Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trustworthy Computing At One Year

Posted by timothy on from the still-an-infant dept.

ackthpt writes "One year ago Bill Gates issued forth an email directing the company to work toward Trustworthy Computing, making Microsoft operating systems, applications and services secure and reliable. Where is that effort at today? vnunet has this Q&A with Microsoft security chief Stuart Okin. Slow, steady progress seems to be the result. They've targeted Security, Privacy, Reliability and Business Integrity, but so far have had a go at Privacy. Okin indicates the strategy may take 5 to 15 years, but more immediate milestones are targeted within the next two years and focusing on reducing vulnerabilities in the next version of Windows, rather than attempting to fix 2000 or XP. I'd chalk this up as a frank and honest interview, rather than madly spun, and paints a picture of the massive cat herding effort undertaken."

10 of 298 comments (clear)

  1. first DRM by Anonymous Coward · · Score: 5, Funny

    you can't access this post unless you're running a Paladium-enabled OS.

  2. Quote from article. by Frobnicator · · Score: 5, Funny
    Craig uses the analogy of the telephone: You can unplug a telephone and move it to another room and plug it in, and 99.9999 per cent of the time it will work.
    He must buy terrible telephones.
    --
    //TODO: Think of witty sig statement
  3. trustworthiness through obscurity by PD · · Score: 5, Funny

    What we need to do is raise that bar and make sure these vulnerabilities are very obscure.

    They're not going to fix the bugs, they're going to hide them underneath a new GUI layer.

    --
    If tits were wings it'd be flying around.
  4. Targeting Privacy? by chill · · Score: 5, Insightful

    Wow, and with this story still on the front page?

    This gives me flashbacks to Statistics classes in college. Specifically a problem where a hypothetical bus company wanted to raise prices, but for each increase they lost riders. The result was to curves and the intersection was where the "optimum" result was.

    I can envision that same graph in MS, where "security" and "compalints/bad PR" are the two curves...

    --
    Learning HOW to think is more important than learning WHAT to think.
  5. making Microsoft OS secure and reliable... by AcquaCow · · Score: 5, Interesting

    Secure...reliable...I still don't trust all the misc info that is dumped to disk at install time. 400+ printer def's, and misc. etc... MS seems to be throwing hundreds of small .exe's into their system to make it easier for tasks to be done, but correct me if I'm wrong, but isn't it harder to keep a system secure if you keep adding application after application to a base install? More apps, more code...more room for something to go wrong...

    -- AcquaCow

    --

    up 12 days, 22:30, 2 users, load averages: 993.20, 994.21, 994.56
    *makes note to limit user processes...
  6. Stuart's notion of the problem: by burgburgburg · · Score: 5, Interesting
    The problem with Microsoft is because we have a big deployment base out there, we go very, very public with any vulnerability, with patches. Some we actively alert the press about. We know it's going to cause negative press but we have to do it. That's a problem for us.

    a) Huh?!?
    b) So it isn't the 72 security bulletins, and it isn't the fact that putting out that many overwhelms IT people, and it isn't the fact that the patching process can be so arduous and potentially destructive (can you say Slammer) that people will avoid it for months on end, and it isn't the fact that MS tends to be initially evasive/dismissive of a large number of exploits discovered. The problem is the going public.
    c) I'm still not feeling the Trustworthiness.

  7. Mission statement. by tarquin_fim_bim · · Score: 5, Funny

    "Trustworthy Computing is a vision of the future in five, 10 or 15 years

    But in the meantime we shall vigorously pedal all the buggy shit we can, and still claim: "It's the most secure yet"

  8. This is turning normal users against MS by StormyWeather · · Score: 5, Interesting

    The wierdest thing happened today. My father picked up an el-cheapo computer I built for a relative from me, and asked about linux. I was floored. My father is intelligent when it comes to many things, but is not computer savvy. You guys will probably flame me for this, but my father wants to try linux because he can't pirate XP easily. However, his company buys a ton of software based on his recommendations (based upon mine), so his decision usually ends up filling Microsoft's coffers a fair amount. I like the idea because I can ssh into his machine and fix something if it breaks, and I don't have to worry about all the damn viruses, key loggers, and spyware he seems to collect like a bee collects pollen just through regular email correspondance.


    When I hear people bitching about the new direction Microsoft is going with anti privacy and anti piracy I rejoice, and wish them to go further. All it does is push more people into a free operating system such as BSD or GNU/linux.

  9. Overview of article by LittleBigScript · · Score: 5, Funny

    Even telephones fail.

    There are four pillars in computing to us. We are activaly pursuing one of those.

    We have billion customers and only a few tens of thousands of employees to fix there problems.

    We may fix most of our security problems in say, 10 to 15 years.

    Some people dislike us and we are ok with that...we're still quite rich.

    You can fool all of the people some of the time,etc,etc...

    No one is 100 percent secure. It is impossible.

    Our goal is 100 percent security, and we think we can achieve that.

    One last thing, Win200 and WinXP may have security holes (we don't plan on fixing), but Win2003 will be GREAT! Well in about 10 to 15 years...

  10. Re:Well by Anonymous Coward · · Score: 5, Funny
    My XP machine has never been hacked

    Use a sharper axe.