/ 2 June 2010

Google ‘getting rid of Windows’

Google is reported to be getting rid of desktop PCs running Microsoft Windows across the corporation to eliminate a security risk.

The Financial Times reports that the company, which has more than 10,000 staff worldwide, is now offering new recruits the choice of using computers running the free Linux operating system or Apple Macintosh computers.

The company refused to confirm or deny the reports, issuing a brief comment saying that it would not discuss “operational issues”.

Microsoft, however, claimed that the move was simply part of Google’s attempts to standardise on its new in-house operating system, called ChromeOS.

The shift away from Windows is claimed to have begun in January, after Google realised that the operating system had been part of a chain of weaknesses that allowed a damaging attack against some of its core systems by Chinese hackers in December.

“Many people have been moved away from [Windows] PCs, mostly towards MacOS, following the China hacking attacks,” the FT quoted one unnamed Google employee as saying.

Another is quoted saying: “We’re not doing any more Windows. It is a security effort.”

Being pushed out of Google would be a major PR blow to Microsoft — although the two companies have an intense rivalry in the search business, where Google dominates, and in the provision of online editing of documents, spreadsheets, email and calendars, where Google says that 1 000 small and medium businesses are taking up its Google Docs offering every day.

Though the revenue implications are tiny for Microsoft, the suggestion that one of the largest online businesses is unable to secure Windows could have serious implications for its public standing.

Microsoft’s Windows, with at least 95% of the corporate computing market, is a constant target for attacks by criminals and hackers looking to gain access and control to machines. The intrusion into Google — which compromised some of its most sensitive systems, and almost gave the hackers oversight of its Google Mail system before the attack was discovered — is believed to have come via malware targeted at users of Microsoft’s Internet Explorer 6 browser running on Windows in its China offices last year.

However, Microsoft’s head of PR, Frank Shaw, suggested that the FT had misinterpreted moves by Google to use its own new in-house PC operating system, Chrome. “Bad headline, wrong premise here. Google going google, okay, but free pass from FT on reason = bad reporting,” he said on his Twitter account, before sarcastically adding: “News flash: Google bans Bing from its computers. Must credit FT. Picture on Bing home page is distracting to G[oogle] engineers.”

A large number of businesses offer anti-malware protection — including Google itself, through its Postini subsidiary. But with expert hackers targeting previously undiscovered security holes in Windows and Internet Explorer — because it will be present by default on every computer running Windows — it is impossible to protect against every attack.

By contrast, there is little malware focussed on Linux desktop operating systems or Apple’s Mac OS X. Both are Unix-based systems, but despite its being nine years old there are no viruses targeting Mac OS X. There are fewer than 100 viruses targeting Linux OSs, but the variety of “flavours” of the operating system means that a virus effective against one will not work on another.

By contrast, there were more than 97 000 known viruses aimed at Windows, although modern malware targets individual applications such as Microsoft Word or Internet Explorer. Malware writers also target widely-used applications such as Adobe’s Acrobat Reader, used to read PDF documents.

Some reports suggest that Google is allowing staff to run Windows on their laptops, but removing it from desktop machines. Keeping Windows reportedly requires clearance from “quite senior levels” — by Ben Fried, a former Morgan-Stanley executive who is now the company’s chief information officer, it is suggested.

But Google staff are also increasingly worried about the potential for their systems to be attacked if they use Windows, the FT says. “Particularly since the China scare, a lot of people here are using Macs for security,” it quoted an unnamed employee as saying.

Google is also developing its own operating system, called ChromeOS, which is expected to preclude malware attacks by making it impossible to alter applications.

A Google spokesperson declined to comment on the specifics of the company’s moves, but did not deny any of the claims made. The spokesperson said: “We’re always working to improve the efficiency of our business, but we do not comment on specific operational matters.”

Google has never confirmed the specific details of how its systems were hacked in China, but details have emerged through security companies which have followed up on parallel attacks made against a number of other non-Chinese companies. – guardian.co.uk