Microsoft To Teach Undergrads About Secure Computing 444
Update: 03/24 18:00 GMT by J : Another report worth reading is Writing Software Right, which requires a free but annoying registration at Technology Review. This regards automated methods of finding software errors (not security specifically). Sun's "Jackpot" is discussed, a lint that also "identifies general instances of good or bad programming."
And Microsoft's efforts in this field are explained as well -- the company "paid more than $60 million in 1999 to acquire Intrinsa, maker of a bug-finding tool called Prefix. The program, which sifts through huge swaths of code searching for patterns that match a defined list of common semantic errors, helped find thousands of mistakes in Windows and other Microsoft products." As a Microsoft QA person says, "Our challenge is to get our software to the point that people expect it to work instead of expecting it to fail."
This just in: (Score:5, Funny)
Or Clinton teaching... (Score:2, Funny)
Re:Or Clinton teaching... (Score:2)
Re:Or Clinton teaching... (Score:2)
I download at 192. Still depends on the source, but
Or, you know, I could just go buy the CD. That could work.
Re:This just in: (Score:5, Insightful)
Re:This just in: (Score:5, Insightful)
Re:This just in: (Score:4, Informative)
This has already happened. Remember when Windows development was halted for a month to find and fix security issues last February? At the same time, all technical people at Microsoft had to go through a special security training. It was based on Writing Secure Code [barnesandnoble.com] by some MS insiders, a real good book in fact.
I would think the particular course mentioned in the article would also feature this book.
Re:This just in: (Score:3)
Remember when Windows development was halted for a month to find and fix security issues last February?
Yeah. A whole month to search and repair twenty years of accumulated bad hackery. And look at how well it worked!
Re:This just in: (Score:3, Funny)
Re:This just in: (Score:2, Funny)
Re:This just in: (Score:3, Funny)
Re:This just in: (Score:3, Funny)
Re:This just in: (Score:3, Funny)
Ah well. I guess it's a bit better than whatever the hell Canadian Prime Minister Jean Cretien speaks.
(I AM CANADIAN! So I have the requisite CretienSpeak interpretation skills.)
Re:This just in: (Score:5, Funny)
Hey, don't knock those courses! They're great!
I've already registrated for his Interemediary English next term!
Re:This just in: (Score:5, Funny)
Why not? (Score:5, Insightful)
Re:Why not? (Score:5, Insightful)
Yeah, what a bunch of whiners.
Anyway, to get back on track
Re:Why not? (Score:2)
There's insight in the humor. (Score:5, Insightful)
In debates like these, perception and politics reign. And one surprisingly effective tactic is to assert the point under debate by calmly behaving as if there were no debate and moving on to the next step. If you simply act as if something is true, and act surprised when people question it, listener tend to build consensus around the confidence you project. Certainly the Bush administrations (and, of course, many previous administrations) have used this tactic extensively, and Microsoft seems to be using it now: If they're teaching a course on security, they must know security, right?
This places those arguing the opposite side (pacifists in the one case, the Slashdot majority crowd in the other) in the awkward position of constantly having to re-establish that the debate is still open, without boring, tiring, or otherwise turning off the only semi-interested public.
Note that none of all that maneuvering has anything to do with who's actually right.
Re:There's insight in the humor. (Score:5, Informative)
The book talks a great deal about how having secure code is more than just the writing, especially in a corporate environment where you need to enforce standards on multiple programmers and have to deal with the pressures from marketing, etc. I think that, more than incompotent programmers, is what leads to the issues we see at MS.
Re:There's insight in the humor. (Score:4, Interesting)
I'd say some of the gems of my book collection are from Microsoft Press. In particular, anything written by Jefferey Richter or Charles Petzold I'm willing to take on faith will be outstanding.
Irrespective of feelings towards Microsoft (and I'm pretty far into the anti-MS camp), their Microsoft Press division has released some darn fine books.
(Note: I only own 4 MS Press books, and all have been outstanding. This does not mean that there aren't hundreds of MS Press books that are crap, but that hasn't been my experience.)
Alan
Re:There's insight in the humor. (Score:4, Informative)
True, but public opinion has relatively little to do with whether your computers are secure or not. If it did, then nobody would bother with engineering approaches to security; they'd just set aside a large PR budget to create the public perception of security, and that would make their software secure.
The main irony here is the old observation by many security people: If you want computer security, you never, ever allow any software to be run unless you have all the source and you've compiled it yourself. Otherwise, you have no idea what may have been hidden inside that binary by the people who sold it to you.
It would be interesting to see whether Microsoft's teachers bring out this rule. Will they even mention the topic? If so, will they teach the course the second time?
Granted, this isn't nearly the whole story. You must not just have the source. You must also have competent, trustworthy people on your staff who have the time to thoroughly take the software apart and understand it all. And even then, Ken Thompson's famous paper [acm.org] shows how subtle the problems can be.
Still, as a baseline argument, any such course on computer security should start with the observation that if you allow binary software to be installed, you are utterly defenseless against the people who compiled and packaged it for you. This is really the main thing that needs to be said about security and Microsoft.
Re:This just in: (Score:3, Funny)
"Aggressive negotiations?"
"Negotiations... with a light saber."
Re:This just in: (Score:5, Funny)
-Bush to teach proper pronunciation rules
-Saddam Hussein to teach pacifism
-Hilary Rosen to teach kindergarten students how to share
-Sesame Street's Elmo to lead seminar on economics of scale in prostitution rings in Las Vegas
-Bob Dylan, Tom Petty, Emo Philips and Busta Rhymes to collaborate on an audio tape on public speaking
-Britney Spears to offer songwriting workshop
And finally, for all you non-PC folks,
-Frenchman to teach course on how to fire a rifle
Ba dum, crash!
Re:This just in: (Score:2)
Non-PC? (Score:3, Funny)
Re:This just in: (Score:4, Funny)
And Lybia will be chairing the commission on human rights... oh wait.
Re:Right. If only... (Score:2)
actually, do I even need to finish that?
Re:This just in: (Score:2)
Re:This just in: (Score:3, Interesting)
If you were able to lay aside your biases, you might even chuckle.
As for the war, there are certainly those that argue attacking Iraq is wrong. I won't take a stand on that because there are a number of reasons to support the argument that come down to a larger view of man's behavior and the ultimate benificiary of ones actions.
However, the response that you quote is a smoke-screen, so we don't have to dig all that deep to deal with the problem.
No one
Experience... (Score:4, Funny)
Wrong topic (Score:2, Interesting)
That'd be like... (Score:5, Funny)
This is too easy... (Score:2)
Probably their baselevel administrators too. I don't think it's the programmers that enable every service under the moon.
bashing in moderation (Score:5, Interesting)
You know what they say: (Score:3, Funny)
Re:You know what they say: (Score:5, Informative)
Feds want public input on hacker sentencing (Score:2)
http://www.securityfocus.com/news/2028
Last week the presidential-appointed commission responsible for setting federal sentencing rules formally asked the public's advice on the formula used to sentence hackers and virus writers to prison or probation, as part of a review ordered by lawmakers increasingly concerned that computer criminals are getting off easy.
-m
Spyware? (Score:2)
Learn the kids to write spyware, yay.
i pity those students (Score:2, Insightful)
Re:i pity those students (Score:2)
90:1 odds they give them the new development Microsoft code and MS uses it as a cheap way to getting hole patches.
I especially like the fact that that doesn't actually work that way. 99% of the crackers have no clue how OS's work. All it takes is one person of a couple million to find the whole, by the next day everybody knows about it....
Security fixes come out in the real world because someone tells you that there's a hole in it. This is why programming companies hire testers. T
Other suggested instructor - course pairings (Score:5, Funny)
Re:Other suggested instructor - course pairings (Score:2)
Re:Other suggested instructor - course pairings (Score:2)
Re:Other suggested instructor - course pairings (Score:2)
Re:Other suggested instructor - course pairings (Score:2)
Search Google for key words such Clinton, Iraq and cruise missile.
Clinton attacked Iraq! [google.com]
Is it April already? (Score:3, Funny)
In other news... (Score:2)
Don't throw rocks (Score:4, Insightful)
Yes, many security holes in Windows occur weekly, but so do they in Open Source software. The only diffrence is, that the OS movement releases bug-fix's usually within 24 hours unlike M$.
Microsoft College (Score:2)
GameTab [gametab.com] - Game Reviews Database
All humor aside... (Score:5, Insightful)
Maybe I'm just an old fuddy duddy, but. . . (Score:5, Insightful)
Don't they have a *professor* qualified to teach such a course, and if not, why would anyone go there?
Maybe I'm just being a *cynical* old fuddy duddy, but I smell payol. . . er, a donation. Ah yes, there it is at the end of the article. Go figure.
I also strongly suspect that day one will *not* feature a lecture on the benefits of UNIX, how to uninstall Outlook Express or the security features built into Sun Java.
Which is precisely the reason an institute of higher learning should shy away from such blatant association with a particular company who has a vested interest in the field.
What's going to be next, the Christian Science Monitor Chair of Internal Medicine or Powerbar Chair of Exercise Physiology?
KFG
Their focus (Score:2)
Some of the stuff there is good (some of it is plain common sense), but I wonder if they're applying it to their own products. Supposedly IIS 6.0 was designed and coded that way *shrug*.
Against the grain (Score:5, Insightful)
Remember. Windows was made over several years and hundreds (if not thousands) of coders. We're talking older code, and thousands of different coders.
But, hey, anything to insult MS, right?
Re:Against the grain (Score:3, Insightful)
The real question is why are universities allowing a company notorious for insecure products -- with a corporate culture that focuses on shipping product regardless of security issues and with a obvious lack of ability to QA for such problems -- set up such courses? This is clearly for MS PR purposes, how much
Well, they have to fight linux.. (Score:2, Interesting)
Linux as a whole doesnt have so much money they have to give it away at an enormous rate, so MS will train the up and coming sys-admins into Windows and
This is the same diff as MS giving computers to libraries all over the world. Isnt it nice that they can copy a software CD for
My old uni already offered such a course.. (Score:5, Interesting)
You can find a description here. [ukc.ac.uk]
The only difference is that this module was intended to make undergrads see the failure and risk by means of software engineering, and we did this by looking at various procedures for writing secure code, and we looked at lots of examples from history (the challenger incident, for example, etc).
This course seems to be aimed more at specific coding practices - avoiding buffer overruns for example. It doesnt look like they'll be told how to deal with failure once it happens (because it *will* happen). I also fear that since Microsoft will be involved, it'll be specific to Windows & x86 -- not a real life view of computing.
Writing Secure Code (Score:3, Informative)
Courses? (Score:5, Funny)
CSI1001: Introduction to the necessity of 3rd-party security modules in a Microsoft environment
CSI1002: Trusted++ computing--how to manage your defenseless box on a multi-million node internet
CSI2001: Rapid HotFix/Service Pack deployment
CSI2002: (Continuation of 2001) Rapid HotFix/Service pack undeployment
CSI3001: Microsoft and you--Introspectives on long-term site licensing and vendor lock-in
In other news... (Score:2)
Just goes to show..... (Score:3, Funny)
"Those who can, do. Those who can't, teach"
Software Verification Is hard.. (Score:5, Insightful)
Re:Software Verification Is hard.. (Score:4, Interesting)
The term "cleanroom" comes from reverse engineering, where you have team A of engineers write a spec for a competitors product and team B (who've never seen the product) write an implementation. This gives you some degree of legal protection, but does not prove anything about correctness.
Of course, the flaw with formal methods is that they only prove the program is functioning as designed - which is definitely a worthwhile goal, but does not say anything about the correctness of the design itself. E.g., think of the problems with the incorrect mirror for the Hubble Space Telescope - the grinding machine worked perfectly, but the final mirror was still ground to the wrong shape.
Re:Software Verification Is hard.. (Score:2)
Re:Software Verification Is hard.. (Score:2, Informative)
EAL5 requires a semiformal functional specification and high-level design (along with other development evidence). A semiformal low-level design is required at EAL6 and formal specifications are required at EAL7.
Re:Software Verification Is hard.. (Score:3, Interesting)
This technology isn't used much in software any more. Why? Programming languages are worse. The semantics of Pascal are well-defined. C and C++, with casts, unions, void, and such, are hard to formalize. The strict languag
Formal methods in an informal world (Score:5, Interesting)
So formal methods are extremely powerful... but I rarely use them now. The problem is that few problems are so well defined that you can use them in a meaningful manner. If you're writing low-level code - something on the level of string libraries or date routines, use them. But as you get closer to real world problems, the formal methods seem more effective at driving home how little you understand about your problem space, not writing solid code.
(As a specific example, I remember getting nailed by the concept of "triangle." We were writing meteorological code, and sometimes "triangles" were planar and sometimes they were triangles on a sphere -- and the problems are *very* different as you move away from small triangles. Some of our code did - many navigation problems can be reduced to triangles with the two endpoints and the North Pole.)
What's the course textbook? (Score:4, Funny)
Fascinating (Score:5, Interesting)
Okin agreed: "We need to get input from others as well. Clearly, there is no point in these undergraduates learning only about Microsoft technology. We need a broad approach."
The reason I wondered was because so much of secure programming involves access control in many ways, direct and indirect. Obviously, Microsoft's access control mechanisms vary wildly from Unix paraadigms. I'm not a hardcore programmer, but I can only assume that priviledge escalation exploits under a Redmond OS would be very different from something similar with linux.
That sentence states unambiguously that the course will cover non-MS architecture.
I, for one, am impressed. Doing the right thing for once, the boys in Redmond.
Re:Fascinating (Score:2)
This must be a joke! (Score:2, Informative)
I mean, stuff like;
The IIS hole,
Outlook express,
The recent SQL worm,
Windows 9x's login etc.
There are friggin fishingnets who are more waterproof then microsofts code!
In other headlines... (Score:2, Funny)
Windows Source Code (Score:2)
"okay kids, Here's what NOT to do!"
Progressive Microsoft (Score:5, Funny)
Hey, check it out. Early last year Microsoft decided it might me worthwhile to secure some of its products.
I hear some time in Summer 2014 Microsoft is going to launch its Memory Leak Awareness Program.
Odd... (Score:2, Funny)
It really does make sense... (Score:5, Interesting)
Same thing here! Who better to tell us what security bugs to avoid than Microsoft.
In other news... (Score:2, Funny)
Teach Undergrads About Secure Computing??? (Score:2)
And in other news... (Score:2)
(sorry, couldn't resist)
When asked if Lunch would be served, Mr Fox responded; "yes, all who show up will be..."served", he chucled".
Ah, the irony... (Score:2, Funny)
What is M$'s real motive? (Score:5, Interesting)
I believe their real motive in offering such a course would be to teach programmers to code for security the Microsoft way, so that things continue to get worse. Their definition of security of your machine is much like their definition of digital rights of your machine; they are not looking after your digital rights, and they are not looking after your security.
Not Just Security (Score:4, Informative)
Java and Linux have become very large forces in education. Java has very nearly become the de facto teaching language, and Linux has become a popular instruction platform. Microsoft is trying very hard to counter this motion with C# and the
Irony... (Score:2)
depressing (Score:5, Insightful)
Also in the News today (Score:2)
Is not that bad... (Score:2)
Security is more an art than a science, so Microsoft only need to push the students to NOT go in the wrong direction (er... MS direction) and they will find the right path. If they don't do anything that Microsoft did, they can only do secure thin
How about the head OpenBSD guy! (Score:2)
The class would be taught on OpenBSD and your class project would be to implement some kind of server. Be it a finger daemon or some p2p protocol or something.
I'd sign up for it in an instant...
As for the whole microsoft teaching security...
(now for the obligatory slashot MS dig!)
"Microsoft teaching security is like driving to save gas..."
Simmer down now (Score:4, Insightful)
I think it's a good idea. Honestly. There are security flaws in Windows, yes. There are also security flaws in Linux. (ptrace recently). A lot more people are using Windows, there has got to be a decent chance that more security flaws will be exploited.
I didn't learn anything about secure coding in school. I'm sure there are many experts at MS on writing secure code. And at least the organization as a whole is *trying*. I'm sure they can write more secure code than me, and definitely have some advice that will help programmers down the road. Mod me down if you like, but I say give the MS bashing a rest and consider the merit behind the idea. How much do YOU know about writing secure code?
Another Marketing Ploy? (Score:3, Informative)
I had to take a couple MS Windows network administration courses back in colledge because they were requirement for the program. We had to memorize stupid phrases like "MS Windows network is the best choice because it's userfriendly, easy to set up, and secure" for the exams.... It just makes me sick to stomache.
Secure Programming for Linux and Unix HOWTO (Score:3, Informative)
It is a good idea to get colleges to teach about writing secure programs. Currently, almost all programmers get out to the real world without knowing how to write secure programs, and they're writing the programs exposed to the entire Internet. That needs to change.
Want to avoid exploits? Use better tools! (Score:3, Insightful)
Using a better language doesn't completely prevent software defects, but it can eliminate a large class of exploitable security problems.
Some more suitable languages include Ada, Java, Modula-3, Sather, Scheme, and Smalltalk. There are, of course, many others as well. Some of these impose a non-trivial performance penalty compared to C and C++, but some of them don't.
Some time back I was involved in a thread about programming language support for reliable software [brouhaha.com], in which I compared C to a table saw with no finger guard.
C.A.R. Hoare, in his 1980 ACM Turing Award Lecture, made the insightful observation:
Given how difficult it is to write robust software, it astonishes me that it is still common practice to use languages that offer essentially no help in avoiding common mistakes.
Microsoft is correct, however, that better education would improve things. Marc Donner posted an insightful comparison between how programming and writing are taught [brouhaha.com].
Eric
[*] Laziness in programmers is a virtue! Most new software tools are developed because a programmer somewhere was too lazy to keep doing things the same old way.
Reminds Me of an Old Saying (Score:3, Funny)
Course Syllabus (Score:5, Funny)
Week One: The dangers of open source software
Week Two: More dangers of open source software
Week Three: How frequent licensing payments improve security
Week Four: Shhhh... better security means not discussing exploits and security holes
Week Five: How the media exaggerates security issues
Week Six: Did we mention the dangers of open source? Let's review
Week Seven: How to uninstall Linux
Week Eight: Macintosh--the gay-communist connection
Week Nine: (No classes during this week so students can reinstall Windows or do any necessary security patches.)
Week Ten: Trusted computing, i.e., how hypnosis is your friend
Week Eleven: The dangers of open source software revisitted
MS Acquired Intrinsa (Score:3, Interesting)
Couldn't they have just bought a few licenses? Why did they have to BUYOUT the whole company? I'm sure if they worked up a good deal, they could have purchased a few thousand licenses for much less than $60M...
Re:Security (Score:2)
And when on vacation ... (Score:2)
Re:French (Score:2)
Re:I can see it now..... (Score:2)
Re:Mmmmmkaaaayyyy . ...... (Score:2)
Actually, it would be more like a serial killer teaching a course on how serial killers work.
Folks, if ANYBODY has something useful to say on easy-to-avoid mistakes, it's Microsoft. The best experience, after all, is hard won...and it is good to learn from your mistakes, but better to learn from somebody else's.
Re: A. Andersen crooks (Score:3, Interesting)
I'm a Chicagoan, and I find it sad that Andersen went away. They didn't cause Enron; they were crooks already. What Andersen did was allow it to happen when it was their specific responsibility to stop it. They got caught up in a contest with Andersen Consulting on how to book the biggest bucks, and let it blind them from outing the crooks. The sad thing is, previous to Enron/WorldCom et al., they had a rep of being the toughest firm out there wit