Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trustworthy Computing At One Year

Posted by timothy on from the still-an-infant dept.

ackthpt writes "One year ago Bill Gates issued forth an email directing the company to work toward Trustworthy Computing, making Microsoft operating systems, applications and services secure and reliable. Where is that effort at today? vnunet has this Q&A with Microsoft security chief Stuart Okin. Slow, steady progress seems to be the result. They've targeted Security, Privacy, Reliability and Business Integrity, but so far have had a go at Privacy. Okin indicates the strategy may take 5 to 15 years, but more immediate milestones are targeted within the next two years and focusing on reducing vulnerabilities in the next version of Windows, rather than attempting to fix 2000 or XP. I'd chalk this up as a frank and honest interview, rather than madly spun, and paints a picture of the massive cat herding effort undertaken."

25 of 298 comments (clear)

  1. Well by B3ryllium · · Score: 4, Funny

    My XP machine has never been hacked, so it must have been a success!

    1. Re:Well by Anonymous Coward · · Score: 5, Funny
      My XP machine has never been hacked

      Use a sharper axe.

  2. first DRM by Anonymous Coward · · Score: 5, Funny

    you can't access this post unless you're running a Paladium-enabled OS.

  3. Quote from article. by Frobnicator · · Score: 5, Funny
    Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work.
    He must buy terrible telephones.
    --
    //TODO: Think of witty sig statement
    1. Re:Quote from article. by $$$$$exyGal · · Score: 4, Insightful
      Another quote:

      In 10 or 15 years time we could achieve Trustworthy Computing and there will still be people that don't like us.

      How can "Trustworthy Computing" ever be achieved? Ironically, the more that some people trust their computers, the more others will distrust them. The only way to completely trust the computer is if no human can break into it and steal your data. But if no human can break into the computer, then what do I do if the computer won't give me my data when I need it?

      --sex

      --
      Very popular slashdot journal for adul
    2. Re:Quote from article. by kfg · · Score: 4, Insightful

      Even worse. What happens if part of that trustworthyness is achieved by handing trust to someone else's computer?

      Now if your computer decides not to trust you you're hosed, and if *their* computer decides not to trust you you're hosed.

      And who says you can trust *them?*

      And that's just it. Trustworthy computing isn't *about* you trusting your computer, it's about your computer trusting *you.*

      I already trust my computer. My computer has no business "wondering" whether it trusts me or not.

      If I have the car keys I expect the car to run. It's up to me to protect my keys.

      KFG

    3. Re:Quote from article. by shaitand · · Score: 4, Insightful

      Patching 10,000 machines is a breeze, you spend a couple hours coding a script and let the patch proprogate and automaticlaly patch all the machines WITHOUT end user interaction. Oops wait, you mean microsoft machines. nm then, your right, patching 10,000 machines is a bitch. As for not everyone knowing all the interactions that take place in the little box... WTF ARE they doing administrating a 10,000 client network if they don't? Absolutely the sytem should be more secure by default than a MS os, things like NOT presenting a menu of users when you boot the machine, things like true process level security, things like the lowest level component in the system ie the kernel handling the security. Backwards thinking like "oh gee, if I install it as administrator it should magically be in every users shortcut bar' and 'thinks should be available to every user when I install them unless I specify otherwise' when it really should be the other way around. A computer is not a car, a computer is a programmable multi-purpose tool, and like any other tool. Unless you know how to operate it, you have no buisness operating it without supervision no matter what you paid for it. The OS is responsible for making the system securable and requiring as little as possible from me to maintain security. BUT I AM responsible for making sure it's secure after I set it up, and why it's secure. Security training? Have you worked in a corporate environment before and learned what "training" is? Training was probably a 2hr session to the secretaries that they should not code bugs, bugs are bad. Bugs aren't the problem in microsoft systems. The problem is giving uninformed users "convience" and "features" they want (or in some cases don't) when the features are in reality security holes by their very nature. Autologin is a good example of this. I bet they still haven't considered the possiblity that an email program has absolutely no legitimate need for the ability to translate vb code or activex controls. Or that vb itself is something that should be scraped for security reasons. Linux and BSD have holes as well true, but I haven't seen them intentionally incorporate holes like those! 75 glitches is no tribute or ban to microsoft though, counting the number of discovered security vulnerabilities is the most ridiculus thing I've ever heard. Considering the people doing the programming, come from alot of the same schools, with the same training, under the same professors. Then mixed into a melting pot of coding, further fuzzed up by the number of projects that are grouped together when figuring those numbers. In reality coding MISTAKES (as opposed to intentional holes like those above) are probably about equivelent fresh off the keyboard. Considering that, the having the highest number of vulnerabilities discovered makes you the more secure option not the less, because more of your bugs are caught and fixed. If a program had only one publically found and patched vulnerability I'd never consider using it. Because it means they aren't looking and the only ones who know are the hackers.

  4. trustworthiness through obscurity by PD · · Score: 5, Funny

    What we need to do is raise that bar and make sure these vulnerabilities are very obscure.

    They're not going to fix the bugs, they're going to hide them underneath a new GUI layer.

    --
    If tits were wings it'd be flying around.
  5. Targeting Privacy? by chill · · Score: 5, Insightful

    Wow, and with this story still on the front page?

    This gives me flashbacks to Statistics classes in college. Specifically a problem where a hypothetical bus company wanted to raise prices, but for each increase they lost riders. The result was to curves and the intersection was where the "optimum" result was.

    I can envision that same graph in MS, where "security" and "compalints/bad PR" are the two curves...

    --
    Learning HOW to think is more important than learning WHAT to think.
  6. making Microsoft OS secure and reliable... by AcquaCow · · Score: 5, Interesting

    Secure...reliable...I still don't trust all the misc info that is dumped to disk at install time. 400+ printer def's, and misc. etc... MS seems to be throwing hundreds of small .exe's into their system to make it easier for tasks to be done, but correct me if I'm wrong, but isn't it harder to keep a system secure if you keep adding application after application to a base install? More apps, more code...more room for something to go wrong...

    -- AcquaCow

    --

    up 12 days, 22:30, 2 users, load averages: 993.20, 994.21, 994.56
    *makes note to limit user processes...
  7. only as trustworthy as... by Sydney+Weidman · · Score: 4, Interesting

    the path of least resistance

    Since the interests of a business aren't necessarily aligned with those of buyers, and those of a monopoly even less so, MS computing will be about as trusworthy as the rest of the business world. Unless there's someone (regulator or consumer interest group) breathing down their neck, they are unlikely to be worthy of anyone's trust.

  8. Stuart's notion of the problem: by burgburgburg · · Score: 5, Interesting
    The problem with Microsoft is because we have a big deployment base out there, we go very, very public with any vulnerability, with patches. Some we actively alert the press about. We know it's going to cause negative press but we have to do it. That's a problem for us.

    a) Huh?!?
    b) So it isn't the 72 security bulletins, and it isn't the fact that putting out that many overwhelms IT people, and it isn't the fact that the patching process can be so arduous and potentially destructive (can you say Slammer) that people will avoid it for months on end, and it isn't the fact that MS tends to be initially evasive/dismissive of a large number of exploits discovered. The problem is the going public.
    c) I'm still not feeling the Trustworthiness.

  9. Mission statement. by tarquin_fim_bim · · Score: 5, Funny

    "Trustworthy Computing is a vision of the future in five, 10 or 15 years

    But in the meantime we shall vigorously pedal all the buggy shit we can, and still claim: "It's the most secure yet"

  10. This is turning normal users against MS by StormyWeather · · Score: 5, Interesting

    The wierdest thing happened today. My father picked up an el-cheapo computer I built for a relative from me, and asked about linux. I was floored. My father is intelligent when it comes to many things, but is not computer savvy. You guys will probably flame me for this, but my father wants to try linux because he can't pirate XP easily. However, his company buys a ton of software based on his recommendations (based upon mine), so his decision usually ends up filling Microsoft's coffers a fair amount. I like the idea because I can ssh into his machine and fix something if it breaks, and I don't have to worry about all the damn viruses, key loggers, and spyware he seems to collect like a bee collects pollen just through regular email correspondance.


    When I hear people bitching about the new direction Microsoft is going with anti privacy and anti piracy I rejoice, and wish them to go further. All it does is push more people into a free operating system such as BSD or GNU/linux.

  11. Trustworthy as Ma Bell? by Spazmania · · Score: 4, Interesting

    Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work. When we use it, we are pretty sure that we know who we are talking to, and we know we'll get a bill at the end of the month and we know what rate we'll be charged at, and we are protected by Oftel. That's the vision, and that's where we want to be.

    Good lord, that's Microsoft's idea of trustworthy? At least 75% of the Verizon bills I audit at work are wrong, many to the tune of thousands of dollars. And don't get me started about the impossibility of figuring out whether the caller is a telemarketer before picking up the phone...

    --
    Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
  12. Overview of article by LittleBigScript · · Score: 5, Funny

    Even telephones fail.

    There are four pillars in computing to us. We are activaly pursuing one of those.

    We have billion customers and only a few tens of thousands of employees to fix there problems.

    We may fix most of our security problems in say, 10 to 15 years.

    Some people dislike us and we are ok with that...we're still quite rich.

    You can fool all of the people some of the time,etc,etc...

    No one is 100 percent secure. It is impossible.

    Our goal is 100 percent security, and we think we can achieve that.

    One last thing, Win200 and WinXP may have security holes (we don't plan on fixing), but Win2003 will be GREAT! Well in about 10 to 15 years...

  13. You betcha by worst_name_ever · · Score: 4, Funny
    They've targeted Security, Privacy, Reliability and Business Integrity

    I'll say they have! By this time next year they should be nearly finished with their program to eliminate all of the above.

    --

    In Soviet Rush, today's Tom Sawyer gets high on you.
  14. Some "Inconsistencies" by Neumann · · Score: 4, Insightful

    He answers to one question:

    And we know that we will never be able to get rid of every vulnerability. Anyone who says the opposite is not living on this planet.
    then 2 questions later he says:

    We have the people, processes and technology in place to get to zero (security vulnerabilities)
    so am I reading this wrong or is he contradicting himself?

  15. Light bulb joke by Webmoth · · Score: 4, Funny

    "...I'm lucky if I screw in a light bulb..."

    That brings to mind the old joke:

    Q: How many flies does it take to screw in a light bulb?

    A: Only two, but how'd they get in there in the first place?

    --
    Give me my freedom, and I'll take care of my own security, thank you.
  16. Here's a fix: by image · · Score: 4, Interesting

    Developers, program managers, QA engineers, and marketing leads should be held accountable for security holes found in the products they ship. Even after the fact. E.g., those responsible for the recent Slammer vulnerabilities should get smaller bonuses and performance incentives this year. This should be part of their "Trustworthy Computing" initative. If development and business owners are not being held personally accountable within Microsoft, their products are not going to improve. Period.

    Decent MSFT employees stay on average 5 years. This is more than enough time for the "dis"-incentive of a post-mortem on the security of their product to have an effect.

    You listening, Bill? Steve?

    PS: I'm ex-MSFT. I left because while I believed in the strength of the individual developers (the best as a whole I've ever worked with) the corporate management does not listen to the actual needs of the customers. They are very, very good at listening to what the customers will buy. Unfortunately, those are two different things right now.

  17. When will they ever get it? by siskbc · · Score: 4, Insightful
    There are also those who have nothing against success, but do have a problem with being gouged by Convicted Monopolists (tm) selling insecure bloatware.

    No kidding. People would be much more likely to accept/forgive MS if they ever showed any evidence of contrition. As it is, they settle lawsuits, claim they are just being persecuted, and blame people for being jealous of their success. And they wonder why we don't trust them?

    --

    -Looking for a job as a materials chemist or multivariat

  18. Re:Wildly optimistic by binaryDigit · · Score: 4, Insightful

    .... Someone leaner and meaner will come along and push them aside.

    That's the way this business works. We're not the car industry.

    No we're worse than the car industry. With the auto industry one can always switch manufacturers and have an auto that drives basically the same way as any other auto does. We can buy tires, batteries, wipers, etc at the local Pep Boys (assuming a fairly "standard" auto, i.e. you don't own a Ferrari Enzo), all specific to our auto, put with common parts availability. We can do none of the above with software. This is why Microsoft was able to become Microsoft. Market share is king, and it's something that is extrememly difficult to overcome without huge resources, regardless of how "leaner and meaner" you are. In this market it's not good enough to be better, you have to be better and have deep enough pockets to fight a long and protracted battle. Either that or rely on the generous coding by those who are willing to do it for "free".

  19. Re:Trustworthy computing? I'll none of it! by alext · · Score: 4, Insightful

    Indeed.

    More to the point, there is absolutely no reason why my having a system that I can trust requires that the system be trusted by Microsoft. The two relationships are completely orthogonal, despite what MS would have you believe.

  20. Open Standards? by SiO2 · · Score: 4, Insightful

    We have to work to common standards, which we've pretty much got licked because of the arrival of the internet and open standards.

    Perhaps I'm being cynical, but since when has Microsoft truly embraced open standards? They are still trying to hijack Java, which, I guess, could be seen as proprietary in a sense because Sun owns it but it is open to a certain extent in that it embraces multiple platforms. Also, if they are committed to standards, why doesn't Chimera or Mozilla really function properly as an Outlook web client for Exchange? They send broken style sheets to Opera. The list goes on.

    It seems to me they're trying to own the internet, like everything else, after denying its usefulness all those years ago.

  21. Breakdown of every tenet of Microsoft Security... by indiigo · · Score: 4, Insightful

    So far we've seen a breakdown of every level of security that Microsoft themselves preach, and we've seen it recently:

    1. They didn't test their own code(patches) before releasing it. Exchange (summer '01) and NT4 ('03) are examples of products broken after patches. The NT4 patch took over a month to fix! There are still about 9+ vulnerabilities with IE out there, and have been that many ever since it's release!

    2. They have seen numerous internal vulnerabilities in house. Examples include the VPN contractor who was vulnerable and exposed their internal code, as well as slapper worm happening last month. The second is a massive issue, no patching on their own systems, I can't believe that one.

    3. They are vulnerable to social engineering cracks, which can effect their infrastructure from the top down (someone claiming to be from Microsoft getting issued valid global certificates that all machines trust.) Microsoft wasn't even at fault there, but someone MS trusted was.

    The problem is here is that they preach, but the practice, and more importantly the models will *not work* in the long term. As their OS's and software becomes much more hemogenized, the "defaults" won't matter as much, because the system will depend on itself far too much.

    An example is security in the windows world is dependant now on auto-updates. You crack that and you crack EVERY WINDOWS PC looking to it since Windows 95.

    Where are the checks and balances that will prevent an attack from the top down? I don't see it ever being viable with trust being put in one organization.

    --
    fslg503-985-8686503-985-8686503-985-8686503-985-86 8650 3-985-fdsg8686503-985-8686503-985-8686503-9