There are signs the camel is losing the battle against the straw. On Friday August 15th Microsoft began to hide behind Servers running Linux to help fight off DDOS, worm and virus attacks against themselves. Thats right, even Microsoft themselves cant keep windows online and secured at the same time. Bill Gates himself wrote Trustworthy Computing has four pillars:

- reliability
- security
- privacy
- business integrity

Reliability means that a computer system is dependable, is available when needed, and performs as expected and at appropriate levels.

Security means that a system is resilient to attack, and that the confidentiality,integrity and availability of both the system and its data are protected.

Privacy means that individuals have the ability to control data about themselves and that those using such data faithfully adhere to fair information principles.

Business Integrity is about companies in our industry being responsible to customers and helping them find appropriate solutions for their business issues, addressing problems with products or services, and being open in interactions with customers.

Well if someone were to grade Microsoft on these 4 categories how do you think they would do?

If that isn't scarey enough how about the fact that Ohio's Davis-Besse nuclear power plant got hit with SQL Slammer in January and disabled a safety monitoring system for nearly five hours. Alameda County Sheriffs Dept also go Slammed and for two days had to process everything by hand with pencil and paper, they couldnt even turn their computers on. Probably cant run fingerprints without a computer huh.

Would you trust your life to a windows computer? Ask that of the crew of the Aegis missile cruiser USS Yorktown who suffered a "local area network casualty" and were dead in the water and had to be towed back to port. It took two days of pierside maintenance to fix the problem and happened more than once.

Nobody is arguing that we are more dependant on Computers than ever and its not likely to change. The bigger problem is with Microsoft, its software, what it will bring next and what are its effects going to be.

Computer virus's, worms and trojan horses were first reported around 1981 and have steadily changed attack vectors every few years and have become very prolific. Its hard to say how many Windows virus's there are but experts estimate the number of Windows-specific viruses at about 70,000. some are mere nuisances, others are downright nasty. The bigger problem here though is the blended threat.

The doomsday scenario i propose is scary and yet most of the code is out there to make it happen.

Imagine this, ts 4pm on the east coast on a sunday when a Windows machine named victim A recieves a UDP packet from somewhere out on the internet, that machine immediately connects to a zombie machine already out there somewhere on the internet where someone has covered up all traces of there comings and goings and left a nice little download of malicious code.

This is immediately downloaded by the victim A machine and immediately it begins to UDP flood random IP's infecting more vulnerable machines who in turn download the malicous payload from Victim A and begin flooding and infecting more machines, within seconds there are hundreds of thousands of machines compromised and zombied uploaded malicous code in a peer to peer network that has just been created.

the internet begins to experience major packet loss, the virus notices this and adjusts it flooding to keep everything flowing.

After 3 minutes the first victims machine now runs its time delayed payload and begins to email out every .doc .xlt and .xls file it can find on the system to everyone in your outlook address book. For the next 17 minutes every document you have created or stored is emailed to everyone you know. At 30 minutes after initial infection it attempts to reflash its bios, overclock the CPU and damage and destroy or overwrite the the HD firmware. Within 30 - 40 minutes there are millions of dead Windows machines, some might survive, others might actually burst into flames when they overheat and melt down.

Within 45 minutes the first machine literally smokes itself, within minutes you have a worldwide hardware shortage. Every vulnerable windows machine is down or dead if its not its lucky to be alive.

Someone taking the fast spreading characteristics of say a SQL Slammer worm coupled with the ability to spread multiple ways and adding malicious payload like Win95.CIH (a.k.a. Chernobyl) and Sircam. this is not farfetched, the only thing i threw in for good measure was the overclocking part and the peer to peer networking, that hasnt been done... YET.

Everything else has been reported in the wild with various other virus's i just linked a few virus's and modified part of the vector.

How do all of these problems effect the TCO? Could data loss, catastrophic hardware failures coupled with a total loss of data confidentiality actually happen? If your running Linux or a Mac, no. If your running windows though its quite possible that at some point the camel will give and the straw will bury the camel and quite possibly burst into flames on the way down.