This is a typical puff piece by an ignorant reporter. Why didn't they ask a real virus researcher about some of the most influential viruses? Where is there no comment about BRAIN, the first international-spread virus which invented the boot-sector infection path? Why no mention of the amazing prevalence of FORM, which constituted about 1/3 of all infections in the world at its height? Why is there nothing about CONCEPT, the Microsoft-written virus which ushered in the era of high-level language macro viruses?

Why are the only viruses mentioned ones which there has been some public fuss about? I know - because the author knows nothing about this arcane technical subject, but hasn't let that get in the way of writing 500 words....

Look it is actually very simple why Windows gets more bugs. Most bugs are made by criminals, and criminals like most predators are naturally lazy. they want to get as much as they can for as little work as they can. They target Windows because as someone who actually works on the things 6 days a week I can tell you that is where the stupid people are by a loooong shot.

Doesn't make Windows bad, I have machines that have been running nearly a decade with no bugs, just retired my Win2K after a decade bug free, etc. but for every person like me that follows best practices you probably have 100,000 that will blindly click on anything, never read a EULA, will happily click through any UAC or virus warning, as long as you offer them something they want, or spook them.

Most of the bugs I see, and I usually get to see them all, but a good 90% of the infections that cross my desk can be divided into TWO categories. The "ZOMG! U got teh viruz ZOMG! Run this "is_not_bugz.exe" to kill teh viruz ded! ZOMG!" or the "Want to watch this hot porn FOR FREE? Well you can! All you have to do is load our "is_not_bugz_iz_codec.exe" to see the hot action NOW!"

In both of those cases the vaunted Linux security would do exactly jack and squat since the user is actively helping the malware and as long as the user has the right to install then there is nothing you can do. Repos wouldn't help because they would ignore you for the malware writer, an AV can only do so much if the user is working against it. Frankly MSFT could develop the perfect security model tomorrow and as long as Sally Dipshit is allowed to install and Horny Hank Hugeass is willing to ignore all warnings to get a chance at free titties? You're still fucked.

So just be glad you're a niche Linux guys, because look at all the bugs coming out for Android. Where goes the masses goes the stupid and the bugs along with them. All you can do is give them "the look" [roflposters.com] and keep them off your PCs.

Hi Cosm! Sadly I wish that it was, but as someone who has been in the repair biz since Win3.x it is all too true. hell I'll give you a perfect example of why social engineering works: I had a customer with me sitting right exactly there telling her specifically "Do NOT open that password protected zip and run it, it is a virus!" and got told "Oh you're just paranoid, see the name? My BFF Kim sent this to me! Kim wouldn't do that!" and so she ignored me AND the AV which was practically trying to hurl itself between her and the bug and did EXACTLY what I told her not to and promptly pwned her own machine.

So sadly my friend I can state with 100% certainty it is NOT a myth or old wives tale, it is all too real. Look up the top 10 list of malware by installation and then look to see how they infect and you'll find a good 8 out of 10 if not 10 out of 10 rely on the user to pwn themselves by ignoring best practices, ignoring the EULA, never reading anything, and just blindly clicking next to continue.

The latest nasty going around is the "Security tool" variant which is installed on MILLIONS of machines and which I see at least 3 times a week, all done using the "ZOMG! u got teh bugz! Install 'is_not-viruz.exe" to kill it ZOMG!" and that damned thing is installed on millions of PCs using that lame BS tactic. No shit. Sad but true my friend, sad but true. And Linux security wouldn't do a damned thing, in fact here is How to write a Linux virus in 5 easy steps [geekzone.co.nz] using the same tricks and it WILL work because so many refuse to think.