Google ditches Windows on security concerns

Source: FT.com

Google is phasing out the internal use of Microsoft’s ubiquitous Windows operating system because of security concerns, according to several Google employees.

The directive to move to other operating systems began in earnest in January, after Google’s Chinese operations were hacked, and could effectively end the use of Windows at Google, which employs more than 10,000 workers internationally.

“We’re not doing any more Windows. It is a security effort,” said one Google employee.

“Many people have been moved away from PCs, mostly towards Mac OS, following the China hacking attacks,” said another.

New hires are now given the option of using Apple’s Mac computers or PCs running the Linux operating system. “Linux is open source and we feel good about it,” said one employee. “Microsoft we don’t feel so good about.”

Read more: http://www.ft.com/cms/s/2/d2f3f04e-6ccf-11df-91c8-00144feab49a.html

---

Blaming M$ security for the Chinese hacking incident? This should be fun to watch.

And the tech wars march on!

eom

And the data engine is -- I kid you not -- mdb. Like, the sort of architecture you would expect from a high school student.

And, there is no way to restore.

Still have one Windows system but life became so much easier once I moved to OS X

Look at their laptops.

Security professionals, or business professionals who need strong security, simply cannot *afford* the risks that come with M$ security. It's just plain a dumb idea, architecturally, to run very much as root/Administrator, and Windows allows (and encourages) it to an absurd extent. That's not to say that windows doesn't have its place, it still makes for a great honeypot.

at a security conference, where tehy had a mac machine, a Windows (vista) and a linux box, the mac was hacked first.

There's one reason so many people use Firefox now, apple's been slow on keeping up with the open source WebKit community. :) :(

Oh, and one (one!) other attempt had been made on *any* of the machines, the day before, so that's not exactly much of a sample size (two).

I'm not sure I've seen the soul-patch before, so, what is it?

edit:typos galore

And that's OpenBSD's catchphrase. They give him something different every point release; in this case it was a soul patch. 4.7 just came out and I still need to try it.

Just curious.

Pretty early on.

Are the mail servers running on Windows?

I wonder if the employees know what they're talking about. There aren't many great options for replacing Windows in large corporate environments.

So, it was directly connected to Windows, any other platform and the back door wouldn't have worked... here's how it went down:

1. Selected folks were targeted with mundane email with an attachment.
2. Those selected look at the attachment, which *is* normal content, but also installs a backdoor.

So far, no biggie? Right?

Well, it turns out that when you target higher-level engineers with this kind of code, you're targeting machines that have many keys to the kingdom *on their hard drives*. That's why this was such a big deal, rather than some secretary getting some mundane virus.

FWIW, their server clusters generally run a highly tweaked variant of linux, and the general google philosophy is to keep everything in the cloud, making the desktop OS much less important... so, they don't need Office, they have their application cloud. They don't need Outlook, they have webmail. They certainly don't need Sharepoint to make and distribute content, they have entire flocks of servers for that. They wrote their own db engines and are pretty active in various F/OSS database communities, so they don't need MS SQL. They have their own authorization and directory systems (I'd guess LDAP, like AD, simply because it predates windows trying to do it), so they don't need AD.

Basically, they have no technical reason to have *any* Windows machines, other than for usability testing and browser compatibility testing.... what problems do you run into when replacing Windows in large corporate environments? The usual ones I've run into has been all about training users, or educating IT folks on how to port their existing systems over to other ones, and google has no shortage of talent for that.

edit:typo

than with any problems with Windows.

This is a battle in a larger war, and at this point, Google is focused on influencing public perceptions.

ChromeOS and/or Android are being positioned in a big way with this.

I for one couldn't be happier. Time for the sharks at M$ to rethink their business model.

Being hacked is *very* expensive in terms of public perception, labor, and cleanup, and changing their OS standards is certainly a proactive step to take to reduce costs...

Keep in mind that this is a company that's so cheap they don't even have cases on their servers, and buy crappy RAM in bulk to save pennies on the dollar.

I used to rent a rack near one of their racks in a datacenter. Hundreds off commodity 1U servers without cases.

were not the bestest of friends these days:

http://forums.macrumors.com/showthread.php?t=920494

Now will Microsoft fire Bill Gates' college roommate?

Warmest I've felt in years.

Maybe they should learn from Apple. They have tight controls on the code used for software on their devices.

http://www.gamepron.com/news/2010/05/31/mobile-game-trojan-calls-the-south-pole/

A browser should be just another application like Linux and Macs. At least if there is a security flaw in the browser application, it's not catastrophic.