MS Chief Security Officer to work for White House

NerveGas writes "An Interesting People message reports that Howard Schmidt, Microsoft's Chief Security Advisor, will be leaving MS to work as a security adviser for the White House. With the track record that Microsoft has in the area of computer security, this strikes me as a very bad move." CD: you'd think people would examine the job someone did at thier previous job before offering them a new one. Isn't this is like putting Capt. Hazelwood in charge of an oil tanker?

Well

[sllort]

I'm a dirty karma whore for posting it, but, here's a web interview with Harold Schmidt I recall from the Washington Post.

I'll spare you reading it for the best quote:

"Howard Schmidt: The security threat I most often see is failing to install security patches on a timely basis. Weak passwords is next inline ".

I wonder if he meant hotfixes or just Service Packs.

Sounds similar to the Blood banks idea...

[ConsumedByTV]

That idea: To have all people with AIDS give blood to help 9/11 victims...

::sigh::

[DarkZero]

So they'll steal the civil liberties of all of their citizens, and even more from immigrants, in the name of security... but do they bother to do a background check on their new computer security advisor? Of course not. That's just... predictable. I wanted to say sad, surprising, or shocking, but really, it's just predictable.

Oh, and for those that claim that this guy isn't responsible for the holes in Microsoft software, and that thus this guy is actually pretty good at his job of protecting MS's network: You're half right. He DOESN'T have anything to do with the Microsoft software security holes. However, he was the one in charge of protecting Microsoft's network during the incident six months to a year ago when a hacker group hacked into Microsoft's network, completely 0wning the whole thing, and Microsoft didn't find out about it until the group had already been making regular visits to the network for three months, downloading the majority of the network (possibly the entire thing, I don't think anyone's really sure) during that time. And while some may wave that off as "one intrusion in X amount of time", remember that these guys got in and then kept making REGULAR VISITS to the Microsoft network without anyone noticing for three months. So while only one group managed to do it, it sounds like they managed to keep doing it on an almost daily basis. That makes for a pretty bad security record, and it would've been a huge fucking disaster if this had been done during the upcoming era of widespread .NET and Passport services, or only a "somewhat large fucking disaster" during the current era of consumer and business consumer information being regularly logged through XP's activation madness.

I guess this proves that from now on, the government will be too busy looking at our computers to even take a passing glance at the situation of their own.

huh?

[autopr0n]

What does Gore's (supposed) affinity for potted plants have to do with 9/11?

Gore had a hell of a lot more experience then Bush Jr before the election, which was the point of the above poster.

Irresponsibility?

[Kibo]

While most of what you say sounds like preaching to the chior, one thing really caught my eye: "problem with Microsoft is that they only have experience with huge, homogenous networks; they were blindsided by the internet; they thought remote admin was a bad idea until recently; their network hacks (netbios, for instance) stink on large networks. "

You might be interested to know that Microsoft has an active directory with over 2 million objects in it. Microsoft might have been caught off guard by the internet, but reducing their network expertise to a remark about netbios is shockingly ignorant, even for slashdot. More over the US government is probably the biggest target for those cracking into computers, Microsoft is probably number two. No one else faces problems on the scale microsoft does. IBM likes to pretend, they'll even send you a free book about "What Hackers Don't Want You To Know", and they certainly have experience, but not like microsoft. It's a matter of scale.

You think so little of Microsoft's accumen. I invite you to take a look around. Microsoft, as you rightly point out, was nearly last on the internet bandwagon, a scant decade later where are they? For better or for worse they have beat down, out competed, and embarised their competition. The free market made its decision. Obviously marketing had something to do with it, but if their products weren't at least good enough Adam Smith would be proved wrong and we'd eating Borsht.

Don't even pretend to whine about anti-competitive tactics. My tax dollars helped pay for Mosaic, Microsoft got access to the source for free.... And don't get me started on ticketmaster.

Re:It's all part of the same kind of thinking.

[Lumpy]

because of that there happen to be a lot of unqualified microsoft admins.

Yes, they are called MCSE's

Ohhh that was a really low blow, sorry for that . I just cant help myself.

Here's how the conversation went

[gelfling]

GWB: what's this computer security stuff?
Ashcroft: that's computer survellience.
GWB: well this Texan don't know the difference so why doncha tell me.
Ashkroft: we need to spy on people to make sure they're not terrorists or having abortions or being queer.
GWB: so this guy from MS can help us with that
Ashkroft: yeah he can get MS to put whatever backdoors in so we can spy on whomever we want.
GWB: backdoors? sounds kinda queer.
Ashkroft: those nerds are all kinda queer anyway - so here's the deal. we hire this guy and then tell him what to tell Gates to do.
GWB: why should Gates do what we say - that nerds's got more money than a whorehouse with an oilwell?
Ashkroft: cause Gates has money but we wants access and prestige like everyone else
GWB: ok I'll go with it - how we commin with rounding up the ragheads
Ashkroft: fine, project TexAryan is right on target - all non Christians are being targetted as we speak.
GWB: well shit howdy, get me a drink then.