Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft to Clean Up Code

Posted by CowboyNeal on from the throwing-out-the-cruft dept.

the_pooh_experience writes "Microsoft has decided to beef up their security group by adding a code cleaning group according to Infoworld. As the director of MS security engineering says: 'Microsoft is a long way from its ultimate goal where users can take security for granted in its products...the majority of viruses written attack Microsoft products.'" The new group is called Security Engineering Strategy and while it may seem long overdue to many, it's still a step in the right direction for the folks in Redmond.

2 of 466 comments (clear)

  1. Doesn't look like they'll fix existing code by shayborg · · Score: 5, Informative

    First, this isn't a code cleaning initiative, as someone above noted -- the article says that the new group will "establish new software development processes and create tools for its programmers so that future Microsoft products will have fewer security flaws." So it looks like their job is to just improve the programming methodology at our favorite software company.

    Second, there are only ten people on this task force. Will they have enough time to fix the programming methodology for all Microsoft software? Somehow, I doubt it -- and it doesn't take much imagination to guess that the Mac products, for example, aren't likely to be the primary targets, as well as any spyware that Microsoft finds convenient (*cough*WMP ;-)*cough*).

    So it's a step in the right direction but I think they need to use more manpower to solve this problem. God knows they have plenty of it. Until they do, across the board, I don't think many of us will ever trust Microsoft's security. (I'll leave the question of trusting Microsoft itself to another discussion.)

    -- shayborg

  2. Re:Credit Where Due by BadDoggie · · Score: 5, Informative
    Larry Ellison begged the world to break Oracle. They spent millions buying up the backs of every business magazine and full pages in serious and financial newspapers claiming it was "unbreakable". They specifically said that no hacker could get into it. Real hackers and crackers have always said they do it for the challenge. What better way to provide a challenge than to spend tens of millions in order to yell, "C'mon, you weenies! I dare you!"

    Microsoft also got hit a lot harder every time they claimed some semblance of security. They've learned their lesson, albeit slowly. Now they only claim to be working on improving security, considerably different than Larry's claims.

    woof.