Slashdot Mirror
Trustworthy Computing At One Year
ackthpt writes "One year ago Bill Gates issued forth an email directing the company to work toward Trustworthy Computing, making Microsoft operating systems, applications and services secure and reliable. Where is that effort at today? vnunet has this Q&A with Microsoft security chief Stuart Okin. Slow, steady progress seems to be the result. They've targeted Security, Privacy, Reliability and Business Integrity, but so far have had a go at Privacy. Okin indicates the strategy may take 5 to 15 years, but more immediate milestones are targeted within the next two years and focusing on reducing vulnerabilities in the next version of Windows, rather than attempting to fix 2000 or XP. I'd chalk this up as a frank and honest interview, rather than madly spun, and paints a picture of the massive cat herding effort undertaken."
"Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work. When we use it, we are pretty sure that we know who we are talking to, and we know we'll get a bill at the end of the month and we know what rate we'll be charged at"
No, we don't know that. That man has obviously never seen the wiring in my apartment building. I'm lucky if I screw in a light bulb and have it work.
And as for the bill? I scrapped my landline and went with Vonage because I *never* knew what the bill was going to be. The list of 9 different taxes varied every month.
Wow, and with this story still on the front page?
This gives me flashbacks to Statistics classes in college. Specifically a problem where a hypothetical bus company wanted to raise prices, but for each increase they lost riders. The result was to curves and the intersection was where the "optimum" result was.
I can envision that same graph in MS, where "security" and "compalints/bad PR" are the two curves...
Learning HOW to think is more important than learning WHAT to think.
Microsoft? Trustworthy? What this means is that our computer systems need to trust Microsoft - a company who, while I'm always willing to give them a chance to try and redeem themselves, are primarily interested in making profit before giving people what they actually need.
I'll none of it. 5 to 15 years is being optimistic!
Okin indicates the strategy may take 5 to 15 years
15 years? What M$ product is around today that will be around 15 years from now?
Slow, steady progress seems to be the result. They've targeted Security, Privacy, Reliability and Business Integrity, but so far have had a go at Privacy.
/. main page.
No kidding. The best example is the latest Windows Update engine collecting info about all your registered applications, featured earlier right here on the
Talk to me about Privacy and Business Integrity again, and I'll chop your head off.
In 10 or 15 years time we could achieve Trustworthy Computing and there will still be people that don't like us.
How can "Trustworthy Computing" ever be achieved? Ironically, the more that some people trust their computers, the more others will distrust them. The only way to completely trust the computer is if no human can break into it and steal your data. But if no human can break into the computer, then what do I do if the computer won't give me my data when I need it?
--sex
Very popular slashdot journal for adul
He answers to one question:
And we know that we will never be able to get rid of every vulnerability. Anyone who says the opposite is not living on this planet.
then 2 questions later he says:
We have the people, processes and technology in place to get to zero (security vulnerabilities)
so am I reading this wrong or is he contradicting himself?
When I buy Microsoft products, I know I can trust them to shaft me with shoddy software, vendor lock-in, DRM, gratuitously incompatible file formats, etc.
Windows XP server?
Are you sure?
Take a closer look. There is no such thing. XP is a desktop OS and it comes in two flavors: Professional and Home.
Not "Server"
Start making some sense or STFU.
No kidding. People would be much more likely to accept/forgive MS if they ever showed any evidence of contrition. As it is, they settle lawsuits, claim they are just being persecuted, and blame people for being jealous of their success. And they wonder why we don't trust them?
-Looking for a job as a materials chemist or multivariat
.... Someone leaner and meaner will come along and push them aside.
That's the way this business works. We're not the car industry.
No we're worse than the car industry. With the auto industry one can always switch manufacturers and have an auto that drives basically the same way as any other auto does. We can buy tires, batteries, wipers, etc at the local Pep Boys (assuming a fairly "standard" auto, i.e. you don't own a Ferrari Enzo), all specific to our auto, put with common parts availability. We can do none of the above with software. This is why Microsoft was able to become Microsoft. Market share is king, and it's something that is extrememly difficult to overcome without huge resources, regardless of how "leaner and meaner" you are. In this market it's not good enough to be better, you have to be better and have deep enough pockets to fight a long and protracted battle. Either that or rely on the generous coding by those who are willing to do it for "free".
Even worse. What happens if part of that trustworthyness is achieved by handing trust to someone else's computer?
Now if your computer decides not to trust you you're hosed, and if *their* computer decides not to trust you you're hosed.
And who says you can trust *them?*
And that's just it. Trustworthy computing isn't *about* you trusting your computer, it's about your computer trusting *you.*
I already trust my computer. My computer has no business "wondering" whether it trusts me or not.
If I have the car keys I expect the car to run. It's up to me to protect my keys.
KFG
Comment removed based on user account deletion
Is to have as few as possible cats to keep track of.
There comes a time when the labor of herding the cats exceeds the value of the labor they produce and the whole thing starts to go downhill.
MS hit that point many years ago. They have a lot of money though, and a profit margin that's nearly obscene, so they can afford a lot of cats, so they get them.
You want more, better, faster product from MS? Cut the staff in half, starting with middle management.
Daimler and Benz invented the automobile working alone. The Wright Bros. invented the aeroplane working alone. It takes a team of engineers and designers 6 months to *two years* to make a change in a Ford's hood ornament.
The man month truly is mythical.
KFG
We have to work to common standards, which we've pretty much got licked because of the arrival of the internet and open standards.
Perhaps I'm being cynical, but since when has Microsoft truly embraced open standards? They are still trying to hijack Java, which, I guess, could be seen as proprietary in a sense because Sun owns it but it is open to a certain extent in that it embraces multiple platforms. Also, if they are committed to standards, why doesn't Chimera or Mozilla really function properly as an Outlook web client for Exchange? They send broken style sheets to Opera. The list goes on.
It seems to me they're trying to own the internet, like everything else, after denying its usefulness all those years ago.
Ironically, as TVs become smarter & more like computers, the less we are going to trust them.
So far we've seen a breakdown of every level of security that Microsoft themselves preach, and we've seen it recently:
1. They didn't test their own code(patches) before releasing it. Exchange (summer '01) and NT4 ('03) are examples of products broken after patches. The NT4 patch took over a month to fix! There are still about 9+ vulnerabilities with IE out there, and have been that many ever since it's release!
2. They have seen numerous internal vulnerabilities in house. Examples include the VPN contractor who was vulnerable and exposed their internal code, as well as slapper worm happening last month. The second is a massive issue, no patching on their own systems, I can't believe that one.
3. They are vulnerable to social engineering cracks, which can effect their infrastructure from the top down (someone claiming to be from Microsoft getting issued valid global certificates that all machines trust.) Microsoft wasn't even at fault there, but someone MS trusted was.
The problem is here is that they preach, but the practice, and more importantly the models will *not work* in the long term. As their OS's and software becomes much more hemogenized, the "defaults" won't matter as much, because the system will depend on itself far too much.
An example is security in the windows world is dependant now on auto-updates. You crack that and you crack EVERY WINDOWS PC looking to it since Windows 95.
Where are the checks and balances that will prevent an attack from the top down? I don't see it ever being viable with trust being put in one organization.
fslg503-985-8686503-985-8686503-985-8686503-985-8
Call me paranoid, but I think I trust myself more than I'll ever trust a stranger.
Hmmm... Is that what passes for paranoid these days? Ridiculous...
And we're not even talking business or national security.
"Trusted computing" my ass... That's like a Mafia slogan, "Legit business".
Sticking feathers up your butt does not make you a chicken - Tyler Durden
Patching 10,000 machines is a breeze, you spend a couple hours coding a script and let the patch proprogate and automaticlaly patch all the machines WITHOUT end user interaction. Oops wait, you mean microsoft machines. nm then, your right, patching 10,000 machines is a bitch. As for not everyone knowing all the interactions that take place in the little box... WTF ARE they doing administrating a 10,000 client network if they don't? Absolutely the sytem should be more secure by default than a MS os, things like NOT presenting a menu of users when you boot the machine, things like true process level security, things like the lowest level component in the system ie the kernel handling the security. Backwards thinking like "oh gee, if I install it as administrator it should magically be in every users shortcut bar' and 'thinks should be available to every user when I install them unless I specify otherwise' when it really should be the other way around. A computer is not a car, a computer is a programmable multi-purpose tool, and like any other tool. Unless you know how to operate it, you have no buisness operating it without supervision no matter what you paid for it. The OS is responsible for making the system securable and requiring as little as possible from me to maintain security. BUT I AM responsible for making sure it's secure after I set it up, and why it's secure. Security training? Have you worked in a corporate environment before and learned what "training" is? Training was probably a 2hr session to the secretaries that they should not code bugs, bugs are bad. Bugs aren't the problem in microsoft systems. The problem is giving uninformed users "convience" and "features" they want (or in some cases don't) when the features are in reality security holes by their very nature. Autologin is a good example of this. I bet they still haven't considered the possiblity that an email program has absolutely no legitimate need for the ability to translate vb code or activex controls. Or that vb itself is something that should be scraped for security reasons. Linux and BSD have holes as well true, but I haven't seen them intentionally incorporate holes like those! 75 glitches is no tribute or ban to microsoft though, counting the number of discovered security vulnerabilities is the most ridiculus thing I've ever heard. Considering the people doing the programming, come from alot of the same schools, with the same training, under the same professors. Then mixed into a melting pot of coding, further fuzzed up by the number of projects that are grouped together when figuring those numbers. In reality coding MISTAKES (as opposed to intentional holes like those above) are probably about equivelent fresh off the keyboard. Considering that, the having the highest number of vulnerabilities discovered makes you the more secure option not the less, because more of your bugs are caught and fixed. If a program had only one publically found and patched vulnerability I'd never consider using it. Because it means they aren't looking and the only ones who know are the hackers.
I think his point was that his machine was fully patched to the newest version, but this didn't fully eliminate the vulnerability because another unpatched machine infected his.
And you can't firewall every single computer on a LAN. Anyone working in a corporate computing environment knows this.
I still agree it's his own fault; it's because he chose such an insecure platform from a vendor with a long history of insecure products. How many people now refuse to buy Firestone tires because of the tread-separation issue? Why do these people continue to buy Microsoft products after all kinds of problems with them?
Microsoft has everything including the kitchen sink in the kernel. Multimedia codecs are in kernel space. Networking stacks are in kernel space. Internet Exploder is "part of the operating system". (Open a file dialog box from your own application, and three new threads start up, some of them in parts of IE.) Any of this code can contain a security hole. And it all changes constantly. It's hopeless with a system like that.
It can be done right. Look at VM for IBM mainframes. When was the last time you heard about a security vulnerability in VM?
Not that Linux is all that much better. The kernel is much too big. But at least the windowing system is outside of the kernel.