Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security

Trustworthy Computing At One Year 301

ackthpt writes "One year ago Bill Gates issued forth an email directing the company to work toward Trustworthy Computing, making Microsoft operating systems, applications and services secure and reliable. Where is that effort at today? vnunet has this Q&A with Microsoft security chief Stuart Okin. Slow, steady progress seems to be the result. They've targeted Security, Privacy, Reliability and Business Integrity, but so far have had a go at Privacy. Okin indicates the strategy may take 5 to 15 years, but more immediate milestones are targeted within the next two years and focusing on reducing vulnerabilities in the next version of Windows, rather than attempting to fix 2000 or XP. I'd chalk this up as a frank and honest interview, rather than madly spun, and paints a picture of the massive cat herding effort undertaken."
This discussion has been archived. No new comments can be posted.

Trustworthy Computing At One Year

Comments Filter:
  • Well (Score:5, Funny)

    by B3ryllium ( 571199 ) on Wednesday February 26, 2003 @05:33PM (#5390467) Homepage
    My XP machine has never been hacked, so it must have been a success!
    • Re:Well (Score:5, Funny)

      by Anonymous Coward on Wednesday February 26, 2003 @06:03PM (#5390801)
      My XP machine has never been hacked

      Use a sharper axe.

    • My XP machine has never been hacked, so it must have been a success!

      XP isn't THAT bad untill you do stupid stuff like:

      • Using administrator acount for day to day use
      • Use various dodgy programs
      • Use various blatantly insecure programs
      • Open every executable file you get
      • Never make sure critical stuff is up to date*

      * = Involves installing service packs. Don't think of this as a problem, think of it as a challanger instead! Okay, so it's still crap to do but it will give you a more positive view on life :) Besides, I think you're just cheating! Have you ever booted it? Does it dual boot something else that you normally use? Is it even connected to the internet to start with? :P

      • Re:Well (Score:2, Funny)

        by Proc6 ( 518858 )
        > Don't think of this as a problem, think of it as a challanger instead!

        Challenger? As in Space Shuttle Challenger? Freudian slip?

      • Re:Well (Score:4, Interesting)

        by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Wednesday February 26, 2003 @07:35PM (#5391536) Homepage Journal
        On the other hand, I got infected with a worm because another XP computer on the same network got infected. I was at sp1, they were not. It's stupid that you can be compromised in that fashion, there should be no path that will allow it. It's not like I have any blank passwords, or passwords in common with the other system.
  • ...sounds ominous. ;-)
  • first DRM (Score:5, Funny)

    by Anonymous Coward on Wednesday February 26, 2003 @05:33PM (#5390474)
    you can't access this post unless you're running a Paladium-enabled OS.
  • by Frobnicator ( 565869 ) on Wednesday February 26, 2003 @05:34PM (#5390484) Journal
    Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work.
    He must buy terrible telephones.
    • by $$$$$exyGal ( 638164 ) on Wednesday February 26, 2003 @05:53PM (#5390683) Homepage Journal
      Another quote:

      In 10 or 15 years time we could achieve Trustworthy Computing and there will still be people that don't like us.

      How can "Trustworthy Computing" ever be achieved? Ironically, the more that some people trust their computers, the more others will distrust them. The only way to completely trust the computer is if no human can break into it and steal your data. But if no human can break into the computer, then what do I do if the computer won't give me my data when I need it?

      --sex [slashdot.org]

      • by kfg ( 145172 ) on Wednesday February 26, 2003 @06:23PM (#5390970)
        Even worse. What happens if part of that trustworthyness is achieved by handing trust to someone else's computer?

        Now if your computer decides not to trust you you're hosed, and if *their* computer decides not to trust you you're hosed.

        And who says you can trust *them?*

        And that's just it. Trustworthy computing isn't *about* you trusting your computer, it's about your computer trusting *you.*

        I already trust my computer. My computer has no business "wondering" whether it trusts me or not.

        If I have the car keys I expect the car to run. It's up to me to protect my keys.

        KFG
        • I already trust my computer. My computer has no business "wondering" whether it trusts me or not.
          That was a beautiful quote.
        • Exactly! (Score:3, Insightful)

          by Ender Ryan ( 79406 )
          Exactly! "Trustworthy computing" is analagous to buying a car where you don't get the keys! You get the car, but every time you want to drive it, you have to prove you're the owner of the car, and someone else, who you don't know but are supposed to trust, has to start it for you.

          Call me paranoid, but I think I trust myself more than I'll ever trust a stranger.

          Hmmm... Is that what passes for paranoid these days? Ridiculous...

          And we're not even talking business or national security.

          "Trusted computing" my ass... That's like a Mafia slogan, "Legit business".

          • Re:Exactly! (Score:4, Interesting)

            by fucksl4shd0t ( 630000 ) on Thursday February 27, 2003 @12:07AM (#5393325) Homepage Journal

            "Trustworthy computing" is analagous to buying a car where you don't get the keys!

            Um, actually, the key is supposed to prove that you own the car, or are at least authorized to drive it. You're supposed to guard your keys, keep them close to you at all times. Now, it's not the security issue it sounds like.

            For example: When I go to bed, I lock all the doors in my house. My keys hang in a jacket pocket on the front door (it's a temporary situation, they should be in my bedroom, where I normally keep them). To get them under normal circumstances, someone would have to first break into the house. Well I already check the locks on the windows and doors in the house, and they're locked. I don't worry about too elaborate security measures. I keep the outside well-lit at night (whenever possible, I was fighting with the upstairs neighbor over this issue, actually, but now she's moved out). So, at night, to get the keys to my truck, you have to first go through the well-lit area, then break something (a window or something), then unlock the door or window associated with the breaking, then come inside the house. There's 4 people sleeping, theoretically, but there can be anyone awake at any time of the night. My kids know to wake me and my wife if anybody comes in the house, so if they see the intruder they might wake me. Anyway, then they have to find the keys, checking various pockets. Normally, they'd have to actually enter my bedroom to do this.

            Of course, as soon as they break in, they have as much chance of finding the keys as they do of browsing the web on my computer. :) (password-protected, not strongly, but your average burglar wouldn't be able to guess it)

            Why is all this important? It's important because one of Microsoft's plaguing problems which the Free Software community wants to adopt is the fact the PEOPLE DON'T THINK ABOUT SECURITY.

            I fought my upstairs neighbor over the lighting issue because she was worried about our electric bill while I was worried about our house being the easiest pickings on the block. She worried about money, I worried about, um, guess what, SECURITY.

            Your average bear doesn't go wondering around thinking about whether or not his keys are vulnerable. He takes it for granted. Your average person leaves doors unlocked, trunks unlatched, and so forth. I see people late at night leave their cars running while they run into a gas station! They left it running so it wouldn't get cold. Of course, a gas station, late at night is the WORST place to leave your car running! Even if you lock the doors and carry a second key! You've just made it take 2 seconds to steal your car, and no matter how closely you watch it, you won't get out there to stop the guy quick enough, and he's gone with your car. Call that security?

            Yes, MS software seems to have an inordinate amount of bugs. Argue with me, I don't give a shit.

            Yes, MS software tends to install with poorly chosen defaults from a security standpoint.

            Yes, MS software is frequently run by people who don't ever think about security in any other aspect of their lives, why the hell should they think about it now?

            For many people, "computing" is some vague amoebic thing and they expect "experts" to make it secure. They just don't think that they need to lock their doors and turn on a few lights! Hell, they don't even do it in their own homes when it's their very lives that are potentially at risk! The only way Microsoft is ever going to get out of their mess, and this is something we need to look at as a growth-minded community ourselves, is to EDUCATE END-USERS. It's a friggin' MYTH that people don't need to know anything about their computers. Do they understand "lock your doors"? Do they understand "keep your key safe"? Security is a pervasive concept. You either think about it, or you don't.


      • How can "Trustworthy Computing" ever be achieved? Ironically, the more that some people trust their computers, the more others will distrust them.


        The same way "Trustworth TV Watching" can be achieved. At the moment the computer is still "new" to our homes. They have only really been around our homes for 5-10 years (if that). We have had TVs in our homes since the 60s.

        I won't be suprised if it takes us 30-40 years to make computers worthy to be trusted, as well as for us to actually trust them.

        I work in iTV (interactive TV), and there have been surveys showing that 86% of Australians distrust ordering Pizza off the internet, but 92% of them trust ordering Pizza from their TVs (as part of an iTV trial we did). The difference is that the TV is a trusted family member (sad but true).
        • We have had TVs in our homes since the 60s.

          Ironically, as TVs become smarter & more like computers, the less we are going to trust them.


          • Ironically, as TVs become smarter & more like computers, the less we are going to trust them.


            totally. I haven't seen any data suggesting people trust their TVs less, but I suspect it may happen. Some iTV deployments have really bad security..and if a few bad things happen and are publicised, things may change. When people start not being able to record TV shows, or are forced to watch Adverts rather then fast forwarding, etc etc...I suspect they may become not so happy with their TVs.

    • If you unplug and replug a phone 1000000 times, the little pin will break off of the plug and the plug won't stay in.
  • by PD ( 9577 ) <slashdotlinux@pdrap.org> on Wednesday February 26, 2003 @05:34PM (#5390487) Homepage Journal
    What we need to do is raise that bar and make sure these vulnerabilities are very obscure.

    They're not going to fix the bugs, they're going to hide them underneath a new GUI layer.
  • Article Text (Score:2, Informative)

    by Anonymous Coward
    Q+A: Stuart Okin, Microsoft UK's chief security officer

    Emma Nash [26-02-2003]

    It's been a year since Bill Gates sent an email to Microsoft's 50,000 staff, informing them that security was the company's new watchword and its Trustworthy Computing strategy was its newest and biggest priority.
    Twelve months later and the company says it wants people to be able to trust computing infrastructures within the next 10 years. The software giant is doing all it can to shake off its reputation of having bug-ridden software that is inherently insecure.

    Stuart Okin, Microsoft UK's chief security officer talked to Computing about the company's security vision.

    How did the Trustworthy Computing strategy came to life at Microsoft and what does it mean?

    Trustworthy Computing was born out of chief technology officer Craig Mundie's office in January last year. He coined the phrase and it lead on to a vision that resulted in the famous email that Bill Gates sent out. Trustworthy Computing is a vision of the future in five, 10 or 15 years, which says we want users to say they trust their computing platform.

    Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work. When we use it, we are pretty sure that we know who we are talking to, and we know we'll get a bill at the end of the month and we know what rate we'll be charged at, and we are protected by Oftel. That's the vision, and that's where we want to be.

    We have come up with four pillars: security, privacy, reliability and business integrity. We are trying to develop a score card system for each one of these and put an improvement plan in place. To date we've had a go at privacy and we are trying to roll that out. The other three are more difficult.

    What improvements have been made so far?

    The largest impact has been on our consumer business. About 11,000 programme managers, developers and subsidiaries have received additional security training. A lot of this is about learning how to write secure code, and consider things like - do you need certain functions set as default? We've also seen an impact on our security bulletins.

    Microsoft issued 72 security bulletins last year. That doesn't help your reputation, does it?

    The problem with Microsoft is because we have a big deployment base out there, we go very, very public with any vulnerability, with patches. Some we actively alert the press about. We know it's going to cause negative press but we have to do it. That's a problem for us. But if you follow any of the vulnerabilities of our competitors, we are not as bad as them. It just takes one vulnerability to be exploited and it has a major effect.

    It is a problem from a reputation point of view. And we know that we will never be able to get rid of every vulnerability. Anyone who says the opposite is not living on this planet. What we need to do is raise that bar and make sure these vulnerabilities are very obscure.

    Will it be a big struggle to change people's perception of Microsoft and security?

    There is a broad spectrum of people that like Microsoft, and there are those that don't like Microsoft. Microsoft is a very successful company and there's a lot of people that don't like success. In 10 or 15 years time we could achieve Trustworthy Computing and there will still be people that don't like us. That's fine. We can't win with everybody, but we can ensure we are transparent, honest and forthright.

    How much of these security problems can be improved with education?

    It's partly to do with education, but Trustworthy Computing is a roadmap. We will bring out the most secure software we have, but there will always be vulnerabilities. It's about what we can learn from them and then we can raise the bar again next time round.

    Will we see a decline in the number of security vulnerabilities in the coming years?

    I'm not sure we will see the number decrease particularly, because they go across all of our products. I hope we'll see them decrease in products like Windows 2003 rather than 2000 and XP. We have some internal aims and we work on the basis that we aim for zero, and we see where it goes from there. We have the people, processes and technology in place to get to zero.

    Surely this is an industry undertaking and Microsoft cannot get the world to trust computers on its own?

    We cannot do it alone. We have to do this with our partners, with the government and with our competitors, because there are things we can do with education and awareness. It's Microsoft's vision but it's not something we can do alone. We are working with our competitors through standards groups, such as Saint.

    How progressed is the strategy?

    We have done a lot in the last year but we need to do a lot more in the next two years. We need to do a lot more in the patch management area. The product groups are very much independent at the moment - Windows, SQL, Exchange are all pretty much separate. We have to work to common standards, which we've pretty much got licked because of the arrival of the internet and open standards.

    The one we haven't got licked is patch management and engineering. Each division has their own engineering group. We have got to bring engineering to a point where all patches are together in a single deliverable way. We're looking to get to two installers in the next two years and then to one some time after that.
  • by EvilStein ( 414640 ) <spamNO@SPAMpbp.net> on Wednesday February 26, 2003 @05:38PM (#5390532)
    "Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work. When we use it, we are pretty sure that we know who we are talking to, and we know we'll get a bill at the end of the month and we know what rate we'll be charged at"

    No, we don't know that. That man has obviously never seen the wiring in my apartment building. I'm lucky if I screw in a light bulb and have it work.

    And as for the bill? I scrapped my landline and went with Vonage [vonage.com] because I *never* knew what the bill was going to be. The list of 9 different taxes varied every month.

    • by Webmoth ( 75878 ) on Wednesday February 26, 2003 @05:57PM (#5390726) Homepage
      "...I'm lucky if I screw in a light bulb..."

      That brings to mind the old joke:

      Q: How many flies does it take to screw in a light bulb?

      A: Only two, but how'd they get in there in the first place?
    • POTS is POTS is POTS. Any POTS phone will probably work with any POTS line. If the line isn't there, then the line isn't there. That simple.

      You DO know ABOUT what your bill is going to be in almost every case. It's easy to estimate. You might have been specially screwed, and the phone company will try to get money out of you and/or avoid giving you money you deserve any chance they get, they're notorious for it in fact (at least pacific bell is, so by extension southwestern bell, even if they weren't already) but you know that your basic service costs n, and you pay so much per minute long distance, et cetera. If you use a special service (like a 900 number) then you know how much that costs as well.

      I'm having a hard time seeing as how the computer is any different, though. The only issue is certain ISPs like Earthlink will bill you without informing you that they will do so. They put a $20 hold on my account when I signed up for my "FREE" trial, they didn't tell me that they were doing this. But that is a service-related issue and nothing will fix that in the realm of computing.

  • Targeting Privacy? (Score:5, Insightful)

    by chill ( 34294 ) on Wednesday February 26, 2003 @05:39PM (#5390539) Journal
    Wow, and with this story [slashdot.org] still on the front page?

    This gives me flashbacks to Statistics classes in college. Specifically a problem where a hypothetical bus company wanted to raise prices, but for each increase they lost riders. The result was to curves and the intersection was where the "optimum" result was.

    I can envision that same graph in MS, where "security" and "compalints/bad PR" are the two curves...
    • Wow, and with this story [slashdot.org] still on the front page?

      That is exactly what I was thinking!

    • I can envision that same graph in MS, where "security" and "compalints/bad PR" are the two curves...


      Welcome to reality. Companies do this every day, in all sorts of areas. Price, Security, Quality, Functionality, Time to Market, support, phone staff, outlets, regions to sell it in etc etc. All sorts of things go into deciding how and when to release a product (be it a piece of software or a teddy-bear).

      Companies that don't make these hard decisions, no matter how great their product will eventually be or how commited to quality they are...will go bust. You make no money while developing a product, only when selling it.

      90% of product development takes 90% of the time, the last 10% takes the other 90% of the time.
  • by AcquaCow ( 56720 ) <acquacow.hotmail@com> on Wednesday February 26, 2003 @05:39PM (#5390541) Homepage
    Secure...reliable...I still don't trust all the misc info that is dumped to disk at install time. 400+ printer def's, and misc. etc... MS seems to be throwing hundreds of small .exe's into their system to make it easier for tasks to be done, but correct me if I'm wrong, but isn't it harder to keep a system secure if you keep adding application after application to a base install? More apps, more code...more room for something to go wrong...

    -- AcquaCow
    • I thought Linux/OSS was of the "Do one thing, and do it right" philosophy? So if Microsoft does the same, it's unsecure and A Bad Thing?
    • Microsoft installs all/most of their drivers these days because people got tired of having to go look for the CD, and this is significantly faster, plus the drivers all had to be compressed, and to save maximum space they are compressed into a single CAB, which is cumbersome to access on CD.

      OS features which you do not use are not installed. Many items come with executables which you do not typically use (I just found out about netsh, boy is my face red) so it seems like a ton of shit is being installed but really is it more utilities and scripts and crap than come with the average linux distribution? Probably not. It comes with more binary drivers, but that's because it doesn't come with any source drivers.

  • While you can talk about all the work that is being put into making Microsoft products secure and bug free all day long, it really is pointless.

    Think about the read world. I set up a new box with Windows XP server. I got the new service pack and all the latest patches from windows update. IIS on my box was hacked within 2 weeks. I was hosting a warez ftp that I had no clue about. I don't trust Microsoft worth shit anymore.
    • by sbillard ( 568017 )
      Windows XP server?
      Are you sure?
      Take a closer look. There is no such thing. XP is a desktop OS and it comes in two flavors: Professional and Home.
      Not "Server"

      Start making some sense or STFU.
    • by The Bungi ( 221687 ) <thebungi@gmail.com> on Wednesday February 26, 2003 @07:14PM (#5391388) Homepage
      Hey Visaris, now that I'm in a roll and the mods are coming in hard and fast, let's talk some more. If I'm going to be modded down for calling you on your bullshit, I'd just as well have some fun.

      Didja think about getting a fucking firewall, hmmm? How about that? I can't believe someone would be so stupid as to let a goddamn warez site in "german", nonetheless, and "several gigabytes" worth of "stuff", to be run without their knowledge from their home or office box. I mean, that's the epitome of stupidity. It's so stupid, it hurts.

      You see, it's not that "micro$oft sux" [slashdot.org]. No, it's just that you are either too fucking stupid to use a computer or you're just lying. I'd tend to go with the latter. "I was typing in auto mode" [slashdot.org]?? WTF does that mean? Do you turn your brain off while posting to Slashdot? That's no typo, ~tihs is a tipo~. So are you saying you typed "XP server" instead of "Win2K server"? No, you're just full of shit.

      But let's continue to assume your tale is true. Where did you acquire a copy of "Win2K server"? Did you get it when you ordered your Compaq rackmount? Or did you buy it at discount from CDW? No, you probably pirated it. So, I'd say it's pretty fucking stupid to come out and say that you had no idea of how to correctly set up a server with software that you pirated in the first place. Why bother? I'm sure you're smart enough to install BSD or something and secure it completely. And you won't feel bad about being a pirate, eh?

      Now go play with your Nintendo and stay away from computers.

  • by Sydney Weidman ( 187981 ) on Wednesday February 26, 2003 @05:40PM (#5390551) Homepage
    the path of least resistance

    Since the interests of a business aren't necessarily aligned with those of buyers, and those of a monopoly even less so, MS computing will be about as trusworthy as the rest of the business world. Unless there's someone (regulator or consumer interest group) breathing down their neck, they are unlikely to be worthy of anyone's trust.
    • Since the interests of a business aren't necessarily aligned with those of buyers, and those of a monopoly even less so, MS computing will be about as trusworthy as the rest of the business world.

      That's a particularly insightful comment, especially if you take a walk down Google's Executive Indictment Lane [google.com].

      Enron, Qwest, Worldcom...even if it wasn't Microsoft (convicted monopolist), there's no way I'd trust a big company to provide me a "trustworthy" system.

      --K.
  • by Dave21212 ( 256924 ) <dav@spamcop.net> on Wednesday February 26, 2003 @05:40PM (#5390553) Homepage Journal
    I guess that's trustworthyness through DMCA ? If you can't even secure a game box, why would I trust them with my servers !

    Some people think it may be a hoax, but for what it's worth...

    ISONews [isonews.com]
    Yahoo [yahoo.com]

    • I guess that's trustworthyness through DMCA ? If you can't even secure a game box, why would I trust them with my servers !

      I suppose YOU could secure a game box where the attacker has physical access to the machine? If so, someone in the security industry should hire you ASAP! But in reality you're just an anti-Microsoft idiot...so nevermind.

  • ...never be able to get rid of every vulnerability. Anyone who says the opposite is not living on this planet...

    So NetBSD, Apache, ErOS users are all... in space? Someone call NASA, I think we have a Mars program...!

    • I don't understand your point (or joke?)...

      The people at NetBSD, Apache or any other place would ever claim they could get rid of every vulnerability in their software. They know quite well that that will never happen.

      --sex [slashdot.org]

    • Huh?

      Apache had the chunked encoding vulnerability that got a lot of Unix boxes cracked, not to mention a ton of other problems: http://www.apacheweek.com/features/security-13

      NetBSD has a whole list of security bugs ( http://www.netbsd.org/Security/ )

      ErOS is a toy OS.
  • by burgburgburg ( 574866 ) <splisken06NO@SPAMemail.com> on Wednesday February 26, 2003 @05:41PM (#5390562)
    The problem with Microsoft is because we have a big deployment base out there, we go very, very public with any vulnerability, with patches. Some we actively alert the press about. We know it's going to cause negative press but we have to do it. That's a problem for us.

    a) Huh?!?
    b) So it isn't the 72 security bulletins, and it isn't the fact that putting out that many overwhelms IT people, and it isn't the fact that the patching process can be so arduous and potentially destructive (can you say Slammer) that people will avoid it for months on end, and it isn't the fact that MS tends to be initially evasive/dismissive of a large number of exploits discovered. The problem is the going public.
    c) I'm still not feeling the Trustworthiness.

  • Microsoft? Trustworthy? What this means is that our computer systems need to trust Microsoft - a company who, while I'm always willing to give them a chance to try and redeem themselves, are primarily interested in making profit before giving people what they actually need.

    I'll none of it. 5 to 15 years is being optimistic!
  • Trusted Platforms (Score:2, Interesting)

    by Fringe ( 6096 )
    From the interview, Craig said:
    Trustworthy Computing is a vision of the future in five, 10 or 15 years, which says we want users to say they trust their computing platform.
    It could be done much quicker than that if they'd open their source. Linux users trust their platform.

    His answers seemed frank and honest, a nice touch. Makes me wonder if he'll find himself out-of-work next week.

  • 15 years? (Score:3, Insightful)

    by the_machine ( 168692 ) <<machine> <at> <tietsort.org>> on Wednesday February 26, 2003 @05:44PM (#5390589) Homepage
    Okin indicates the strategy may take 5 to 15 years

    15 years? What M$ product is around today that will be around 15 years from now?
    • Re:15 years? (Score:2, Interesting)

      by geeber ( 520231 )
      Well, consider:

      The first version of Windows came out somewhere in the mid to late 80's (can't remember exactly when). It took them from then to now, about 15 years, to finally make a halfway decent version.

      So, 15 years for them to get the trustworthy part right? Sounds like a pretty good estimate to me.
      • Is good math, 15 years of adding features, and 15 to do them right.

        Of course, they could did things right from the start, but common sense is so uncommon...
    • Well,it's 2003 and XP still runs DOS programs...so there's a good chance there will be more layers of compatibility stuff and old cruft!
    • What M$ product is around today that will be around 15 years from now?
      That, I believe, is the point.

      They're focusing only on new products. Forsake the existing. Yet another reason for you to upgrade in the future!

      Now Windows 2048 with Trustworthy Computing(TM)!!!
  • by tarquin_fim_bim ( 649994 ) on Wednesday February 26, 2003 @05:45PM (#5390601)
    "Trustworthy Computing is a vision of the future in five, 10 or 15 years

    But in the meantime we shall vigorously pedal all the buggy shit we can, and still claim: "It's the most secure yet"
  • by FosterKanig ( 645454 ) on Wednesday February 26, 2003 @05:46PM (#5390612)
    I was always told:
    Measure Twice...Cut Once

    That's some free advice from me to MS
  • Wildly optimistic (Score:2, Interesting)

    by cuberat ( 549657 )
    I'm not willing to stipulate that MS will be the 400-lb. gorilla it is now in 15 years.

    If, a decade from today, Microsoft is still trying to fix the problems they have now, then they're dead in the water. Someone leaner and meaner will come along and push them aside.

    That's the way this business works. We're not the car industry.

    • by binaryDigit ( 557647 ) on Wednesday February 26, 2003 @06:20PM (#5390938)
      .... Someone leaner and meaner will come along and push them aside.

      That's the way this business works. We're not the car industry.


      No we're worse than the car industry. With the auto industry one can always switch manufacturers and have an auto that drives basically the same way as any other auto does. We can buy tires, batteries, wipers, etc at the local Pep Boys (assuming a fairly "standard" auto, i.e. you don't own a Ferrari Enzo), all specific to our auto, put with common parts availability. We can do none of the above with software. This is why Microsoft was able to become Microsoft. Market share is king, and it's something that is extrememly difficult to overcome without huge resources, regardless of how "leaner and meaner" you are. In this market it's not good enough to be better, you have to be better and have deep enough pockets to fight a long and protracted battle. Either that or rely on the generous coding by those who are willing to do it for "free".
  • by StormyWeather ( 543593 ) on Wednesday February 26, 2003 @05:47PM (#5390620) Homepage
    The wierdest thing happened today. My father picked up an el-cheapo computer I built for a relative from me, and asked about linux. I was floored. My father is intelligent when it comes to many things, but is not computer savvy. You guys will probably flame me for this, but my father wants to try linux because he can't pirate XP easily. However, his company buys a ton of software based on his recommendations (based upon mine), so his decision usually ends up filling Microsoft's coffers a fair amount. I like the idea because I can ssh into his machine and fix something if it breaks, and I don't have to worry about all the damn viruses, key loggers, and spyware he seems to collect like a bee collects pollen just through regular email correspondance.


    When I hear people bitching about the new direction Microsoft is going with anti privacy and anti piracy I rejoice, and wish them to go further. All it does is push more people into a free operating system such as BSD or GNU/linux.
    • You guys will probably flame me for this, but my father wants to try linux because he can't pirate XP easily.

      If I flame you, it will only be based on the poor quality of your genetic material. Your father can't figure out how to warez XP, and he's going to run Linux? Good luck, daddy-o.

  • by Spazmania ( 174582 ) on Wednesday February 26, 2003 @05:47PM (#5390621) Homepage
    Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work. When we use it, we are pretty sure that we know who we are talking to, and we know we'll get a bill at the end of the month and we know what rate we'll be charged at, and we are protected by Oftel. That's the vision, and that's where we want to be.

    Good lord, that's Microsoft's idea of trustworthy? At least 75% of the Verizon bills I audit at work are wrong, many to the tune of thousands of dollars. And don't get me started about the impossibility of figuring out whether the caller is a telemarketer before picking up the phone...
  • by LittleBigScript ( 618162 ) on Wednesday February 26, 2003 @05:49PM (#5390641) Homepage Journal
    Even telephones fail.

    There are four pillars in computing to us. We are activaly pursuing one of those.

    We have billion customers and only a few tens of thousands of employees to fix there problems.

    We may fix most of our security problems in say, 10 to 15 years.

    Some people dislike us and we are ok with that...we're still quite rich.

    You can fool all of the people some of the time,etc,etc...

    No one is 100 percent secure. It is impossible.

    Our goal is 100 percent security, and we think we can achieve that.

    One last thing, Win200 and WinXP may have security holes (we don't plan on fixing), but Win2003 will be GREAT! Well in about 10 to 15 years...
  • You betcha (Score:5, Funny)

    by worst_name_ever ( 633374 ) on Wednesday February 26, 2003 @05:50PM (#5390649)
    They've targeted Security, Privacy, Reliability and Business Integrity

    I'll say they have! By this time next year they should be nearly finished with their program to eliminate all of the above.

  • by Neumann ( 240442 ) on Wednesday February 26, 2003 @05:54PM (#5390689)
    He answers to one question:

    And we know that we will never be able to get rid of every vulnerability. Anyone who says the opposite is not living on this planet.

    then 2 questions later he says:

    We have the people, processes and technology in place to get to zero (security vulnerabilities)

    so am I reading this wrong or is he contradicting himself?
    • by k2r ( 255754 )
      > Anyone who says the opposite is not living on this planet.

      No, he's not contradicting himself but just doesn't live on this planet.

      k2r
  • Here's a fix: (Score:5, Interesting)

    by image ( 13487 ) on Wednesday February 26, 2003 @05:57PM (#5390732) Homepage
    Developers, program managers, QA engineers, and marketing leads should be held accountable for security holes found in the products they ship. Even after the fact. E.g., those responsible for the recent Slammer vulnerabilities should get smaller bonuses and performance incentives this year. This should be part of their "Trustworthy Computing" initative. If development and business owners are not being held personally accountable within Microsoft, their products are not going to improve. Period.

    Decent MSFT employees stay on average 5 years. This is more than enough time for the "dis"-incentive of a post-mortem on the security of their product to have an effect.

    You listening, Bill? Steve?

    PS: I'm ex-MSFT. I left because while I believed in the strength of the individual developers (the best as a whole I've ever worked with) the corporate management does not listen to the actual needs of the customers. They are very, very good at listening to what the customers will buy. Unfortunately, those are two different things right now.
    • Re:Here's a fix: (Score:3, Interesting)

      by binaryDigit ( 557647 )
      those responsible for the recent Slammer vulnerabilities should get smaller bonuses and performance incentives this year.

      How would you recommend providing incentive for the OSS developer to create fewer vulnerabilities?

      If development and business owners are not being held personally accountable within Microsoft, their products are not going to improve. Period.

      And how does this translate into improving OSS where you typically don't have a paycheck to lord over the heads of the developers?
      • How would you recommend providing incentive for the OSS developer to create fewer vulnerabilities?

        You don't need to provide an incentive for open source programmers to create fewer vulnerabilities. Our code's out there in the open for everyone to look at. If someone finds a vulnerability in our code that we haven't spotted and fixed first the egg is all over our faces, personally. It hits us right where it hurts, in the personal pride and self image. If your code is out there in public with your name and your email address on it you care that it's as good as you can make it.

        • You don't need to provide an incentive for open source programmers to create fewer vulnerabilities

          I'm sorry I don't share your belief that having others find your blunders is somehow "better" (or just as good as) having financial incentive. Plus in the corp world, there is BOTH the risk of having someone find your broken code and the financial slap on the wrists. There are more than enough vulns. in OSS code that if your statement is correct, would imply that the people doing the coding on OSS are producing marginal code due to lack of skill vs attention to detail (I'm referring specifically to busted code, not ALL their code). Is this what you are saying?
    • Re:Here's a fix: (Score:4, Interesting)

      by kfg ( 145172 ) on Wednesday February 26, 2003 @06:33PM (#5391054)
      That would work, *IF* they had the power to halt production until their bug was worked out and got a bonus for doing it.

      Dream on.

      Most bugs in commercial code exist because the coders work under pressure to a deadline they didn't even have a hand in making. Not because they're bad coders. The quality of the coders is nearly irrelevant, which is why MS can employ so many of the best coders in the world and still turn out crap product.

      Many other bugs are introduced as part of the basic architecture by *marketing,* not the coders.(Can you say Outlook Express? I knew you could)

      This isn't about good code. It's about marketing product.

      KFG
      • Re:Here's a fix: (Score:3, Interesting)

        by Slurpee ( 4012 )

        Most bugs in commercial code exist because the coders work under pressure to a deadline they didn't even have a hand in making. Not because they're bad coders. The quality of the coders is nearly irrelevant, which is why MS can employ so many of the best coders in the world and still turn out crap product.

        Many other bugs are introduced as part of the basic architecture by *marketing,* not the coders.(Can you say Outlook Express? I knew you could)

        This isn't about good code. It's about marketing product.


        hear!! hear!!

        And don't forget how many bugs are added through requirement changing half-way through development .

        Marketer: Hows the work going?

        Programmer: Great! Have almost finish an alpha, almost ready for testing phase...as per plan and spec.

        M: awesome! Oh, by the way...I also need it to send SMSes alerting us when a customer needs something or rather...

        P: umm...not in the spec.

        M: wasn't it? well it was meant to be in the spec.

        P: You signed off on the spec. It doesn't have it in it.

        M: Well I'm telling you now it needs it.

        At this point the programmer generally goes one of two ways.

        - They can be helpful, offering to see if they can throw something together in a few days. This is often done by helpful programmers or those who like to show off. Often they underestimate how hard it really is, how long it will take, and how it changes the rest of the project. But because nothing is in writing, and it is last minute...they put themselves in a bad position, hammered by costs, times, and reliability problems.. They also opened the door, and in the future the marketer will continue to add things at the last moment. It is a bad downward spiral into insanity.

        - they can piss off the marketer (and possibly big people in the company). Say they won't do it until they have a change request. They need the changes speced out, and then need to reply in writing how this changes the project. It adds an extra week to dev time, test time, etc etc. They need the changes (including extra time and costs) signed off by everyone involved. In the end this is a much better way...it teaches the marketer their "I just need..." costs money and time. And makes sure things are done right.

  • The four pillars (Score:2, Interesting)

    by Anonymous Coward
    security, privacy, reliability and business integrity.

    The first three I understand, single words with a direct meaning. The forth business integrity ? Why is integrity qualified with business? Whose business and how? Its seems a little more difficult to pin down what they mean by that.

  • And I don't think Microsoft really understands the real reasons why. The interview hints at the mentality of MS that its detractors are somehow upset because the company is succesful.

    I don't dislike MS because it's been so succesful, I dislike MS because A: Its preditory business practices and B: Its disdain for its users.

    It would be like Al Capone saying the only reason why people don't like him is because he was so rich and powerful.

  • The February issue of Information Security [infosecuritymag.com] has a special report by Lawrence Walsh titled "Trustworthy Yet?" [infosecuritymag.com] that is a good companion to this article.
  • When I buy Microsoft products, I know I can trust them to shaft me with shoddy software, vendor lock-in, DRM, gratuitously incompatible file formats, etc.

  • not as bad as whoi? (Score:4, Interesting)

    by fanatic ( 86657 ) on Wednesday February 26, 2003 @06:11PM (#5390854)
    From the linked article: But if you follow any of the vulnerabilities of our competitors, we are not as bad as them.

    Um, which competitors are these? Where are the numbers (minus duplicate counting across distros and inconsistent inclusion/exclusion of apps)?

    Would this be the FOSS community that acknowledges and patches holes in hours?
  • The product groups are very much independent at the moment - Windows, SQL, Exchange are all pretty much separate.

    How about they just use the IIS guys room as base of operations? ;)
  • by kfg ( 145172 ) on Wednesday February 26, 2003 @06:40PM (#5391137)
    Is to have as few as possible cats to keep track of.

    There comes a time when the labor of herding the cats exceeds the value of the labor they produce and the whole thing starts to go downhill.

    MS hit that point many years ago. They have a lot of money though, and a profit margin that's nearly obscene, so they can afford a lot of cats, so they get them.

    You want more, better, faster product from MS? Cut the staff in half, starting with middle management.

    Daimler and Benz invented the automobile working alone. The Wright Bros. invented the aeroplane working alone. It takes a team of engineers and designers 6 months to *two years* to make a change in a Ford's hood ornament.

    The man month truly is mythical.

    KFG

    • Reduce the number of products! They should have stayed focused on the OS and left the rest alone. MS wasn't a bunch of mean asshats before they had a vested interest in Office. When it was just DOS/Windows they were pretty cool with most people (safe Lotus, but they always seemed to have it in foir those guys).

      If MS put everything they had into making Windows the best OS out there, and let other companies develope products to run under Windows, rather than taking over every market that runs under Windows, no one would have aproblem with them at all.

      And the certainly wouldn't have all those damned Outlook virii that rampage across the Net!
    • Is to have as few as possible cats to keep track of.

      No way. The best way to herd cats is to give them catnip and then move in with a frontend loader. Otherwise switch to an animal whose very nature tends toward the herd mentality: Microsoft Users^H^H^H^H^H^H^H^H^H^H^H^H^H^Hsheep.
  • Open Standards? (Score:4, Insightful)

    by SiO2 ( 124860 ) on Wednesday February 26, 2003 @06:42PM (#5391159) Homepage
    We have to work to common standards, which we've pretty much got licked because of the arrival of the internet and open standards.

    Perhaps I'm being cynical, but since when has Microsoft truly embraced open standards? They are still trying to hijack Java [slashdot.org], which, I guess, could be seen as proprietary in a sense because Sun owns it but it is open to a certain extent in that it embraces multiple platforms. Also, if they are committed to standards, why doesn't Chimera or Mozilla really function properly as an Outlook web client for Exchange? They send broken style sheets [slashdot.org] to Opera. The list goes on.

    It seems to me they're trying to own the internet, like everything else, after denying its usefulness all those years ago.
  • by indiigo ( 121714 ) on Wednesday February 26, 2003 @07:21PM (#5391447) Homepage
    So far we've seen a breakdown of every level of security that Microsoft themselves preach, and we've seen it recently:

    1. They didn't test their own code(patches) before releasing it. Exchange (summer '01) and NT4 ('03) are examples of products broken after patches. The NT4 patch took over a month to fix! There are still about 9+ vulnerabilities with IE out there, and have been that many ever since it's release!

    2. They have seen numerous internal vulnerabilities in house. Examples include the VPN contractor who was vulnerable and exposed their internal code, as well as slapper worm happening last month. The second is a massive issue, no patching on their own systems, I can't believe that one.

    3. They are vulnerable to social engineering cracks, which can effect their infrastructure from the top down (someone claiming to be from Microsoft getting issued valid global certificates that all machines trust.) Microsoft wasn't even at fault there, but someone MS trusted was.

    The problem is here is that they preach, but the practice, and more importantly the models will *not work* in the long term. As their OS's and software becomes much more hemogenized, the "defaults" won't matter as much, because the system will depend on itself far too much.

    An example is security in the windows world is dependant now on auto-updates. You crack that and you crack EVERY WINDOWS PC looking to it since Windows 95.

    Where are the checks and balances that will prevent an attack from the top down? I don't see it ever being viable with trust being put in one organization.

  • by wfrp01 ( 82831 ) on Wednesday February 26, 2003 @08:55PM (#5392130) Journal
    focusing on reducing vulnerabilities in the next version of Windows, rather than attempting to fix 2000 or XP.

    Yeah, why would you want to fix a product that was originally sold as a trustworthy product to an unsuspecting (gullible? naive?) public when doing so would undermine your ability to coerce people into buying your next so-called trustworthy product; which they'll eventually have to buy in order to protect themselves against all of the unaddressed problems with the old product?

    How many times will people fall for this? Come on, Charlie Brown, get a clue and stop falling for Lucy's stupid fucking trick!
  • by Geekbot ( 641878 ) on Wednesday February 26, 2003 @09:22PM (#5392323)
    I hate this kind of lame ass comparison. The TV has few problems because it does one thing and you don't tamper with it.

    A TV that had to be changed every couple of months to handle a different signal from each station would not be "trustworthy".

    A phone that had to do 15 things, such as playing games, doing calculations, and decoding text messages would not be as "trustworthy".

    The computer must do all these things. But the most untrustworthy part of the computer lies in it's necessity to contact other computers. You have to allow your computer to "trust" some information coming in. Without accepting outside data as good, you could never allow your machine to decode anything. And it just so happens that not everything out there is good. I want my computer to stop crashing. I want decent drivers. But I don't want my computer to be a telephone. I don't want to give up all it's features just so it wont break.

    I want to be able to run games from people that MS doesnt like. And I think that MS's version of Trustworthy basically means stopping your computer from running any code they don't approve first and not allowing reputable users from knowing of vulnerabilities.
  • by Animats ( 122034 ) on Thursday February 27, 2003 @01:50AM (#5393829) Homepage
    The only way to achieve computer security is to minimize the amount of trusted code. Browsers should not be trusted. Mail programs should not be trusted. Application installers should not run as root. Everything that can possibly run outside the kernel should run outside the kerrnel, and with minimal privileges, even if there's a performance hit. That's how it's done, and we've known that for two decades.

    Microsoft has everything including the kitchen sink in the kernel. Multimedia codecs are in kernel space. Networking stacks are in kernel space. Internet Exploder is "part of the operating system". (Open a file dialog box from your own application, and three new threads start up, some of them in parts of IE.) Any of this code can contain a security hole. And it all changes constantly. It's hopeless with a system like that.

    It can be done right. Look at VM for IBM mainframes. When was the last time you heard about a security vulnerability in VM?

    Not that Linux is all that much better. The kernel is much too big. But at least the windowing system is outside of the kernel.

There is no opinion so absurd that some philosopher will not express it. -- Marcus Tullius Cicero, "Ad familiares"

Working...