A Look at Microsoft's Security War Room

Josh Fink writes "C|Net has an interesting piece about Microsoft's Security War Room, or rather, shall I say rooms. This room came about when Microsoft's security chief, Mike Nash, had issues finding open conference rooms. The response; a dedicated room only for him and his staff to handle emergencies. "And while he was at it, why not have two? That way, the folks working on fixing a security crisis could have a little breathing room from those drafting the public and customer communications around the issue. ""

on the door?

[mseidl (828824)]

"No Penguins Allowed"

Re:on the door?

[PPH (736903)]

That's on the front door only. How many back doors do these rooms have?

and underneath that sign

[commodoresloat (172735)]

Please wear a helmet; look out for flying chairs.

Re:on the door?

[by Anonymous Coward]

I'm posting anonymously because of NDA implications. I used to work at a network security firm that supplied MS with a security console for detecting, investigating, and mitigating attacks on their network. (Hint, they use the same one as the Pentagon's network security war room.) This system relied upon certain defacto standards in their networking gear, but MS had purchased gear that did not support that feature, and were blocking much of their gear that did. MS's proposed solution, distribute a few hundred Linux boxes all through their network to serve as probes.

It was an unworkable idea, and we eventually worked around their problems in a different way, but it does indicate that some of the head security guys at MS may not be as opposed to Linux as you'd think. So long as they don't have to make it public, they seem happy to use OSS. Note, the servers that provide their security system run a highly customized version of either OpenBSD or Linux, depending on which version they're using.

Interesting photo question...

[dada21 (163177)]

Anyone notice that all the swivel chairs are bolted to the ground? I wonder why they made them fixed and permanent.

Re:

[Kranfer (620510)]

Well, we all know that freedom of movement is something that needs to be taken seriously. Either that or they liked the idea from the Enterprise bridge... Just imagine Data and Wesley crusher pushing eachother around on rollable chairs... It would have brought havoc to the Enterprise and Picard would be forced to sick Worf on them... Maybe they just want to avoid Klingons destroying their security people? I dunno? Stationary employees are more well behaved and productive employees?

Re:

[brunes69 (86786)]

Here is an illustration of the joke in relation to your head:

      --------------------

Re:

[Entropius (188861)]

No, obviously there are ||: developers developers developers developers :|| under his shirt.

Re:

[gardyloo (512791)]

It's because there's no fighting in the War Room!

Re:

[$RANDOMLUSER (804576)]

"We can't let him in here! He'll see the Big Board!"

Re:

[darthflo (1095225)]

Heh. After a few minutes of looking at heavily zoomed in pic 4 (they don't seem bolted on), I got the ballmer/chair joke. Well done, sir, well done.

Re:

[ByOhTek (1181381)]

dunno, but the ripped up sections of floor suggest it wasn't terribly effective at keeping the floors and chairs connected. It must have been a powerful and angry force that removed them...

Billions of dollars in damages...

[gerf (532474)]

Viruses, backdoors, security holes, buffer overflows, trojans galore... and they get a room. Ooooh, they're so dedicated to security!

Re:Billions of dollars in damages...

[Smidge204 (605297)]

They can't even keep people from breaking in and stealing their expresso supplies [news.com]! No wonder they have so much trouble with security...

=Smidge=

The cabinets are unlocked

[BadAnalogyGuy (945258)]

They have a big sign out front indicating security, but they don't even have locks on the kitchen cabinets.

Can't see...

[thelima (1045360)]

...any windows there... ;)

From this state of the art bunker...

[DeeVeeAnt (1002953)]

Microsoft's top engineers relentlessly persue their war on security.

Re:From this state of the art bunker...

[Locutus (9039)]

Didn't Bill Gates declare essentially, 'Mission Accomplished', when they shipped Windows 2000? You know, saying it was the most secure version of Windows. Then again when Windows XP shipped and the grand finale when he declared Windows Vista as the most secure OS available. That's right, not the most secure version of Windows, but the most secure OS available!

Is he retiring from Microsoft to run for President? He's got the ethics to do so. IMO.

LoB

Two rooms

[ShiningSomething (1097589)]

When I read there were two rooms, my first reaction was: one to work on the current security threat, a second to work on the security threats created by the first one...

The reason for having a second room...

[MiniMike (234881)]

It's a backup for when the first room crashes!

Are those liquor bottles?

[Iphtashu Fitz (263795)]

In the cabinet containing food supplies it looks like they have the following available:

• a bag of pretzels
• a couple bottles of hersheys chocolate syrup
• one can of soda or juice
• a couple containers of nondairy creamer
• 3 bottles that look like liquor bottles

All that to feed a group of engineers that "gets hit with an emergency and has to pull an all-nighter."

Sounds like a typical geek diet to me.

Re:

[corsec67 (627446)]

Those 3 bottles are flavor syrups, like the variety Starbucks uses to make some of the more bizzare drinks. (Rasbery/Vanilla/Cherry/etc...)

Re:Are those liquor bottles?

[iONiUM (530420)]

Yes, you are right. The GP either doesn't drink alcohol, or doesn't drink coffee. Either way, what the fuck is he doing on slashdot.

pfft....

[djupedal (584558)]

Post-op greasy haired poster-tranny 'Ina Fried' ....talk about needing a junk filter. Toss this 'reporter' out along w/goatse.

War rooms...

[aicrules (819392)]

it's nice that it's so clearly stated exactly why there is this "war room". We have similar requests by various teams in our organization as if a war room is some amazing thing that you just can't live without. In reality it's almost always because some asshat can't be bothered to book meeting rooms in advance. If all the rooms are always booked, add more rooms. What you end up with is a room that no one else can use and except in dire situations, no one is using at ALL.

Re:

[secPM_MS (1081961)]

Microsoft is building and acquiring more office space in the Redmond/Bellevue/Seattle area, but there has been an ongoing shortage of meeting rooms for years. Mike Nash made sure that the security response team had space when they needed it. Is it an optimal use of space? No, but it is a reasonable one. For security reasons, the rooms are inacessible to normal MS staff, vendors, and visitors. Non-security response team members are admitted on a as-needed basis.

Re:

[threeturn (622824)]

Yep, typical land-grab by one group pleading "special needs" to take resources away from the rest of the organization.

That explains it!

[christurkel (520220)]

There is no one in those rooms!

Disappointed

[hcdejong (561314)]

I expected this [gonet.cz], not some crummy office with a conference table.

24?

[thatskinnyguy (1129515)]

Why do I get a vision of Jack Bauer taking orders from Bill Gates to wipe some Chinese online terrorists off the map from some CTU-like complex?

Re:

[Cro Magnon (467622)]

Considering how many moles are in CTU, I definitely see the resemblence to Microsoft security.

Re:

[Blakey Rat (99501)]

Why do I get a vision of Jack Bauer taking orders from Bill Gates to wipe some Chinese online terrorists off the map from some CTU-like complex?

Because you watch too much TV?

Washers

[DoofusOfDeath (636671)]

So it's not like the Maytag commercials where the old repair guy is reading a newspaper and bored for lack of work?

To misquote Dr. Strangelove...

[Hanners1979 (959741)]

"You can't patch in here, this is the Microsoft Security War Room!"

War Room? More like Scuffle Closet?

[Spinlock_1977 (777598)]

I've been in a few war rooms, control centers, command centers, etc etc etc over the years. Even helped design one a little. 4 Flat screens is all they've got? Four? That's no war room. Scuffle closet maybe?

What a non-story

[InlawBiker (1124825)]

Seriously, a few photos of a conference room? And Harvey Keitel and an espresso machine? This is just a room where people sit down to discuss issues. Just like in every office everywhere in the world, except this one has some TVs on the wall. Can I please have that 10 minutes of my life back?

Pulp Fiction - The Wolf

[zerofoo (262795)]

It seems fitting they have a picture of Harvey Keitel playing The Wolf character from Pulp Fiction hung on the wall.

I've had to clean up after a large scale Microsoft failure a few times, and it the whole process did seem like going on "Brain Detail" in the back of a car.

-ted

Re:

[notnAP (846325)]

The only winning move is not to play.

they compile reports like these

[someone1234 (830754)]

http://it.slashdot.org/article.pl?sid=07/12/03/0717229 [slashdot.org]

Re:

[njfuzzy (734116)]

TFA introduces the term "Security War Room", not Slashdot. (It's clear from the article that Microsoft has a less silly name for it.)

Re:war room?

[Fred_A (10934)]

The proper name is "War on Security". It's not supposed to be used outside of Redmond though.

Re:war room?

[Geste (527302)]

"Is it just me or is slashdot's headlines as of late running parallel to the average idiots way of describing everything as a war?"

In somebody's defense, they probably just picked up the concept and terminology from large telcos. If you go to a large network operations center (say like what AT&T operates in Piscataway, NJ) you will find two or more good-sized conference rooms provisioned with 10-15 workstations each that sit idle 99 percent of the time. Just used in cases of major outages/problems or sometimes for network upgrades. Known as the "war rooms" for as long as I am aware.

Re:war room?

[stranger_to_himself (1132241)]

I am interested in joining your war on the inappropriate use of the word 'war'.

Re:

[jamstar7 (694492)]

But where is the "sekrit world headquarters" of Linux that they intend to nuke?

Re:reality and spin rooms.

[ByOhTek (1181381)]

One dedicated fix team for all that code?

That wouldn't make sense at all, there's too much for anyone to grasp. It would be like a dedicated fix team that cover Linux+KDE+OpenOffice. (replace Linux with OpenSolaris or *BSD if you like, KDE with Gnome or some other high-feature window/session/desktop manager if you like)

It's to complex to keep aware of the ins-and-outs of everything - just one of those would be hard enough. Each project should have their own dedicated fix team - The top-string regular devs for the project (hence they understand the code), maybe one or two outsiders (another perspective), who normally work on the specific project, but drop everything and work on fixes if they occur.

Also, it never said that they didn't (or for that matter, did) already have a dedicated team then (or now), simply that until '05, they had to share conference rooms.

Re:reality and spin rooms.

[VE3MTM (635378)]

I'm sure they're vastly simplifying their processes. This seems to just be a triage centre (and a fairly rudimentary one too). I doubt the actual fixing takes place here, rather just co-ordinating that process.

Re:

[ByOhTek (1181381)]

that's kinda what I was trying to say, but you were much more concise.

showoff

Re:

[Locutus (9039)]

There was one bag of corn chips and a bag of pretzels. This is how a billion dollar company prepares to supply their security response team for all-nighters? shaking my head... They probably have an 24/7 dinning area like Google has but then again, the caption was just silly given the contents shown.

LoB

Re:

[TubeSteak (669689)]

Tired of having to fight for a free conference room, Microsoft's security chief, Mike Nash, decided in early 2005 that the company needed a dedicated "war room" where his team could handle emergency responses.
...
The Microsoft Security Response Center (MSRC) was completed in June 2005.

Why would anyone shill 2+ year old "news"?

Re:

[PitaBred (632671)]

But... Microsoft told me they take security [wired.com] seriously! They wouldn't lie to me!