Slashdot Mirror


Security Community Reacts to Microsoft Announcement

A number of readers have collected stories concerning the change of focus by Bill Gates to security. Bruce Schneier and Adam Shostack have written a piece, while Crag Mundie of MSFT has also chimed in, along with some commentary from ZD folks. SecurityFocus has other words, as does InfoWarrior.

8 of 471 comments (clear)

  1. How to secure Microsoft Windows: by Proaxiom · · Score: 5, Funny
    Schneier and Shostack say:
    Separate Data and Control Paths
    Use Secure Default Configurations
    Separate Protocols and Products
    Choose for Security over Features
    Make it Transparent and Auditable
    Give advance notice of Protocols and Designs
    Engage the community

    All that stuff sounds great, but I can say the same thing in far fewer words:
    Start from scratch. Do it right this time.

  2. Microsoft's First Security Policy by gspeare · · Score: 5, Funny

    The first thing Microsoft is going to do under their new "security first" paradigm will be to announce that due to security concerns, they can't tell us what any of their security upgrades actually are.

  3. New Levels by Sir+Tristam · · Score: 5, Funny
    "We must lead the industry to a whole new level of Trustworthiness in computing."
    - Bill Gates internal memo, 15 January 2002.
    Hasn't this already been accomplished? I'd feel a lot better if it had stated that this would be a higher level of trustworthiness. All software (other than a "hello world" program, TeX and anything I write ;-D ) have bugs; that's simply life. Admit them, correct them, and move on instead of trying to ignore and bury them, and people would feel a lot more trusting of the products. The same applies for "gee-whiz" features that end up being security holes; admit that they were bad ideas and remove them (or at least disable them by default)

    Bottom line is, words are easy. I'm going to wait to see the action.

    Chris Beckenbach

  4. Rememberances... by FauxPasIII · · Score: 4, Funny

    This reads alot like the dilbert where dogbert is a consultant and says something to the effect of "I'm going to make a bunch of recommendations that I know you are too cowardly to implement. Later, when you fail, I'll laugh at you for ignoring my advice."

    --
    25% Funny, 25% Insightful, 25% Informative, 25% Troll
  5. Re:Speedreader's summary of all 6 articles by Tackhead · · Score: 3, Funny
    > [Speedreader's Summary:] It will be good if they succeed; we hope they try as hard as their PR says they will.

    Tackhead's One-Liner:

    If they put 10% of today's PR budget into the next release's security budget, they might have a chance.

  6. Re:Windows needs a clean break by archen · · Score: 3, Funny

    Star Trek computers already

    You mean computers with lots of flashing lights and unlabeled buttons that people just seem to know what to push? We already have those in casinos.

  7. My response to Microsoft by Aceticon · · Score: 3, Funny

    Dear Bill

    It saddens me to see Microsoft exiting the highway of consumer satisfaction into the dirt road of security.

    As a long time fan and appreciator the Microsoft way, i feel i must stand up and ask:

    Why?

    Microsoft has done more than any other company to turn Desktop Computing into a thriling adventure. From the very moment i turn on my PC, i feel i'm entering a world of wonder and surprise, where new adventures can happen at any moment:
    - Maybe Windows will not start-up and i end with a black screen.
    - Maybe it will start in VGA mode
    - Maybe clicking in the explorer toolbar wil result in a blue screen
    - Maybe Word will crash when i'm editing an important document.
    - Maybe installing the newest IE will make half my applications stop working.
    - Maybe after installing the newest DirectX Windows will stop working.
    - Maybe i'll open an e-mail an my PC starts acting funny.
    - Maybe i'll get a phone call from my ISP saying a Denial of Service attack to the Whitehouse site has been detected from my machine.
    - Maybe the mouse pointer will start moving by itself
    - Maybe all my files are deleted.

    Why? Why do you want to remove all the thrill and adventure from my life???

  8. www.trustworthycomputing.com by Dan+Crash · · Score: 3, Funny

    I was going to do exactly what this fellow did, but he beat me to it. Clever. Let's hope this URL gets around: http://www.trustworthycomputing.com

    --
    He who refuses to do arithmetic is doomed to talk nonsense.