Don't use popular software

The biggest programs have the biggest targets on their back.

March 16, 2021

Imagine you're a young parent about to move into a new city, you and your spouse want to make sure that you move to a neighborhood that has the best school for your children so you do your research and find a school that has consistently had the worst performing teachers, lowest graduation rate, and highest number of violent outbreaks by kids but you see that this is the school with the most people so you decide that this is the best school for your kids and you buy a house in that neighborhood.

Would anyone with their childrens' best interest in mind ever do that? No of course not, so why are you using software with the most known vulnerabilities?

Popularity attracts trouble

About a year ago I had a conversation with a Mac user who was convinced that Apple made the most secure operating system because Apple was offering one million dollars to anyone who could hack their operating system. He had never heard of anyone claiming that million dollars so he figured the operating system was impenetrable. I told him that I was sure they had paid out multiple times and just didn't want people to know. (Heck, Zoom used to use the same sort of exploit viruses do to work around asking users for permission to access certain parts of your computer) Software companies typically don't like to advertise how insecure their products are, they'll be happy to tell you in post-update changelogs that they did some "minor bug fixes" or that they "patched minor security exploits" but what they won't tell you is that the "minor security exploit" allowed a low skilled hacker to easily steal all of your banking information by simply being connected to the same wifi network.

But my Mac using friend was right about one thing, it is safer to use Mac than it is Windows, he was just mistaken in his reasoning. Well over 80% of desktops in use today run Windows, because of this a Windows virus is much more profitable for a hacker than a virus on any other operating system would be. The most popular things are almost always the things with the biggest targets on their backs. Consider this graph showing the current market share of web browsers:

Google Chrome is by far the most popular browser, in fact many people will jokingly say that the only purpose for the default browsers that come with their operating systems is to install Chrome. However, Chrome's popularity is among it's biggest flaws because that is the browser where an exploit is the most profitable. Look at the data in just these first few months of 2021 95 new security vulnerabilities have been found in Google Chrome, if they continue to be found at this same rate there will be more vulnerabilities found in Chrome by the end of this quarter than there was in the entirety of 2018, and this year will likely be the worst year for Google Chrome in terms of security because the average severity of the exploits being found these days is higher than any other year. Why in the world would you use this program? It's like sending your kids to the worst school in the city when you have the choice not to.

I wouldn't use any of the browsers on that chart, the safest browsers are the ones that the least people are using. I've recommended using Brave in the past and I still stand by that recommendation. Brave ships with useful features build in and frankly there is no reason not to use it since it is a complete browser that can take advantage of any other extension you might want to use.

As with many things in life, when it comes to software it is often not the best idea to follow the wisdom of the crowd. To paraphrase Robert Frost, taking the road less traveled by often makes all the difference.