Trustworthy Computing At One Year 301
ackthpt writes "One year ago Bill Gates issued forth an email directing the company to work toward Trustworthy Computing, making Microsoft operating systems, applications and services secure and reliable. Where is that effort at today? vnunet has this Q&A with Microsoft security chief Stuart Okin. Slow, steady progress seems to be the result. They've targeted Security, Privacy, Reliability and Business Integrity, but so far have had a go at Privacy. Okin indicates the strategy may take 5 to 15 years, but more immediate milestones are targeted within the next two years and focusing on reducing vulnerabilities in the next version of Windows, rather than attempting to fix 2000 or XP. I'd chalk this up as a frank and honest interview, rather than madly spun, and paints a picture of the massive cat herding effort undertaken."
Well (Score:5, Funny)
Re:Well (Score:5, Funny)
Use a sharper axe.
Re:Well (Score:2)
Re:Well (Score:2)
XP isn't THAT bad untill you do stupid stuff like:
* = Involves installing service packs. Don't think of this as a problem, think of it as a challanger instead! Okay, so it's still crap to do but it will give you a more positive view on life :) Besides, I think you're just cheating! Have you ever booted it? Does it dual boot something else that you normally use? Is it even connected to the internet to start with? :P
Re:Well (Score:2, Funny)
Challenger? As in Space Shuttle Challenger? Freudian slip?
Re:Well (Score:4, Interesting)
Re:Well (Score:4, Insightful)
And you can't firewall every single computer on a LAN. Anyone working in a corporate computing environment knows this.
I still agree it's his own fault; it's because he chose such an insecure platform from a vendor with a long history of insecure products. How many people now refuse to buy Firestone tires because of the tread-separation issue? Why do these people continue to buy Microsoft products after all kinds of problems with them?
Re:Well (Score:3, Interesting)
I think his point was that his machine was fully patched to the newest version, but this didn't fully eliminate the vulnerability because another unpatched machine infected his.
I'm no security expert, but the fact that he got it anyway indicates that he wasn't patched, right? If he was patched, it shouldn't matter if he stuck it on a floppy and ran the executable, right? It still wouldn't work.
How many people now refuse to buy Firestone tires because of the tread-separation issue?
Mostly people that don't understand the issue. I worked in tires for a year as a mechanic, not a salesman, and I can tell you that the tires weren't that bad. I saw them put on a number of non-Ford vehicles with the guilty numbers on them and they're still on the road! The problem is that the Ford Explorer uses a funky suspension by comparison to other SUVs, and tends to wear tires differently. It was really just a matter of putting tires on a truck where the truck's suspension wore the tires in their weakest spot. Not necessarily the best thing to do, and certainly a bad combination, but not really the worst thing to do either. Granted, Ford and Firestone both could have dealt with the situation much better than they did, but the tires shouldn't reflect on all of Firestone's tires, since they were really only a problem on Ford Explorers.
Note, I wouldn't use Firestone tires myself either, but that's because I don't trust Firestone mechanics. I was in the business a long time, long enough to know which chains to avoid.
"Targeting" privacy? (Score:2, Funny)
Re:"Targeting" privacy? (Score:3, Funny)
first DRM (Score:5, Funny)
Quote from article. (Score:5, Funny)
Re:Quote from article. (Score:5, Insightful)
In 10 or 15 years time we could achieve Trustworthy Computing and there will still be people that don't like us.
How can "Trustworthy Computing" ever be achieved? Ironically, the more that some people trust their computers, the more others will distrust them. The only way to completely trust the computer is if no human can break into it and steal your data. But if no human can break into the computer, then what do I do if the computer won't give me my data when I need it?
--sex [slashdot.org]
Re:Quote from article. (Score:5, Insightful)
Now if your computer decides not to trust you you're hosed, and if *their* computer decides not to trust you you're hosed.
And who says you can trust *them?*
And that's just it. Trustworthy computing isn't *about* you trusting your computer, it's about your computer trusting *you.*
I already trust my computer. My computer has no business "wondering" whether it trusts me or not.
If I have the car keys I expect the car to run. It's up to me to protect my keys.
KFG
Re:Quote from article. (Score:2, Informative)
Exactly! (Score:3, Insightful)
Call me paranoid, but I think I trust myself more than I'll ever trust a stranger.
Hmmm... Is that what passes for paranoid these days? Ridiculous...
And we're not even talking business or national security.
"Trusted computing" my ass... That's like a Mafia slogan, "Legit business".
Re:Exactly! (Score:4, Interesting)
"Trustworthy computing" is analagous to buying a car where you don't get the keys!
Um, actually, the key is supposed to prove that you own the car, or are at least authorized to drive it. You're supposed to guard your keys, keep them close to you at all times. Now, it's not the security issue it sounds like.
For example: When I go to bed, I lock all the doors in my house. My keys hang in a jacket pocket on the front door (it's a temporary situation, they should be in my bedroom, where I normally keep them). To get them under normal circumstances, someone would have to first break into the house. Well I already check the locks on the windows and doors in the house, and they're locked. I don't worry about too elaborate security measures. I keep the outside well-lit at night (whenever possible, I was fighting with the upstairs neighbor over this issue, actually, but now she's moved out). So, at night, to get the keys to my truck, you have to first go through the well-lit area, then break something (a window or something), then unlock the door or window associated with the breaking, then come inside the house. There's 4 people sleeping, theoretically, but there can be anyone awake at any time of the night. My kids know to wake me and my wife if anybody comes in the house, so if they see the intruder they might wake me. Anyway, then they have to find the keys, checking various pockets. Normally, they'd have to actually enter my bedroom to do this.
Of course, as soon as they break in, they have as much chance of finding the keys as they do of browsing the web on my computer. :) (password-protected, not strongly, but your average burglar wouldn't be able to guess it)
Why is all this important? It's important because one of Microsoft's plaguing problems which the Free Software community wants to adopt is the fact the PEOPLE DON'T THINK ABOUT SECURITY.
I fought my upstairs neighbor over the lighting issue because she was worried about our electric bill while I was worried about our house being the easiest pickings on the block. She worried about money, I worried about, um, guess what, SECURITY.
Your average bear doesn't go wondering around thinking about whether or not his keys are vulnerable. He takes it for granted. Your average person leaves doors unlocked, trunks unlatched, and so forth. I see people late at night leave their cars running while they run into a gas station! They left it running so it wouldn't get cold. Of course, a gas station, late at night is the WORST place to leave your car running! Even if you lock the doors and carry a second key! You've just made it take 2 seconds to steal your car, and no matter how closely you watch it, you won't get out there to stop the guy quick enough, and he's gone with your car. Call that security?
Yes, MS software seems to have an inordinate amount of bugs. Argue with me, I don't give a shit.
Yes, MS software tends to install with poorly chosen defaults from a security standpoint.
Yes, MS software is frequently run by people who don't ever think about security in any other aspect of their lives, why the hell should they think about it now?
For many people, "computing" is some vague amoebic thing and they expect "experts" to make it secure. They just don't think that they need to lock their doors and turn on a few lights! Hell, they don't even do it in their own homes when it's their very lives that are potentially at risk! The only way Microsoft is ever going to get out of their mess, and this is something we need to look at as a growth-minded community ourselves, is to EDUCATE END-USERS. It's a friggin' MYTH that people don't need to know anything about their computers. Do they understand "lock your doors"? Do they understand "keep your key safe"? Security is a pervasive concept. You either think about it, or you don't.
Re:Quote from article. (Score:5, Insightful)
Re:Quote from article. (Score:2)
How can "Trustworthy Computing" ever be achieved? Ironically, the more that some people trust their computers, the more others will distrust them.
The same way "Trustworth TV Watching" can be achieved. At the moment the computer is still "new" to our homes. They have only really been around our homes for 5-10 years (if that). We have had TVs in our homes since the 60s.
I won't be suprised if it takes us 30-40 years to make computers worthy to be trusted, as well as for us to actually trust them.
I work in iTV (interactive TV), and there have been surveys showing that 86% of Australians distrust ordering Pizza off the internet, but 92% of them trust ordering Pizza from their TVs (as part of an iTV trial we did). The difference is that the TV is a trusted family member (sad but true).
Re:Quote from article. (Score:2, Insightful)
Ironically, as TVs become smarter & more like computers, the less we are going to trust them.
Re:Quote from article. (Score:2)
Ironically, as TVs become smarter & more like computers, the less we are going to trust them.
totally. I haven't seen any data suggesting people trust their TVs less, but I suspect it may happen. Some iTV deployments have really bad security..and if a few bad things happen and are publicised, things may change. When people start not being able to record TV shows, or are forced to watch Adverts rather then fast forwarding, etc etc...I suspect they may become not so happy with their TVs.
Re:Quote from article. (Score:2)
trustworthiness through obscurity (Score:5, Funny)
They're not going to fix the bugs, they're going to hide them underneath a new GUI layer.
Article Text (Score:2, Informative)
Emma Nash [26-02-2003]
It's been a year since Bill Gates sent an email to Microsoft's 50,000 staff, informing them that security was the company's new watchword and its Trustworthy Computing strategy was its newest and biggest priority.
Twelve months later and the company says it wants people to be able to trust computing infrastructures within the next 10 years. The software giant is doing all it can to shake off its reputation of having bug-ridden software that is inherently insecure.
Stuart Okin, Microsoft UK's chief security officer talked to Computing about the company's security vision.
How did the Trustworthy Computing strategy came to life at Microsoft and what does it mean?
Trustworthy Computing was born out of chief technology officer Craig Mundie's office in January last year. He coined the phrase and it lead on to a vision that resulted in the famous email that Bill Gates sent out. Trustworthy Computing is a vision of the future in five, 10 or 15 years, which says we want users to say they trust their computing platform.
Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work. When we use it, we are pretty sure that we know who we are talking to, and we know we'll get a bill at the end of the month and we know what rate we'll be charged at, and we are protected by Oftel. That's the vision, and that's where we want to be.
We have come up with four pillars: security, privacy, reliability and business integrity. We are trying to develop a score card system for each one of these and put an improvement plan in place. To date we've had a go at privacy and we are trying to roll that out. The other three are more difficult.
What improvements have been made so far?
The largest impact has been on our consumer business. About 11,000 programme managers, developers and subsidiaries have received additional security training. A lot of this is about learning how to write secure code, and consider things like - do you need certain functions set as default? We've also seen an impact on our security bulletins.
Microsoft issued 72 security bulletins last year. That doesn't help your reputation, does it?
The problem with Microsoft is because we have a big deployment base out there, we go very, very public with any vulnerability, with patches. Some we actively alert the press about. We know it's going to cause negative press but we have to do it. That's a problem for us. But if you follow any of the vulnerabilities of our competitors, we are not as bad as them. It just takes one vulnerability to be exploited and it has a major effect.
It is a problem from a reputation point of view. And we know that we will never be able to get rid of every vulnerability. Anyone who says the opposite is not living on this planet. What we need to do is raise that bar and make sure these vulnerabilities are very obscure.
Will it be a big struggle to change people's perception of Microsoft and security?
There is a broad spectrum of people that like Microsoft, and there are those that don't like Microsoft. Microsoft is a very successful company and there's a lot of people that don't like success. In 10 or 15 years time we could achieve Trustworthy Computing and there will still be people that don't like us. That's fine. We can't win with everybody, but we can ensure we are transparent, honest and forthright.
How much of these security problems can be improved with education?
It's partly to do with education, but Trustworthy Computing is a roadmap. We will bring out the most secure software we have, but there will always be vulnerabilities. It's about what we can learn from them and then we can raise the bar again next time round.
Will we see a decline in the number of security vulnerabilities in the coming years?
I'm not sure we will see the number decrease particularly, because they go across all of our products. I hope we'll see them decrease in products like Windows 2003 rather than 2000 and XP. We have some internal aims and we work on the basis that we aim for zero, and we see where it goes from there. We have the people, processes and technology in place to get to zero.
Surely this is an industry undertaking and Microsoft cannot get the world to trust computers on its own?
We cannot do it alone. We have to do this with our partners, with the government and with our competitors, because there are things we can do with education and awareness. It's Microsoft's vision but it's not something we can do alone. We are working with our competitors through standards groups, such as Saint.
How progressed is the strategy?
We have done a lot in the last year but we need to do a lot more in the next two years. We need to do a lot more in the patch management area. The product groups are very much independent at the moment - Windows, SQL, Exchange are all pretty much separate. We have to work to common standards, which we've pretty much got licked because of the arrival of the internet and open standards.
The one we haven't got licked is patch management and engineering. Each division has their own engineering group. We have got to bring engineering to a point where all patches are together in a single deliverable way. We're looking to get to two installers in the next two years and then to one some time after that.
Craig is a crack smoker (Score:4, Insightful)
No, we don't know that. That man has obviously never seen the wiring in my apartment building. I'm lucky if I screw in a light bulb and have it work.
And as for the bill? I scrapped my landline and went with Vonage [vonage.com] because I *never* knew what the bill was going to be. The list of 9 different taxes varied every month.
Light bulb joke (Score:4, Funny)
That brings to mind the old joke:
Q: How many flies does it take to screw in a light bulb?
A: Only two, but how'd they get in there in the first place?
Re:Craig is a crack smoker (Score:2)
You DO know ABOUT what your bill is going to be in almost every case. It's easy to estimate. You might have been specially screwed, and the phone company will try to get money out of you and/or avoid giving you money you deserve any chance they get, they're notorious for it in fact (at least pacific bell is, so by extension southwestern bell, even if they weren't already) but you know that your basic service costs n, and you pay so much per minute long distance, et cetera. If you use a special service (like a 900 number) then you know how much that costs as well.
I'm having a hard time seeing as how the computer is any different, though. The only issue is certain ISPs like Earthlink will bill you without informing you that they will do so. They put a $20 hold on my account when I signed up for my "FREE" trial, they didn't tell me that they were doing this. But that is a service-related issue and nothing will fix that in the realm of computing.
Re:Craig is a crack smoker (Score:2)
I am *very* happy with Vonage. Very very happy. I've never had any call problems at all. the price is excellent. With relatives out of town, I've saved a ton in long distance fees.
Also, I'm not getting hit with a big pile of taxes. There's sales tax, that's IT. My old SBC bill was about 45% in taxes. Now I pay only like $5 more and get *all* of the useful features.
Vonage now supports fax machines as well. Oh, and "Virtual Numbers." I live in the East SF Bay. I have family in Northern CA. Now I can get a number in the 530 area code, and my family can call *me* and not run up long distance charges. I could pick up a Florida NPA/NXX as well, for only $4.99/mo.
Vonage rocks. I pray to god that the Bells don't ever cause their demise.
Targeting Privacy? (Score:5, Insightful)
This gives me flashbacks to Statistics classes in college. Specifically a problem where a hypothetical bus company wanted to raise prices, but for each increase they lost riders. The result was to curves and the intersection was where the "optimum" result was.
I can envision that same graph in MS, where "security" and "compalints/bad PR" are the two curves...
Re:Targeting Privacy? (Score:2)
That is exactly what I was thinking!
Re:Targeting Privacy? (Score:2)
I can envision that same graph in MS, where "security" and "compalints/bad PR" are the two curves...
Welcome to reality. Companies do this every day, in all sorts of areas. Price, Security, Quality, Functionality, Time to Market, support, phone staff, outlets, regions to sell it in etc etc. All sorts of things go into deciding how and when to release a product (be it a piece of software or a teddy-bear).
Companies that don't make these hard decisions, no matter how great their product will eventually be or how commited to quality they are...will go bust. You make no money while developing a product, only when selling it.
90% of product development takes 90% of the time, the last 10% takes the other 90% of the time.
making Microsoft OS secure and reliable... (Score:5, Interesting)
-- AcquaCow
Re:making Microsoft OS secure and reliable... (Score:2)
Re:making Microsoft OS secure and reliable... (Score:2)
OS features which you do not use are not installed. Many items come with executables which you do not typically use (I just found out about netsh, boy is my face red) so it seems like a ton of shit is being installed but really is it more utilities and scripts and crap than come with the average linux distribution? Probably not. It comes with more binary drivers, but that's because it doesn't come with any source drivers.
In the real world (Score:2, Funny)
Think about the read world. I set up a new box with Windows XP server. I got the new service pack and all the latest patches from windows update. IIS on my box was hacked within 2 weeks. I was hosting a warez ftp that I had no clue about. I don't trust Microsoft worth shit anymore.
Re:In the real world (Score:2, Insightful)
Are you sure?
Take a closer look. There is no such thing. XP is a desktop OS and it comes in two flavors: Professional and Home.
Not "Server"
Start making some sense or STFU.
Re:In the real world (Score:4, Funny)
Didja think about getting a fucking firewall, hmmm? How about that? I can't believe someone would be so stupid as to let a goddamn warez site in "german", nonetheless, and "several gigabytes" worth of "stuff", to be run without their knowledge from their home or office box. I mean, that's the epitome of stupidity. It's so stupid, it hurts.
You see, it's not that "micro$oft sux" [slashdot.org]. No, it's just that you are either too fucking stupid to use a computer or you're just lying. I'd tend to go with the latter. "I was typing in auto mode" [slashdot.org]?? WTF does that mean? Do you turn your brain off while posting to Slashdot? That's no typo, ~tihs is a tipo~. So are you saying you typed "XP server" instead of "Win2K server"? No, you're just full of shit.
But let's continue to assume your tale is true. Where did you acquire a copy of "Win2K server"? Did you get it when you ordered your Compaq rackmount? Or did you buy it at discount from CDW? No, you probably pirated it. So, I'd say it's pretty fucking stupid to come out and say that you had no idea of how to correctly set up a server with software that you pirated in the first place. Why bother? I'm sure you're smart enough to install BSD or something and secure it completely. And you won't feel bad about being a pirate, eh?
Now go play with your Nintendo and stay away from computers.
Re:In the real world (Score:2)
Here, mod this down as well. I have plenty karma. And keep modding up assholes like the OP as "informative". But the truth hurts, eh?
Re:In the real world (Score:2)
Re:In the real world (Score:2)
I hate to break it to you, but "scandisk" doesn't exist in "Win2k Server". Are you starting to feel mighty stupid now, or shall I continue?
Re:Woah! Typo! (Score:2)
http://www.microsoft.com/technet/treevi
And a clue how to admin a box. Usually you learn about the tenets of how it works BEFORE you use it on the net. Your issue is 100% admin error, not Microsoft.
Live and learn.
only as trustworthy as... (Score:5, Interesting)
Since the interests of a business aren't necessarily aligned with those of buyers, and those of a monopoly even less so, MS computing will be about as trusworthy as the rest of the business world. Unless there's someone (regulator or consumer interest group) breathing down their neck, they are unlikely to be worthy of anyone's trust.
Re:only as trustworthy as... (Score:2)
That's a particularly insightful comment, especially if you take a walk down Google's Executive Indictment Lane [google.com].
Enron, Qwest, Worldcom...even if it wasn't Microsoft (convicted monopolist), there's no way I'd trust a big company to provide me a "trustworthy" system.
--K.
ISO News siezed by DoJ today for XBox mod chips... (Score:4, Interesting)
Some people think it may be a hoax, but for what it's worth...
ISONews [isonews.com]
Yahoo [yahoo.com]
Re:ISO News siezed by DoJ today for XBox mod chips (Score:2)
I suppose YOU could secure a game box where the attacker has physical access to the machine? If so, someone in the security industry should hire you ASAP! But in reality you're just an anti-Microsoft idiot...so nevermind.
Regarding removing every vulnerability (Score:2, Funny)
So NetBSD, Apache, ErOS users are all... in space? Someone call NASA, I think we have a Mars program...!
Re:Regarding removing every vulnerability (Score:2)
The people at NetBSD, Apache or any other place would ever claim they could get rid of every vulnerability in their software. They know quite well that that will never happen.
--sex [slashdot.org]
Re:Regarding removing every vulnerability (Score:2)
Apache had the chunked encoding vulnerability that got a lot of Unix boxes cracked, not to mention a ton of other problems: http://www.apacheweek.com/features/security-13
NetBSD has a whole list of security bugs ( http://www.netbsd.org/Security/ )
ErOS is a toy OS.
Stuart's notion of the problem: (Score:5, Interesting)
a) Huh?!?
b) So it isn't the 72 security bulletins, and it isn't the fact that putting out that many overwhelms IT people, and it isn't the fact that the patching process can be so arduous and potentially destructive (can you say Slammer) that people will avoid it for months on end, and it isn't the fact that MS tends to be initially evasive/dismissive of a large number of exploits discovered. The problem is the going public.
c) I'm still not feeling the Trustworthiness.
Trustworthy computing? I'll none of it! (Score:2, Insightful)
I'll none of it. 5 to 15 years is being optimistic!
Re:Trustworthy computing? I'll none of it! (Score:5, Insightful)
More to the point, there is absolutely no reason why my having a system that I can trust requires that the system be trusted by Microsoft. The two relationships are completely orthogonal, despite what MS would have you believe.
Trusted Platforms (Score:2, Interesting)
His answers seemed frank and honest, a nice touch. Makes me wonder if he'll find himself out-of-work next week.
15 years? (Score:3, Insightful)
15 years? What M$ product is around today that will be around 15 years from now?
Re:15 years? (Score:2, Interesting)
The first version of Windows came out somewhere in the mid to late 80's (can't remember exactly when). It took them from then to now, about 15 years, to finally make a halfway decent version.
So, 15 years for them to get the trustworthy part right? Sounds like a pretty good estimate to me.
Re:15 years? (Score:2)
Of course, they could did things right from the start, but common sense is so uncommon...
Re:15 years? (Score:2)
Re:15 years? (Score:2)
They're focusing only on new products. Forsake the existing. Yet another reason for you to upgrade in the future!
Now Windows 2048 with Trustworthy Computing(TM)!!!
Mission statement. (Score:5, Funny)
But in the meantime we shall vigorously pedal all the buggy shit we can, and still claim: "It's the most secure yet"
5 to 15 years?!?! (Score:3, Funny)
Measure Twice...Cut Once
That's some free advice from me to MS
Re:5 to 15 years?!?! (Score:3, Funny)
Measure Twice...Cut Once
I cut twice and it's still too short.
Re:5 to 15 years?!?! (Score:2)
Wildly optimistic (Score:2, Interesting)
If, a decade from today, Microsoft is still trying to fix the problems they have now, then they're dead in the water. Someone leaner and meaner will come along and push them aside.
That's the way this business works. We're not the car industry.
Re:Wildly optimistic (Score:5, Insightful)
That's the way this business works. We're not the car industry.
No we're worse than the car industry. With the auto industry one can always switch manufacturers and have an auto that drives basically the same way as any other auto does. We can buy tires, batteries, wipers, etc at the local Pep Boys (assuming a fairly "standard" auto, i.e. you don't own a Ferrari Enzo), all specific to our auto, put with common parts availability. We can do none of the above with software. This is why Microsoft was able to become Microsoft. Market share is king, and it's something that is extrememly difficult to overcome without huge resources, regardless of how "leaner and meaner" you are. In this market it's not good enough to be better, you have to be better and have deep enough pockets to fight a long and protracted battle. Either that or rely on the generous coding by those who are willing to do it for "free".
This is turning normal users against MS (Score:5, Interesting)
When I hear people bitching about the new direction Microsoft is going with anti privacy and anti piracy I rejoice, and wish them to go further. All it does is push more people into a free operating system such as BSD or GNU/linux.
Re:This is turning normal users against MS (Score:2)
If I flame you, it will only be based on the poor quality of your genetic material. Your father can't figure out how to warez XP, and he's going to run Linux? Good luck, daddy-o.
Trustworthy as Ma Bell? (Score:5, Interesting)
Good lord, that's Microsoft's idea of trustworthy? At least 75% of the Verizon bills I audit at work are wrong, many to the tune of thousands of dollars. And don't get me started about the impossibility of figuring out whether the caller is a telemarketer before picking up the phone...
Re:Trustworthy as Ma Bell? (Score:2)
--sex [slashdot.org]
Overview of article (Score:5, Funny)
There are four pillars in computing to us. We are activaly pursuing one of those.
We have billion customers and only a few tens of thousands of employees to fix there problems.
We may fix most of our security problems in say, 10 to 15 years.
Some people dislike us and we are ok with that...we're still quite rich.
You can fool all of the people some of the time,etc,etc...
No one is 100 percent secure. It is impossible.
Our goal is 100 percent security, and we think we can achieve that.
One last thing, Win200 and WinXP may have security holes (we don't plan on fixing), but Win2003 will be GREAT! Well in about 10 to 15 years...
Re:Overview of article (Score:2)
So add this to your list:
A lot of people will always hate Microsoft, and they know it ;-)
--sex [slashdot.org]
You betcha (Score:5, Funny)
I'll say they have! By this time next year they should be nearly finished with their program to eliminate all of the above.
Some "Inconsistencies" (Score:5, Insightful)
And we know that we will never be able to get rid of every vulnerability. Anyone who says the opposite is not living on this planet.
then 2 questions later he says:
We have the people, processes and technology in place to get to zero (security vulnerabilities)
so am I reading this wrong or is he contradicting himself?
No contradiction (Score:2, Funny)
No, he's not contradicting himself but just doesn't live on this planet.
k2r
Here's a fix: (Score:5, Interesting)
Decent MSFT employees stay on average 5 years. This is more than enough time for the "dis"-incentive of a post-mortem on the security of their product to have an effect.
You listening, Bill? Steve?
PS: I'm ex-MSFT. I left because while I believed in the strength of the individual developers (the best as a whole I've ever worked with) the corporate management does not listen to the actual needs of the customers. They are very, very good at listening to what the customers will buy. Unfortunately, those are two different things right now.
Re:Here's a fix: (Score:3, Interesting)
How would you recommend providing incentive for the OSS developer to create fewer vulnerabilities?
If development and business owners are not being held personally accountable within Microsoft, their products are not going to improve. Period.
And how does this translate into improving OSS where you typically don't have a paycheck to lord over the heads of the developers?
Re:Here's a fix: (Score:2)
You don't need to provide an incentive for open source programmers to create fewer vulnerabilities. Our code's out there in the open for everyone to look at. If someone finds a vulnerability in our code that we haven't spotted and fixed first the egg is all over our faces, personally. It hits us right where it hurts, in the personal pride and self image. If your code is out there in public with your name and your email address on it you care that it's as good as you can make it.
Re:Here's a fix: (Score:2)
I'm sorry I don't share your belief that having others find your blunders is somehow "better" (or just as good as) having financial incentive. Plus in the corp world, there is BOTH the risk of having someone find your broken code and the financial slap on the wrists. There are more than enough vulns. in OSS code that if your statement is correct, would imply that the people doing the coding on OSS are producing marginal code due to lack of skill vs attention to detail (I'm referring specifically to busted code, not ALL their code). Is this what you are saying?
Re:Here's a fix: (Score:4, Interesting)
Dream on.
Most bugs in commercial code exist because the coders work under pressure to a deadline they didn't even have a hand in making. Not because they're bad coders. The quality of the coders is nearly irrelevant, which is why MS can employ so many of the best coders in the world and still turn out crap product.
Many other bugs are introduced as part of the basic architecture by *marketing,* not the coders.(Can you say Outlook Express? I knew you could)
This isn't about good code. It's about marketing product.
KFG
Re:Here's a fix: (Score:3, Interesting)
Most bugs in commercial code exist because the coders work under pressure to a deadline they didn't even have a hand in making. Not because they're bad coders. The quality of the coders is nearly irrelevant, which is why MS can employ so many of the best coders in the world and still turn out crap product.
Many other bugs are introduced as part of the basic architecture by *marketing,* not the coders.(Can you say Outlook Express? I knew you could)
This isn't about good code. It's about marketing product.
hear!! hear!!
And don't forget how many bugs are added through requirement changing half-way through development
Marketer: Hows the work going?
Programmer: Great! Have almost finish an alpha, almost ready for testing phase...as per plan and spec.
M: awesome! Oh, by the way...I also need it to send SMSes alerting us when a customer needs something or rather...
P: umm...not in the spec.
M: wasn't it? well it was meant to be in the spec.
P: You signed off on the spec. It doesn't have it in it.
M: Well I'm telling you now it needs it.
At this point the programmer generally goes one of two ways.
- They can be helpful, offering to see if they can throw something together in a few days. This is often done by helpful programmers or those who like to show off. Often they underestimate how hard it really is, how long it will take, and how it changes the rest of the project. But because nothing is in writing, and it is last minute...they put themselves in a bad position, hammered by costs, times, and reliability problems.. They also opened the door, and in the future the marketer will continue to add things at the last moment. It is a bad downward spiral into insanity.
- they can piss off the marketer (and possibly big people in the company). Say they won't do it until they have a change request. They need the changes speced out, and then need to reply in writing how this changes the project. It adds an extra week to dev time, test time, etc etc. They need the changes (including extra time and costs) signed off by everyone involved. In the end this is a much better way...it teaches the marketer their "I just need..." costs money and time. And makes sure things are done right.
Re:Here's a not so old proverb (Score:2)
Re:Here's a not so old proverb (Score:2)
If architects would build houses like programmers build programs, the first woodpecker which comes along would destroy our civilisation.
funny.
but an unfair comparison. Architects have a profession going back tens of thousands of years. Software Developers go back decades.
The four pillars (Score:2, Interesting)
The first three I understand, single words with a direct meaning. The forth business integrity ? Why is integrity qualified with business? Whose business and how? Its seems a little more difficult to pin down what they mean by that.
Re:The four pillars (Score:2, Funny)
There are reasons people don't like Microsoft (Score:4, Interesting)
I don't dislike MS because it's been so succesful, I dislike MS because A: Its preditory business practices and B: Its disdain for its users.
It would be like Al Capone saying the only reason why people don't like him is because he was so rich and powerful.
Comment removed (Score:4, Insightful)
Most people don't don't like Microsoft (Score:2)
Special Report in Information Security Magazine (Score:2, Informative)
I trust Miocrosoft already (Score:2, Insightful)
When I buy Microsoft products, I know I can trust them to shaft me with shoddy software, vendor lock-in, DRM, gratuitously incompatible file formats, etc.
not as bad as whoi? (Score:4, Interesting)
Um, which competitors are these? Where are the numbers (minus duplicate counting across distros and inconsistent inclusion/exclusion of apps)?
Would this be the FOSS community that acknowledges and patches holes in hours?
Re: (Score:2)
My idea is this: (Score:2, Funny)
How about they just use the IIS guys room as base of operations?
One of the best ways to herd cats (Score:4, Insightful)
There comes a time when the labor of herding the cats exceeds the value of the labor they produce and the whole thing starts to go downhill.
MS hit that point many years ago. They have a lot of money though, and a profit margin that's nearly obscene, so they can afford a lot of cats, so they get them.
You want more, better, faster product from MS? Cut the staff in half, starting with middle management.
Daimler and Benz invented the automobile working alone. The Wright Bros. invented the aeroplane working alone. It takes a team of engineers and designers 6 months to *two years* to make a change in a Ford's hood ornament.
The man month truly is mythical.
KFG
Re:One of the best ways to herd cats (Score:3, Interesting)
If MS put everything they had into making Windows the best OS out there, and let other companies develope products to run under Windows, rather than taking over every market that runs under Windows, no one would have aproblem with them at all.
And the certainly wouldn't have all those damned Outlook virii that rampage across the Net!
Re:One of the best ways to herd cats (Score:2)
No way. The best way to herd cats is to give them catnip and then move in with a frontend loader. Otherwise switch to an animal whose very nature tends toward the herd mentality: Microsoft Users^H^H^H^H^H^H^H^H^H^H^H^H^H^Hsheep.
Open Standards? (Score:4, Insightful)
Perhaps I'm being cynical, but since when has Microsoft truly embraced open standards? They are still trying to hijack Java [slashdot.org], which, I guess, could be seen as proprietary in a sense because Sun owns it but it is open to a certain extent in that it embraces multiple platforms. Also, if they are committed to standards, why doesn't Chimera or Mozilla really function properly as an Outlook web client for Exchange? They send broken style sheets [slashdot.org] to Opera. The list goes on.
It seems to me they're trying to own the internet, like everything else, after denying its usefulness all those years ago.
Breakdown of every tenet of Microsoft Security... (Score:5, Insightful)
1. They didn't test their own code(patches) before releasing it. Exchange (summer '01) and NT4 ('03) are examples of products broken after patches. The NT4 patch took over a month to fix! There are still about 9+ vulnerabilities with IE out there, and have been that many ever since it's release!
2. They have seen numerous internal vulnerabilities in house. Examples include the VPN contractor who was vulnerable and exposed their internal code, as well as slapper worm happening last month. The second is a massive issue, no patching on their own systems, I can't believe that one.
3. They are vulnerable to social engineering cracks, which can effect their infrastructure from the top down (someone claiming to be from Microsoft getting issued valid global certificates that all machines trust.) Microsoft wasn't even at fault there, but someone MS trusted was.
The problem is here is that they preach, but the practice, and more importantly the models will *not work* in the long term. As their OS's and software becomes much more hemogenized, the "defaults" won't matter as much, because the system will depend on itself far too much.
An example is security in the windows world is dependant now on auto-updates. You crack that and you crack EVERY WINDOWS PC looking to it since Windows 95.
Where are the checks and balances that will prevent an attack from the top down? I don't see it ever being viable with trust being put in one organization.
Re:Breakdown of every tenet of Microsoft Security. (Score:3, Interesting)
Quick! Close the source of any Linux project that may have security vulnerabilities.
Get a clue, Charlie Brown (Score:4, Funny)
Yeah, why would you want to fix a product that was originally sold as a trustworthy product to an unsuspecting (gullible? naive?) public when doing so would undermine your ability to coerce people into buying your next so-called trustworthy product; which they'll eventually have to buy in order to protect themselves against all of the unaddressed problems with the old product?
How many times will people fall for this? Come on, Charlie Brown, get a clue and stop falling for Lucy's stupid fucking trick!
The Computer is NOT a TV or a Telephone (Score:3, Interesting)
A TV that had to be changed every couple of months to handle a different signal from each station would not be "trustworthy".
A phone that had to do 15 things, such as playing games, doing calculations, and decoding text messages would not be as "trustworthy".
The computer must do all these things. But the most untrustworthy part of the computer lies in it's necessity to contact other computers. You have to allow your computer to "trust" some information coming in. Without accepting outside data as good, you could never allow your machine to decode anything. And it just so happens that not everything out there is good. I want my computer to stop crashing. I want decent drivers. But I don't want my computer to be a telephone. I don't want to give up all it's features just so it wont break.
I want to be able to run games from people that MS doesnt like. And I think that MS's version of Trustworthy basically means stopping your computer from running any code they don't approve first and not allowing reputable users from knowing of vulnerabilities.
Incompatible with the Microsoft business model (Score:3, Insightful)
Microsoft has everything including the kitchen sink in the kernel. Multimedia codecs are in kernel space. Networking stacks are in kernel space. Internet Exploder is "part of the operating system". (Open a file dialog box from your own application, and three new threads start up, some of them in parts of IE.) Any of this code can contain a security hole. And it all changes constantly. It's hopeless with a system like that.
It can be done right. Look at VM for IBM mainframes. When was the last time you heard about a security vulnerability in VM?
Not that Linux is all that much better. The kernel is much too big. But at least the windowing system is outside of the kernel.
When will they ever get it? (Score:5, Insightful)
No kidding. People would be much more likely to accept/forgive MS if they ever showed any evidence of contrition. As it is, they settle lawsuits, claim they are just being persecuted, and blame people for being jealous of their success. And they wonder why we don't trust them?