Google Ends Internal Use of Windows
|“We’re not doing any more Windows; it’s a security effort,” remarked one Google insider to the Financial Times about Google’s recent decision to phase out all Microsoft operating systems for almost all of its employees worldwide, up to twenty thousand employees by some estimates, in favor of Macs, Linux and Chrome machines. David K says it’s a stunt.
One shortcoming, and this is one of a rather large list of items, most of us associate with Microsoft’s software is insecurity, much more so than with Apple or hippie Linux distributions. If you believe Google at all about part of their rift with the Chinese being their little hacking habit, and if you’ve ever run a network intrusion auditor you’d know how pervasive it is, taking into mind that Google with all their crazy datamining had better put a very elevated degree of concern on the safety of their big brother data (not to mention protecting their trade secrets), how is this not a good idea? As a Google datamining victim, wouldn’t you want this?
Google’s nemesis lately, it seems, is Apple, not so much Microsoft. That Google employees I imagine will (if they are not mostly already) be using Macs and some using Linux or this Chrome thing makes me think if Windows were the better product, Google would certainly be more inclined to go with Windows either for everyone or at least whoever wants it. It just sounds stupid for any company, even one of Google’s size, to give everybody something undesirable, denying them what would help them develop better, to make a political statement in a press release (actually not even a press release, just some leaked remarks) that will soon be forgotten. Security cannot get much greater a concern for any other public company than it is for Google.
Sometimes, if not always, and I believe this is the case here in spite of David K’s baseless cynicism, it’s about issuing the best equipment and platforms to your employees to do their thing as well as possible without jeopardizing general security, not about making childish gestures. There’s just too much on the line. Am I right?
Doug Simmons
Maybe you’d be willing to let me in on the truth behind this, given your background.
This is definitely not about security. I’m a sysadmin. The security of your hardware isn’t about the operating system. It’s about the measures you take to secure the operating system. We’re all MS Windows in our data center and have never had any issues with security audits because we lock down all unnecessary ports and services. Doug, pushing of this “MS is insecure” nonsense shows your lack of knowledge in that realm.
I already did, Doug. Any competent sysadmin that isn’t platform-biased will tell you “The security of your hardware isn’t about the operating system. It’s about the measures you take to secure the operating system.”
nother reason for me to despise Google, they are the biggest joke.
they should rename chrome to choke, never buying a google product again.
Google couldn’t even hold MS shorts.
I agree with Jeff here. The Windows Server platform has become of victim of it’s own “useability”. I’m certainly not a MS fanboy, but one has to admit that setting up a working network environment using Windows is far easier than any other OS (IMHO). This has allowed unqualified “admins” to set up networks without the know-how to truly lock it down like they should. I’d like to see some real data showing that a properly configured Windows environment is any less secure than the other OS’es.
I see, so because Windows is just fine provided all of your administrators tame the beast by taking all the Windows measures, pushing updates nonstop and nmapping for any Conficker sightings and your thousands of users in your office are happy with their restricted Windows user accounts, don’t easily elevate their privileges and mess around or if given administrative access play by all the IT rules, not installing this or that and not disabling antivirus for a second, because of that Google is doing this to stick it to the man and not to make general security on a large scale less of a liability by giving everyone Linux and UNIX-based platforms.
Viruses, for example, are no greater a threat on an array of large networks full of Windows machines than these other platforms? News to me and I am not green to IT either. I know I’m exuding lack of knowledge of this realm left and right but that Windows makes more sense to Google than just using Apple and Linux exclusively, I’m still a little confused on that.
First, I never said “Viruses are no greater a threat on an array of large networks full of Windows machines than these other platforms”. I simply asked if there was any meaningful data from real tests. If that can be shown, I would concede to your point, but since Google is the one making the claim that Windows isn’t secure enough, I would hope they’d have some data to back up their decision. Where is it?
As for your other points, I don’t push updates “nonstop”, and if you’re suggesting other OS’es don’t required regular updates, that’s simply not correct. My users are not overly restricted either, they can do everything they need to in order to perform their jobs and then some.
I have no data to back up this claim, however I believe that if Linux or OSX were targeted by the massive number of attackers that Windows has, they would have more holes than Swiss cheese.
@Doug: Your adolescent responses on this aren’t terribly endearing to Mobility Digest readers. They make you come across as insensitive, lacking in the knowledge you claim to have, and a prat. Just so there’s no misunderstanding, equally insecure Mac or Linux systems could be setup/maintained by incompetent sysadmins. Conversely, none of the things you mention as being some sort of twisted reality of a Windows network are actually true, at least not anymore true than they would be for any other OS in incompetent hands.
Hey, when you open by knocking my knowledge, it’s not unnatural for me to get a bit defensive. Just please don’t judge this place by my remarks alone.
I know you’ve said you did but I don’t think you answered my question which is that, further in light of what you said, which is basically that these platforms are as secure as their users and administrators make them (right?) and that this was not a security decision, why do you suppose they did it? Kind of a schlep, getting rid of a bunch of machines and forcing a lot of employees to use something else, so some thought had to have been put into a move like this. Why might they have done it?
But based on some quick googling, google’s Search and advertising operations account for roughly 95% if not a few percent more of their entire revenue. Chrome so far hasn’t been turning many heads and Google is not mandating Chrome for anyone (other than I suppose people connected to its development) and, though I’m speculating, the majority of their employees will be using Macs.
Those who may have been using Windows XP or Vista (yikes) or 7 or whatever, if still reserved the option of not using Chrome, I’d imagine that most of them would either fire up some Linux ISO into their current machine, particularly if they have a sweet monitor setup like me, and keep working or ask for a shiny Mac. Doesn’t sound like an eat your own dogfood kind of thing.
To fantasize about being an employee, I think I’d take Chrome for a spin for the day just to see what’s doing and probably revert to good ol’ Debian (if I could get the frigging thing to support those screens — not easy the last time I tried).
Security using MS may actually be a security concern for Google, especially after the China hack attack. Each and every company has the right to protect it’s data as they see fit, What is good for your company may not be applicable to mine.
Personally, I would say that they are moving away from Microsoft, to enable them to begin using their own products. They have spent a great deal of money and time developing Chrome, it wouldn’t say much for a company to develop an operating system and turn around and use the competitions OS.
Okay so that was a cheap shot with the constant updates remark. They do eventually get around to cleaning up their mistakes, though they have a history of waiting even with critical updates until the timing’s right, or so I’ve read over and over. Platforms update, some of that updating including security related and urgent, and this is not limited to Linux and BSD derivatives and offshoots like Mac OSX (which I haven’t tried, though I do my serving on Linux, FreeBSD and am experimenting with OpenBSD). I assume Macs are also updating. On a side note however it is nice not to have to reboot all the time after such updates, only once in a blue moon.
I have trouble buying the defense that Linux, Unix and Unix-likes are getting a pass on being a target for viruses because more people are sitting behind a Windows machine and that it doesn’t have to do with the the structure of the platforms and the software included with them out of the box. Back when I made housecalls, most of which were to clean out dirty Windows machines, when I decided it was time to stop I just started getting my clients to buy a Mac and they stopped needing me. Same deal with my mother, got tired of all the calls to come over and fix the thing so I gave her Ubuntu, problem solved. Any idea what the server market share is between Microsoft and everyone else? Because the servers would strike me as a higher value target than just regular PCs for hackers and crackers. It would be quite a trophy, small share notwithstanding, to find another hole in OpenBSD but that just doesn’t happen to often. On the other hand, if I don’t get around to updating something like RoundCube for too long, no matter which operating system I’m on I leave myself exposed to whatever holes they either didn’t patch yet or I didn’t update yet.
Funny when Slashdot and friends caught Microsoft using Linux still to run hotmail even months after the acquisition, summarily swapping in their own software (or maybe just the version reporting..) after the embarrassment.
I’m going to have to agree with the population here Simmons. A network of Apple computers is not in anyway more secure. Security through obscurity does not work when the biggest data collector in the world uses that system. The fact that windows has those updates, you try and make seem like a hassle, is a company pushing out ongoing support and security for their product. The ease of setting up a network in Windows is not indicative of its overall security. That’s like saying a car is less safe if it doesn’t automatically put your seatbelt on you. The seatbelt is there you just have to be not a dumb ass. Enough at least to put it on while you’re driving wrecklessly. And I don’t really see how any company could get anything that is useful mainstream on a network of Linux computers either. I like Linux and have it installed on my machine at home if I want to mess with it (because there is a pretty badass Ubuntu Media PC program I like to run) but the majority of my time is spent on Windows because I’m never wondering if there is something I can/can not do on it.
Problem is they’re not changing out servers. We’re talking about PC’s here. And yes I do believe that the people out there making viruses (to make money from what I’ve seen, not just general freaking havoc,) are going to target the largest market they can. Plus why bother trying to crack into a Linux or Unix server when you can grab the much easier PC target that’s connected to said server and go through that way, once you have all their log in info. Much easier to get the key than to break the lock. Just my thoughts though.
And just so I know I’m not crazy:
http://blogs.pcmag.com/securitywatch/2010/06/mac_security_in_the_news.php
I think it’s an internal decision with the bonus of a PR stunt. They get to trash a competitor and imply their product is better. It all makes sense if you look at it from the marketing opportunities.