Slashdot Mirror
Microsoft To Teach Undergrads About Secure Computing
Update: 03/24 18:00 GMT by J : Another report worth reading is Writing Software Right, which requires a free but annoying registration at Technology Review. This regards automated methods of finding software errors (not security specifically). Sun's "Jackpot" is discussed, a lint that also "identifies general instances of good or bad programming."
And Microsoft's efforts in this field are explained as well -- the company "paid more than $60 million in 1999 to acquire Intrinsa, maker of a bug-finding tool called Prefix. The program, which sifts through huge swaths of code searching for patterns that match a defined list of common semantic errors, helped find thousands of mistakes in Windows and other Microsoft products." As a Microsoft QA person says, "Our challenge is to get our software to the point that people expect it to work instead of expecting it to fail."
President George W. Bush will be teaching a course in diplomacy ...
...a course on honesty or fidelity.
take off every sig for great justice
When all you have is a hammer, everything looks like a skull.
Next thing you know Apple will be using Intel.
This article is an obvious chance to bash M$, but take it easy.
Yes, many security holes in Windows occur weekly, but so do they in Open Source software. The only diffrence is, that the OS movement releases bug-fix's usually within 24 hours unlike M$.
If I were a student, or a college administrator, I would much prefer that a course in computer security be taught/aligned with a company that has a long, solid, proven track record in security, as opposed to a company whose track record is nothing but miserable. I know OpenBSD's security record is pretty strong, as is Apple's and I'm sure other vendors. But MS? It would be about like having a French general teach an ROTC class and makes about as much sense as Lybia charing the UN Commission on Human Rights and Iraq chairing the UN Commission on Disarmament (both of these are in effect right now, crazy as it sounds).
So are you suggesting that no one in MS can teach secure and have secure code?
Remember. Windows was made over several years and hundreds (if not thousands) of coders. We're talking older code, and thousands of different coders.
But, hey, anything to insult MS, right?
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
It makes sense that they are doing this.
.net technologies, and the next generation will shun linux and MS will take over the world! .02, and then donate it to charity for a $300 dollar write off??
Linux as a whole doesnt have so much money they have to give it away at an enormous rate, so MS will train the up and coming sys-admins into Windows and
This is the same diff as MS giving computers to libraries all over the world. Isnt it nice that they can copy a software CD for
No I didnt spell check this post...
You can find a description here.
The only difference is that this module was intended to make undergrads see the failure and risk by means of software engineering, and we did this by looking at various procedures for writing secure code, and we looked at lots of examples from history (the challenger incident, for example, etc).
This course seems to be aimed more at specific coding practices - avoiding buffer overruns for example. It doesnt look like they'll be told how to deal with failure once it happens (because it *will* happen). I also fear that since Microsoft will be involved, it'll be specific to Windows & x86 -- not a real life view of computing.
MSPress actually has a really good book available called "Writing Secure Code". All it takes is a few bad devs to create a reputation for the whole company.
Suggested course offerings follow:
CSI1001: Introduction to the necessity of 3rd-party security modules in a Microsoft environment
CSI1002: Trusted++ computing--how to manage your defenseless box on a multi-million node internet
CSI2001: Rapid HotFix/Service Pack deployment
CSI2002: (Continuation of 2001) Rapid HotFix/Service pack undeployment
CSI3001: Microsoft and you--Introspectives on long-term site licensing and vendor lock-in
"God is a comedian playing to an audience too afraid to laugh." -Voltaire
This just proves the old saying:
;-)
"Those who can, do. Those who can't, teach"
I did a course in my computer engineering degree last term called Formal Methods where half the course we spent learning the "Cleanroom" method of coding. To put it simply this method makes you specify functions through math and the prove via math that your code does do what it is intended to do. Projects that have used the cleanroom method have reported roughly 2-3 errors per 1000 lines of code (on the first compile) and over 75% of the code compiles and runs correctly on the first try. They are very impressive number but they come at a cost of a learning curve and spending more time properly defining functions and classes. After doing that course I have a whole new respect for software verification. If anyone wanted to teach how to write secure code they should really invest their efforts in this proven method.
"I believe in everything in moderation. Including moderation." -Dean DeLeo, Stone Temple Pilots
Secure Computing for Dummies... by Dummies.
Beauty is in the eye of the beerholder.
How about that anti-smoking ad by a guy smoking through a hole in his neck? Or inmates coming to school to talk about abiding the law? I think Microsoft has quite a lot to talk about on the subject.
I was wondering how OS-agnostic these courses are going to be, when I came across this quote:
Okin agreed: "We need to get input from others as well. Clearly, there is no point in these undergraduates learning only about Microsoft technology. We need a broad approach."
The reason I wondered was because so much of secure programming involves access control in many ways, direct and indirect. Obviously, Microsoft's access control mechanisms vary wildly from Unix paraadigms. I'm not a hardcore programmer, but I can only assume that priviledge escalation exploits under a Redmond OS would be very different from something similar with linux.
That sentence states unambiguously that the course will cover non-MS architecture.
I, for one, am impressed. Doing the right thing for once, the boys in Redmond.
Blearf. Blearf, I say.
Geez! They'd be the last persons i'd put in that position!
I mean, stuff like;
The IIS hole,
Outlook express,
The recent SQL worm,
Windows 9x's login etc.
There are friggin fishingnets who are more waterproof then microsofts code!
GAAH! MY PRINTER IS ON FIRE!!! PUT IT OUT! PUT IT OUT!
Leaving personal politics aside -- whether you agree or disagree -- it's certainly the case that Bush's diplomacy and Microsoft's security have been called into question and are the center of heated debate. In situations like these, the actual facts play only a modest role in shaping public opinion, especially when the "facts" are nebulous, subjective, and largely unquantifiable. There are no established objective measures of computer security, and even less of diplomatic success, that do not rely heavily on retrospective data.
In debates like these, perception and politics reign. And one surprisingly effective tactic is to assert the point under debate by calmly behaving as if there were no debate and moving on to the next step. If you simply act as if something is true, and act surprised when people question it, listener tend to build consensus around the confidence you project. Certainly the Bush administrations (and, of course, many previous administrations) have used this tactic extensively, and Microsoft seems to be using it now: If they're teaching a course on security, they must know security, right?
This places those arguing the opposite side (pacifists in the one case, the Slashdot majority crowd in the other) in the awkward position of constantly having to re-establish that the debate is still open, without boring, tiring, or otherwise turning off the only semi-interested public.
Note that none of all that maneuvering has anything to do with who's actually right.
Microsoft's university program is closely linked to its Trustworthy Computing initiative, its companywide focus on securing its products, which was launched early last year.
Hey, check it out. Early last year Microsoft decided it might me worthwhile to secure some of its products.
I hear some time in Summer 2014 Microsoft is going to launch its Memory Leak Awareness Program.
Maybe I'm strange, but I couldn't help but read this article's title as "Using Microsoft To Teach Undergrads About Secure Computing." Is there something wrong with that?
I forget where I heard it, but someone once pointed out that if your going to go to Spain to participate in the running of the bulls, you don't really want to talk with the people that managed to survive it... you want to talk to the guy that got his ass gored off because he can tell you exactly what to avoid doing!
Same thing here! Who better to tell us what security bugs to avoid than Microsoft.
If a pion (n-) collides with a proton in the woods & noone is there to hear it, does lamdba decay into the source pa
I would much prefer that a course in computer security be aligned with a university and good general engineering practice and strictly eschew alignment with any company of any kind.
Don't they have a *professor* qualified to teach such a course, and if not, why would anyone go there?
Maybe I'm just being a *cynical* old fuddy duddy, but I smell payol. . . er, a donation. Ah yes, there it is at the end of the article. Go figure.
I also strongly suspect that day one will *not* feature a lecture on the benefits of UNIX, how to uninstall Outlook Express or the security features built into Sun Java.
Which is precisely the reason an institute of higher learning should shy away from such blatant association with a particular company who has a vested interest in the field.
What's going to be next, the Christian Science Monitor Chair of Internal Medicine or Powerbar Chair of Exercise Physiology?
KFG
I believe their real motive in offering such a course would be to teach programmers to code for security the Microsoft way, so that things continue to get worse. Their definition of security of your machine is much like their definition of digital rights of your machine; they are not looking after your digital rights, and they are not looking after your security.
I'm an American. I love this country and the freedoms that we used to have.
Microsoft has a huge push going on in education. Campus reps, steep tool discounts, and curriculum suggestions to get Microsoft technology into undergrad and grad school course materials. Ask any CS professor what kind of contact they've had with Microsoft reps.
.Net runtime.
Java and Linux have become very large forces in education. Java has very nearly become the de facto teaching language, and Linux has become a popular instruction platform. Microsoft is trying very hard to counter this motion with C# and the
Out of this will come lots of students thinking about security the Microsoft way. They'll believe that more security features (ACLs, etc.) in a system make it more secure. They'll think that if they just throw more tools and wizards at software, they can handle anything. And, sadly, even if those programmers don't become Microsoft programmers, a lot of that bad thinking will spill over into Linux and other systems; too much of that is already happening, with people busily porting some of the worst misfeatures of Windows to Linux.
Arthur Anderson (the accounting firm that caused Enron)
I'm a Chicagoan, and I find it sad that Andersen went away. They didn't cause Enron; they were crooks already. What Andersen did was allow it to happen when it was their specific responsibility to stop it. They got caught up in a contest with Andersen Consulting on how to book the biggest bucks, and let it blind them from outing the crooks. The sad thing is, previous to Enron/WorldCom et al., they had a rep of being the toughest firm out there with their bullshit filters turned to 11. They sold out.
I've used formal methods in a few places... much to the indifference of colleagues. I remember one time finding a subtle bug via Z-notation and fixing it, then moving on to another project while several of my former coworkers criticized my code as "unnecessarily complex," etc. A couple years later I happened to overhear a conversation that strongly suggested somebody had "cleaned up" my code, then actually encountered that rare, subtle bug years later and had great difficulty (and pride) in fixing it.
So formal methods are extremely powerful... but I rarely use them now. The problem is that few problems are so well defined that you can use them in a meaningful manner. If you're writing low-level code - something on the level of string libraries or date routines, use them. But as you get closer to real world problems, the formal methods seem more effective at driving home how little you understand about your problem space, not writing solid code.
(As a specific example, I remember getting nailed by the concept of "triangle." We were writing meteorological code, and sometimes "triangles" were planar and sometimes they were triangles on a sphere -- and the problems are *very* different as you move away from small triangles. Some of our code did - many navigation problems can be reduced to triangles with the two endpoints and the North Pole.)
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
I think it's a good idea. Honestly. There are security flaws in Windows, yes. There are also security flaws in Linux. (ptrace recently). A lot more people are using Windows, there has got to be a decent chance that more security flaws will be exploited.
I didn't learn anything about secure coding in school. I'm sure there are many experts at MS on writing secure code. And at least the organization as a whole is *trying*. I'm sure they can write more secure code than me, and definitely have some advice that will help programmers down the road. Mod me down if you like, but I say give the MS bashing a rest and consider the merit behind the idea. How much do YOU know about writing secure code?
Random is the New Order.
From my personal experience, these MS sponsored/related workshops/courses, are more like perverted advertisements trying to pressure students into using MS products rathar then then actual informative educational sessions.
I had to take a couple MS Windows network administration courses back in colledge because they were requirement for the program. We had to memorize stupid phrases like "MS Windows network is the best choice because it's userfriendly, easy to set up, and secure" for the exams.... It just makes me sick to stomache.
the company "paid more than $60 million in 1999 to acquire Intrinsa, maker of a bug-finding tool called Prefix. when was the last time Microsoft just licensed software they wanted instead of just buying the company that makes it?
It is a good idea to get colleges to teach about writing secure programs. Currently, almost all programmers get out to the real world without knowing how to write secure programs, and they're writing the programs exposed to the entire Internet. That needs to change.
- David A. Wheeler (see my Secure Programming HOWTO)
Using a better language doesn't completely prevent software defects, but it can eliminate a large class of exploitable security problems.
Some more suitable languages include Ada, Java, Modula-3, Sather, Scheme, and Smalltalk. There are, of course, many others as well. Some of these impose a non-trivial performance penalty compared to C and C++, but some of them don't.
Some time back I was involved in a thread about programming language support for reliable software, in which I compared C to a table saw with no finger guard.
C.A.R. Hoare, in his 1980 ACM Turing Award Lecture, made the insightful observation:
Given how difficult it is to write robust software, it astonishes me that it is still common practice to use languages that offer essentially no help in avoiding common mistakes.
Microsoft is correct, however, that better education would improve things. Marc Donner posted an insightful comparison between how programming and writing are taught.
Eric
[*] Laziness in programmers is a virtue! Most new software tools are developed because a programmer somewhere was too lazy to keep doing things the same old way.
"Those who can't do, teach."
Week One: The dangers of open source software
Week Two: More dangers of open source software
Week Three: How frequent licensing payments improve security
Week Four: Shhhh... better security means not discussing exploits and security holes
Week Five: How the media exaggerates security issues
Week Six: Did we mention the dangers of open source? Let's review
Week Seven: How to uninstall Linux
Week Eight: Macintosh--the gay-communist connection
Week Nine: (No classes during this week so students can reinstall Windows or do any necessary security patches.)
Week Ten: Trusted computing, i.e., how hypnosis is your friend
Week Eleven: The dangers of open source software revisitted
--Rick "If it isn't broken, take it apart and find out why."
Couldn't they have just bought a few licenses? Why did they have to BUYOUT the whole company? I'm sure if they worked up a good deal, they could have purchased a few thousand licenses for much less than $60M...
Please consider making an automatic monthly recurring donation to the EFF
- J Jackson wrote:
:-)
Not an MS shop.In a dept that uses
Solaris and Sun Hardware for the following services
Mail, DNS, print server, Backup & Majority of it's file serving
Linux and Apache for it's dept. Web services, and most of it's compute power
And which only uses Microsoft IIS as a toy for student use.
We do run about equal Linux/Microsoft desktops.
Jim
p.s. feel free to use these figures.
MP