gets almost all the attacks, but on the smartphone side, it's Android that is getting hammered. Windows, meanwhile, doesn't get targeted at all on the phone side.
It's really not a fair comparison, though, because it's mostly about market share. We find more computer malware every day, but it's unfair to consider Windows as one group. In fact, we really have Windows XP, Vista and Windows 7.
Of the three different versions of Windows, OS X and Linux, Windows XP is definitely the least safe. It's 11 years old, and it also has the biggest market share, with 50 percent globally -- Win 7 has just 20 to 23 percent.
Attackers have never had it so good. Not only is XP the weakest, but it's also the most popular. Attackers have low-hanging fruit to enjoy as long as there is such a huge target.
TNW: How would you compare Mac vs. Linux vs. Windows for their ability to prevent or mitigate attacks? Which would you recommend?
Hypponen: For the average beginner user, I'd recommend a Mac. It's easy -- easier to maintain than Linux, and the likelihood of getting infected is much lower than with Windows. Macs represent just three to four percent of the market globally.
But any feeling of superiority for Mac or Linux users is not the right attitude. They also have problems with phishing and spam -- those target everyone.
TNW: How would you compare open source vs. proprietary software in general in this context?
Hypponen: The truth is that pretty much nobody looks at source code and tries to find bugs. In that way, the 'theory of many eyes' doesn't work.
What is the big difference with open source software, however, is that when any vulnerabilities are found, anybody can fix it. When the code is closed, on the other hand, only the vendor can fix it.
We see open source apps getting targeted all the time, such as Firefox and Chrome. So do Flash plug-ins, etc. The practical differences aren't that large, but with open source, the fixes are generally available much faster.
TNW: For greatest security, which operating system should a person use?
Hypponen: For beginners, I'd recommend a Mac, as I said. For expert users, though, I'd say some Linux distribution, or if you prefer Windows, 64-bit Win 7. There is a big difference between the 32-bit model and 64-bit Windows, such as in loading drivers.
Of course, if you really want to split hairs, you could argue that the version of Windows inside the Microsoft Xbox 360 is the most secure. The only networking is encrypted IP6, for example.
Of course, it's not really a fair comparison, since it's inside a console. Win Phone is also very secure, but it's also much more closed.
TNW: What other steps do you recommend to keep users' computers and data safe?
Hypponen: First, back up! It should be off-site, whether in the cloud or in a removable disk that you take to your grandmother's house. It doesn't have to be daily, either -- for most home users, a backup from last month is good enough. Failing that, though, if something happens, you'll lose a part of your life.
Also, make sure you're up to date with the latest version of the software, regardless of the operating system you use.
If you're on Windows, run an antivirus and use a separate firewall. If you're on a laptop and use WiFi hotspots, make sure you have some kind of VPN.
Say you're working at Starbucks. I recommend using VPN even if you're just using Facebook, simply for the encryption. Then it doesn't matter if someone else in the coffee shop is snooping. Home users, especially, tend to ignore this completely.
Finally, especially if you're on Windows, make sure you're really running an antivirus, and don't just think you are. It's become a standard feature for malware, if it manages to bypass your antivirus one time, to uninstall it and replace it with something else.
So, just because you installed some antivirus software half a year ago, don't assume it's still working. Double-check to make sure it works and that it's still updating.