Slashdot Mirror

← Back to Stories (view on slashdot.org)

Richard Clarke on Microsoft security

Posted by timothy on from the but-who-listens-to-that-guy dept.

hizzo writes "Richard Clarke, former White House cybersecurity and counterterrorism adviser, harshly critized Microsoft's security track record. 'Given their record in the security area, I don't know why anybody would buy from them.' He also called for some regulation of security for ISPs in addition to better industry self-regulation, such as disclosing QA practices and becoming more accountable for secure code. I wonder if anyone will finally start listening to him?"

10 of 491 comments (clear)

  1. Will they listen? No. by Darth+Maul · · Score: 4, Interesting

    "I wonder if anyone will finally start listening to him?"

    No. With all the spyware and worms and virii out there, people just won't switch. I just don't get it. I suppose they are just stuck in their ways, and don't want to learn anything else. I suppose for most people, it was enough of a trial to "learn" how to use Windows, so they would rather put up with the crashes, spyware, and everything Microsoft, and just call it the norm.

    It's a shame. But people really are stupid and/or lazy. That's why they won't start listening to anyone about this stuff. If I were a customer of Microsoft, I'd be organizing class-action suits, writing letters, storming Redmond with torches in hand.... Why these people put up with it most likely can be put into two categories: 1) ignorance, and 2) laziness. Either they don't know there are viable options, or they are too lazy to actually pursue said options.

    Just something off the top of my head. Agree? Disagree? Discuss.

    --
    --- witty signature
  2. Re:not likely by ackthpt · · Score: 5, Interesting
    With all the bribes Microsoft gives to politicians, it's no wonder why he is the former White House cybersecurity and counterterrorism adviser


    Microsoft's bribes had nothing to do with that. He was competent, professional and honest. He didn't realize the crap Wolfowitz was pushing into the president's head until it was too late. Sadly, Rice sat there and lied to the Senate and still has been confirmed as the SoS.


    As for Microsoft's bribing, they had a commendable record of trying to stay the heck out of politics for years, until it became evident that without greasing certain palms that Washington DC would turn on them. Now they make sure enough lucre is spread around Washington and they have many wagging tongues at their disposal and many ears to listen.

    --

    A feeling of having made the same mistake before: Deja Foobar
  3. funny guy by asoap · · Score: 4, Interesting
    I've been reading his book, and there was one story that I found funny in it.

    Before the olympics in Atlanta, he went down there with his CSG group to asses the security for the games with the people responsible. They were standing in the olympic village and he said something along the lines of:

    "So, it appears that the Olympic village is simply the Atlanta Tech Campus"

    All people in charge of the security measures nodded their heads.

    "It is also true that there is a nuclear reactor on this campus"

    Half of the people nodded their heads.

    "I also bet that there are spent fuel rods for that reactor, and as I can see here, there is almost no security for this reactor"

    No body nodded their heads, and instead fummbled for their cellphones to make the proper arangements.

    I thought that was funny, and I thought you other geeks might also like it.
    --
    Treat me like a marketing stat, and I'll treat your movie like a series of ones and zeros
  4. The Real Culprit Is Software Reliability by MOBE2001 · · Score: 4, Interesting

    The security problem really has to do with flaws in software. Most viruses and trojans take advantage of defects in operating systems and applications such as email and browser programs. Microsoft is being targeted because they have a monopoly but all software is at fault.

    Software is bad, period. And, contrary to what Frederick Brooks and others continue to claim, unreliability is not an essential property of complex software systems. Unreliability stems from a custom that is as old as the computer: the practice of using the algorithm as the basis of software construction. Switch to a synchronous, signal-based approach and the problem will disappear. For an alternative approach to software construction, see link below.

  5. It's odd, some people just don't want to learn by SuperficialRhyme · · Score: 4, Interesting

    A friend here at college was having a spyware/virus problem that she wanted help with. I offered to help her if she'd use firefox afterwards to prevent this from happening again. She refused because she "likes using Internet Explorer." Even when I told her she could still use it for certain sites, but that it's best not to use it for web browsing.

    I guess some people are too set in their ways. She couldn't name anything she liked about IE, just that she did, in fact, like it.

    That's my experience trying to spread Firefox to some people who might be in your categories 1 or 2. The other people I've introduced to Firefox have all loved it.

    *shrugs* She found someone else to fix it without the condition that she try to use Firefox. I guess it would be interesting to find out if she gets reinfected.

  6. Advising != Implementing by Infonaut · · Score: 4, Interesting
    One of the central messages of Clarke's book Against All Enemies is that for several years he and many other people worked hard to make the system work better, but institutional politics made it practically impossible. In particular, cooperation between US government agencies was atrocious. FBI/CIA coordination was horrible, for example.

    The framework established for the Cold War is not suited to the current realities. But knowint that is different than moving the huge icebergs that government agencies become as they expand and atrophy.

    --
    Read the EFF's Fair Use FAQ
  7. Re: not a politician by Doc+Ruby · · Score: 5, Interesting

    He left in disgust because the Bush administration is criminally incompetent to protect us, though it will instantly blame people like Clarke for its failures. The administration is very competent at media manipulation and killing the messenger. Look at Clarke's recently declassified 1/25/2001 memo warning Rice about al "Qida". He documented (for internal, secret consumption) the steps taken in the 1990s to stop bin Laden, and the steps necessary to stop him permanently. The month before al Qaeda had been documented as attacking the USS Cole, but even that escalation wasn't enough to keep them on anyone else's radar at Bush HQ. Clarke "covered his ass" because his ass was right, and everyone else ignored him. You're just repeating the neocon spin, blaming Clarke with a smokescreen designed to cover the rest of the "team's" failure to protect us, or even admit we'd failed.

    --

    --
    make install -not war

  8. In a recent issue of The Atlantic by JeffTL · · Score: 4, Interesting

    Clarke was talking in thinly concealed terms about a Windows worm being theoretically put out by America's enemies, resulting in a shift towards open-source operating systems.

    I wonder if some of the viruses that cause so much trouble are in fact backed by scumbags like bin Laden -- there have been a lot more dangerous Windows viruses since roundabouts 9/11, it seems to me, so I wonder if that's a function of an increase in terrorism, or just the suckage of Windows XP, which came out October 25, 2001. If 19-year-old Russians, the usual suspects, can do so much damage, imagine what people who will not hesitate at suicide can do -- it is frightening at best.

  9. Re: not a politician by Doc+Ruby · · Score: 4, Interesting

    What the hell are you talking about? Clarke had been fighting al Qaeda, and Bush demoted him to cyberterror because real terror wasn't important, and Clarke was too threatening to keeping it that way. It talked about the threat of al Qaeda, already well established, and asked for a meeting of the administration people to start specific actions aimed at stopping al Qaeda, rather than waiting for more threats. That request was ignored. And we were attacked, very specifically.

    I didn't even mention anything that has to be "believed" about "Bush". You are an obvious, and sickly typical, Bush worshipper, who is so partisan that you come up with an attempt at an insult by calling me "progressive".

    "No specific threats"... "terrorism sponsors like Iraq"... "disgruntled former employee"... NO ONE BELIEVES THAT BULLSHIT. Even Rice looks guiltier than Kissinger when she squeezes that crap out. Don't waste our time here with the talking points that lead to nowhere.

    --

    --
    make install -not war

  10. Re:Hmm... by drsmithy · · Score: 4, Interesting
    Well it wouldn't surprise me if he did, Clarke is supposed to be quite pally with Clinton remember.

    It's comments like this that remind us non-Americans just how far politics in the US is skewed to the right...