Slashdot Mirror

← Back to Stories (view on slashdot.org)

BBC Bill Gates Interview Part 2: Security

Posted by timothy on from the these-are-not-the-holes-you're-looking-for dept.

securitas writes "In the second of two parts, the BBC's Stephen Cole of the technology show Click Online interviews Bill Gates about Windows, viruses, security, spam, 'trustworthy computing', Longhorn and being anti-competitive. Sample quote: 'Certainly you can never underestimate the level of malicious people out there who are going to try to take advantage of whatever things there are. That's why we made trustworthy computing the top priority.' Streaming media in Real format is also available. [Video: Broadband | Narrowband] You can read the first half about the 'digital lifestyle' in Part 1: Bill Gates plots a Windows future. Here is the Slashdot discussion of the first part of the interview."

4 of 289 comments (clear)

  1. Pilgrims Progress Approach Vs Infect,Scan,Remove by NZheretic · · Score: 4, Informative
    Microsoft's desktop security issues stem from its reliance on the Antivirus industries "Infect-Scan-Remove" approach.

    In comparison, right from the outset, open source desktop platforms and applications have relied almost wholly on closing the infectable vectors, the exploited vulnerabilities used by malware, as quickly as possible.

    Read the following Usenet thread from 2000 that covers the argument in detail. David Harley and Robert Moir are two Anitvirus industry leaders. It also includes the prediction that Microsoft would eventually get into the antivirus industry.

    If you have a spare hour, listen to Dr Dobbs' technetcast:

    Dr. Blaine Burnham, Director, Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA), gives an overview of current encryption and security technologies and outlines possible strategies for future defense. 9th USENIX Security Symposium, Keynote MP3 [2000-10-09] (57min)
  2. Re:Sorry Bill but you're full of shit by Jonti · · Score: 3, Informative
    GP: ... if a bug affects IE then it probably also affects Outlook, Outlook Express, MS Help and gawd knows what else.

    P: The alternative, of course, is to have seperate HTML rendering components for every application that wishes to render HTML.

    Dunno why this scored three -- the grandparent is right, and the parent is wrong. So the (only?!) alternative is to have separate html rendering components for every application that wished to render html, is it? Why so? I think we should be told!

    All that's needed is for the html rendering to run is userspace, rather than kernel space. That is actually what khtml does, which yes, is integrated tightly with the KDE graphical shell, but not with the kernel.

    Fixing a bug in IE can mean fixing a bug in kernel code -- and that bug in the kernel code might affect dozens of other applications. You don't have to build things that way. That was the grandparent's point.

  3. Click Online by jb.hl.com · · Score: 3, Informative

    Maybe off topic but may as well say: Click Online is a very Microsoft centric TV programme which is shown on BBC World internationally and on BBC News 24 in the UK. It tends to be very dumbed down and barely scratches the surface on a lot of subjects. I remember one show where they were discussing distributed computing, and had a cluster of Windows 9x boxes (!) all of which duly blue-screened. Ahh, memories. If only the BBC actually did a serious tech show :(

    --
    By summer it was all gone...now shesmovedon. --
  4. Re:Security? Ha! by Insightfill · · Score: 3, Informative
    Actually, as an ISV, if you want to put the shiny "Designed for Windows XP" sticker on your application, you have to pass a few Microsoft-administered tests.

    Some criteria:

    1) When app installs, all file and registry changes are contained in app directories and reg keys, unless such changes constitute system upgrades (MDAC, etc.) Start menu, etc. excluded.

    2) App is fully usable under "user" level account (no write-backs to protected dirs, or HKLM registry).

    3) App is fully usable under "fast user switching"

    4) App cleanly fully uninstalls.

    Actually, the full list is much longer, but the point is that MS gives brownie points to the dev. firms that can make apps run under "user" permissions. My guess is the game firms don't care about that level of certification, but for corporate-level apps, it makes all the difference. If you pass all of those tests, you can generally be assured of running under Citrix, Terminal Server, REALLY "locked down" desktops, etc.