Microsoft and security: whenever shall the Twain meet?Let the record reflect that security is now Job #1 at Microsoft Corporation (company) Microsoft Corporation - The biggest supplier of operating systems and other software for IBM PC compatibles. Software products include MS-DOS, Microsoft Windows, Windows NT, Microsoft Access, LAN Manager, MS Client, SQL Server, Open Data Base Connectivity (ODBC), MS Mail, . In a memorandum sent to company employees and leaked to the press, Chairman Bill Gates (person) Bill Gates - William Henry Gates III, Chief Executive Officer of Microsoft, which he co-founded in 1975 with Paul Allen. In 1994 Gates is a billionaire, worth $9.35b and Microsoft is worth about $27b. introduced a strongly-worded but light-on-specifics initiative to increase the security of the company's products and to maintain the privacy of those who use them. "Trustworthy Computing The term Trustworthy Computing (TwC) has been applied to computing systems that are inherently secure, available and reliable. The Committee on Information Systems Trustworthiness’ publication, Trust in Cyberspace, defines such a system as one which " outlines a new direction for the company, one that makes the addition of bells and whistles A slang English term for exceptional features in some product. In the computer field, it typically refers to functions in software that may be greatly appreciated by some users, even though they may not be necessary most of the time. to products secondary to the guarantee that those products are sale and that users feel their privacy is maintained while using them. "If we don't do this, people simply won't be willing--or able--to take advantage of all the other great work we do. Trustworthy Computing is the highest priority for all the work we are doing," Gates wrote. The timing of Gates's pronouncement is curious. Sure, post-September 11 most companies have a renewed focus on security, be they airlines or software makers. But coming as it did on the heels of terrible publicity about holes in Windows XP The previous client version of Windows. XP was a major upgrade to the client version of Windows 2000 with numerous changes to the user interface. XP improved support for gaming, digital photography, instant messaging, wireless networking and sharing connections to the Internet. , problems with Passport passport Document issued by a national government identifying a traveler as a citizen with a right to protection while abroad and a right to return to the country of citizenship. It is normally a small booklet containing a description and photograph of the bearer. , and Hotmail security breaches, it smacks of closing the barn door after the horse has escaped. Why now? Microsoft has been opening its products up to the Internet since at least 1999, when its .NET initiative was announced. Since that time, it has only increased the potential vulnerabilities of all its products by refusing to add even the most basic level of protection from malicious Involving malice; characterized by wicked or mischievous motives or intentions. An act done maliciously is one that is wrongful and performed willfully or intentionally, and without legal justification. DESERTION, MALICIOUS. scripting. Or it has added them only after a public outcry. It's probably no coincidence Coincidence is the noteworthy alignment of two or more events or circumstances without obvious causal connection. The word is derived from the Latin co- ("in", "with", "together") and incidere ("to fall on"). that Trustworthy Computing came shortly after the publication of a National Academy of Sciences report called Cybersecurity Today And Tomorrow. The report recommends for the first time that, among other possible measures to increase security, software makers be held liable for the damage caused (or propagated) by their products. It states: "Policy makers should consider legislative responses to the failure of existing incentives to cause the market to respond adequately to the security challenge. Possible options include steps that would increase the exposure of software and system vendors and system operators to liability for system breaches and mandated reporting of security breaches that could threaten critical social functions." This is revolutionary language for our industry, but it reflects both the growing importance that software plays in the business of the country (and the world) and the extent to which security breaches of such software can disrupt the workings of global markets. If drug makers, automobile companies, and toy manufacturers can be sued for poorly designed products, say critics, why can't software companies? It's possible that Gates now senses change in the air, and is establishing the groundwork for a possible defense should software liability legislation ever come to pass. But regardless of the motives behind Trustworthy Computing, Microsoft must do more then just pay lip service lip service n. Verbal expression of agreement or allegiance, unsupported by real conviction or action; hypocritical respect: to the security of its products. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion