The report, which is short on solid sourcing, quotes Google’s employees as saying the company is steering people towards using Apple’s Mac or the Linux operating system to avoid malicious hacker attacks.
From the article:
“We’re not doing any more Windows. It is a security effort,” said one Google employee.
Many people have been moved away from [Windows] PCs, mostly towards Mac OS, following the China hacking attacks,” said another.
New hires are now given the option of using Apple’s Mac computers or PCs running the Linux operating system. “Linux is open source and we feel good about it,” said one employee. “Microsoft we don’t feel so good about.”
In early January, some new hires were still being allowed to install Windows on their laptops, but it was not an option for their desktop computers. Google would not comment on its current policy.
Windows is known for being more vulnerable to attacks by hackers and more susceptible to computer viruses than other operating systems. The greater number of attacks on Windows has much to do with its prevalence, which has made it a bigger target for attackers.
Employees wanting to stay on Windows required clearance from “quite senior levels”, one employee said. “Getting a new Windows machine now requires CIO approval,” said another employee.
As any regular Threatpost reader knows, Apple’s Mac OS X is not exactly safe and secure. In fact, when it comes to targeted attacks (like Aurora and the kinds that Google should be worried about), the Mac might be the easiest to penetrate because it lacks the anti-exploit mitigations now common in Windows.
This story makes little sense to me. For starters, Google’s software products are made for — and marketed to — mainly Windows users. How exactly are software developers expected to build products for an operating system when they’re not allowed to use it?
As much as we love to bash on Microsoft over security, the newest versions of the Windows operating system are by far the most difficult to penetrate.
If Google has an internal problem with mass-market malware (scareware, ID-theft trojans, etc.), then it would make sense to push some departments to an alternative OS but if this is a reaction to the Aurora attacks, then the company is pushing its head deep into the sand.