Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Microsoft's Security VP

Posted by Roblimo on from the My-OS-is-better-than-yours dept.

There's always lots of discussion on Slashdot about Microsoft's security problems, and whether Windows is or isn't more secure than other popular operating systems. In a "Let's clear the air" move, Mike Nash, Microsoft Corporate Vice President, Security Technology Unit, has agreed to answer 12 of the highest-moderated questions you submit here. (You can skip the "Microsoft and security in the same sentence?" comments we've all heard 1000 times, and ask actual questions, since Mike is answering for himself instead of having PR do it for him.) We'll post his answers next week.

1 of 543 comments (clear)

  1. Usability and Security by kafka47 · · Score: 0, Redundant

    The revised mantra of Microsoft application security has been "Secure by default", a strategy that was applied with varying degrees of success to many of your products in recent memory. In security circles, this might seem like a no-brainer, but for consumer-level applications the strategy can be a nightmare. For a company that spends so much on usability and ease-of-use for end-users, the act of explicitly prohibiting certain operations or features seems to fly in the face of that investment. The users get what is perceived as a broken product, and the administrators get the headache of decreased security (say, after they install a patch that break "secure by default"). For various reasons, these two contradictory approaches seem to serve neither usability nor security. In that vein, what other effective strategies have been considered? For years, the NSA has provided a unique service to the users of various products, including Microsoft Windows operating systems. They produce "hardening" guides for these products in an effort to ensure their continued security and viability in the wilds of the Internet. Has Microsoft ever considered producing guides like these, seeing as how they're the authors of their own products? In that vein, has Microsoft considered redacting the secure by default to enhance usability, yet instead produce tools or wizards that electorally enable hardening for your applications and OS'? /K