Slashdot Mirror
Microsoft To Teach Undergrads About Secure Computing
Update: 03/24 18:00 GMT by J : Another report worth reading is Writing Software Right, which requires a free but annoying registration at Technology Review. This regards automated methods of finding software errors (not security specifically). Sun's "Jackpot" is discussed, a lint that also "identifies general instances of good or bad programming."
And Microsoft's efforts in this field are explained as well -- the company "paid more than $60 million in 1999 to acquire Intrinsa, maker of a bug-finding tool called Prefix. The program, which sifts through huge swaths of code searching for patterns that match a defined list of common semantic errors, helped find thousands of mistakes in Windows and other Microsoft products." As a Microsoft QA person says, "Our challenge is to get our software to the point that people expect it to work instead of expecting it to fail."
dare we suggest that microsoft start this initiative with its employees first?
Answer:
Turn it off!
take off every sig for great justice
What a misguided soul you are...
I think Remsfeld put it best:
"The Iraqi people are hostages to a vicious regime. They will be liberated. It's going to happen. The only way to do it, they tried diplomacy for 13 years. They tried economic sanctions. Neither worked. They tried limited military applications in the northern and southern no-fly zones. That didn't work. They tried 17 U.N. resolutions. President Bush went one extra step and provided 48 hours for the Iraqi regime to leave the country and leave it without a conflict. Every single effort was rebutted, rejected.
Now, that leaves only one course. You say, is there any way to do it without conflict? No, everything else was tried. And the Iraqi people are going to end up liberated. The ones that have been liberated in the southern part of this country are grateful and appreciative, and that will be the case as Baghdad is liberated. "
I'd rather be a conservative nutjob than a liberal with no nuts and no job.
This article is an obvious chance to bash M$, but take it easy.
Yes, many security holes in Windows occur weekly, but so do they in Open Source software. The only diffrence is, that the OS movement releases bug-fix's usually within 24 hours unlike M$.
If I were a student, or a college administrator, I would much prefer that a course in computer security be taught/aligned with a company that has a long, solid, proven track record in security, as opposed to a company whose track record is nothing but miserable. I know OpenBSD's security record is pretty strong, as is Apple's and I'm sure other vendors. But MS? It would be about like having a French general teach an ROTC class and makes about as much sense as Lybia charing the UN Commission on Human Rights and Iraq chairing the UN Commission on Disarmament (both of these are in effect right now, crazy as it sounds).
So are you suggesting that no one in MS can teach secure and have secure code?
Remember. Windows was made over several years and hundreds (if not thousands) of coders. We're talking older code, and thousands of different coders.
But, hey, anything to insult MS, right?
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
I did a course in my computer engineering degree last term called Formal Methods where half the course we spent learning the "Cleanroom" method of coding. To put it simply this method makes you specify functions through math and the prove via math that your code does do what it is intended to do. Projects that have used the cleanroom method have reported roughly 2-3 errors per 1000 lines of code (on the first compile) and over 75% of the code compiles and runs correctly on the first try. They are very impressive number but they come at a cost of a learning curve and spending more time properly defining functions and classes. After doing that course I have a whole new respect for software verification. If anyone wanted to teach how to write secure code they should really invest their efforts in this proven method.
"I believe in everything in moderation. Including moderation." -Dean DeLeo, Stone Temple Pilots
How about that anti-smoking ad by a guy smoking through a hole in his neck? Or inmates coming to school to talk about abiding the law? I think Microsoft has quite a lot to talk about on the subject.
Leaving personal politics aside -- whether you agree or disagree -- it's certainly the case that Bush's diplomacy and Microsoft's security have been called into question and are the center of heated debate. In situations like these, the actual facts play only a modest role in shaping public opinion, especially when the "facts" are nebulous, subjective, and largely unquantifiable. There are no established objective measures of computer security, and even less of diplomatic success, that do not rely heavily on retrospective data.
In debates like these, perception and politics reign. And one surprisingly effective tactic is to assert the point under debate by calmly behaving as if there were no debate and moving on to the next step. If you simply act as if something is true, and act surprised when people question it, listener tend to build consensus around the confidence you project. Certainly the Bush administrations (and, of course, many previous administrations) have used this tactic extensively, and Microsoft seems to be using it now: If they're teaching a course on security, they must know security, right?
This places those arguing the opposite side (pacifists in the one case, the Slashdot majority crowd in the other) in the awkward position of constantly having to re-establish that the debate is still open, without boring, tiring, or otherwise turning off the only semi-interested public.
Note that none of all that maneuvering has anything to do with who's actually right.
I would much prefer that a course in computer security be aligned with a university and good general engineering practice and strictly eschew alignment with any company of any kind.
Don't they have a *professor* qualified to teach such a course, and if not, why would anyone go there?
Maybe I'm just being a *cynical* old fuddy duddy, but I smell payol. . . er, a donation. Ah yes, there it is at the end of the article. Go figure.
I also strongly suspect that day one will *not* feature a lecture on the benefits of UNIX, how to uninstall Outlook Express or the security features built into Sun Java.
Which is precisely the reason an institute of higher learning should shy away from such blatant association with a particular company who has a vested interest in the field.
What's going to be next, the Christian Science Monitor Chair of Internal Medicine or Powerbar Chair of Exercise Physiology?
KFG
Actually, no. The main problem is that people need to learn to be better programmers from the start. It is much easier to have good code if it was fairly good when it was written, versus fixing it up later. This looks more like MS is working on making their next generation of employees better programmers to begin with rather than trying to change their already bad habits.
wolf31o2 Developer, Gentoo Linux Games Team
Out of this will come lots of students thinking about security the Microsoft way. They'll believe that more security features (ACLs, etc.) in a system make it more secure. They'll think that if they just throw more tools and wizards at software, they can handle anything. And, sadly, even if those programmers don't become Microsoft programmers, a lot of that bad thinking will spill over into Linux and other systems; too much of that is already happening, with people busily porting some of the worst misfeatures of Windows to Linux.
I wonder, would seeing some MSFT source be part of this course? And, if so, would there be NDAs as part of the 'course requirement'?
Would that (NDAs) preclude someone from writing 'emulating' code or similar technology?
I think it's a good idea. Honestly. There are security flaws in Windows, yes. There are also security flaws in Linux. (ptrace recently). A lot more people are using Windows, there has got to be a decent chance that more security flaws will be exploited.
I didn't learn anything about secure coding in school. I'm sure there are many experts at MS on writing secure code. And at least the organization as a whole is *trying*. I'm sure they can write more secure code than me, and definitely have some advice that will help programmers down the road. Mod me down if you like, but I say give the MS bashing a rest and consider the merit behind the idea. How much do YOU know about writing secure code?
Random is the New Order.
Using a better language doesn't completely prevent software defects, but it can eliminate a large class of exploitable security problems.
Some more suitable languages include Ada, Java, Modula-3, Sather, Scheme, and Smalltalk. There are, of course, many others as well. Some of these impose a non-trivial performance penalty compared to C and C++, but some of them don't.
Some time back I was involved in a thread about programming language support for reliable software, in which I compared C to a table saw with no finger guard.
C.A.R. Hoare, in his 1980 ACM Turing Award Lecture, made the insightful observation:
Given how difficult it is to write robust software, it astonishes me that it is still common practice to use languages that offer essentially no help in avoiding common mistakes.
Microsoft is correct, however, that better education would improve things. Marc Donner posted an insightful comparison between how programming and writing are taught.
Eric
[*] Laziness in programmers is a virtue! Most new software tools are developed because a programmer somewhere was too lazy to keep doing things the same old way.