Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Security Meeting Causes Unease

Posted by ryuzaki0 on from the signing-an-nda-with-the-competition-never-fun dept.

Tony Maclennan writes to tell us that there were many mixed feelings at this year's Microsoft Security Response and Safety Summit. Many who attended the conference felt that the presentations were sadly lacking in the technical details that were shared in previous years. With Microsoft entering the arena as a competitor to these anti-virus companies, one has to wonder about the effect on the free flow of information that ultimately benefits the consumer.

16 of 170 comments (clear)

  1. Ballmer needs a gift... by PornMaster · · Score: 4, Funny

    Personally, I think that this points out why people should be buying Steve Ballmer gifts.

    --
    500GB of disk, 5TB of transfer, $5.95/mo
  2. Anti-trust? by cyber-dragon.net · · Score: 4, Insightful

    Has anyone in the DOJ looked into this Microsoft anti-spyware anti-virus bit?
    Anyone else feel this is the epitomy of anti-competative practices? Hell their OS is the REASON these other companies exist, and now Microsoft gets to profit from thier own security holes?

    Someone else HAS to see the flaw in this idea... I can only pray the EU once again has more sense than the DOJ.

  3. Trade secrets? by meburke · · Score: 4, Interesting

    C'mon, folks! It is no longer in Microsoft's interest to divulge techniques that may allow a competitor to secure the most profitable OS in History against it's own vulnerabilities.

    The security companies will be better off forming their own knowlege pool and inviting Microsoft representatives to learn from them.

    --
    "The mind works quicker than you think!"
  4. Maybe there's nothing to report? by Black+Parrot · · Score: 5, Funny

    After all, they spent a whole month cleaning up their security problems.

    --
    Sheesh, evil *and* a jerk. -- Jade
  5. from TFA: visitors are those not saying anything by pimpimpim · · Score: 4, Interesting
    FTA:

    You can imagine why everyone kept their mouth shut:

    It's especially a concern that Microsoft requires attendees to sign a document that allows the company to use anything that anyone says at the event.

    "Having been put into that situation, people will feel more inhibited to say things," said Jimmy Kuo, a McAfee fellow and a veteran of the Microsoft events. "They ask us to sign a nondisclosure agreement, and if we say anything in those meetings that Microsoft is able to use, they have the right to do so." The agreement was introduced in recent years, he said.

    Really, what kind of conference organized by a competitor that already puts in a clause that they can steal the ideas presented would actually render useful information? Think of some big pharmaceutical firm letting its competitors come and show their ideas with a clause like the one above. It would be surprising if anyone would actually show up.

    --
    molmod.com - computing tips from a molecular modeling
  6. Anti-trust? How about RICO? by Biff+Stu · · Score: 5, Insightful

    So you're stuck with our crummy OS. Want to buy some protection?

  7. I could be wrong, but ... by value_added · · Score: 5, Funny
    Another session discussed how malicious software could leave traces on Vista PCs even after it is removed, McAfee's Kuo said. The trace is in the form of a so-called symbolic link, a technology introduced in Vista. These are designed to make it easier to locate items on a computer, and are somewhat similar to current shortcuts in Windows XP and aliases in Mac OS systems.

    "Symbolic links can clutter up your machine with lots and lots of links that point nowhere" after the malicious software is removed, Kuo said. Protective tools will probably end up doing the clean-up, he said. It's a sign that on Vista systems, security software has more work to do than on earlier versions of the operating system.

    This new symbolic link technology sounds like serious stuff. I hope they hold back on the release date until they it's working correctly.

  8. Re:Yes! by Tx · · Score: 4, Funny

    You imply that the GP posters spelling is substandard, however I would contend that it is perfectly acceptable. From the dictionary definitions quoted below, clearly by "evet terrists" he was talking about extremist newt activists.

    Evet (n.)[See Eft, n.]
    (Zoöl.) The common newt or eft. In America often applied to several species of aquatic salamanders. [Written also evat.]

    Terrist (n.)
    A neologism referring to environmentalists who engage in actions considered by some to be terrorism, (eco-terrorism) including destruction of property as well as various types of nonviolent direct action. It is also a moniker used by individuals who concern themselves with the world (Terra) that is the home of the human species (Homo sapiens).

    --
    Oh no... it's the future.
  9. 12 Rules? by tb3 · · Score: 4, Interesting

    So, how many of the wonderful new '12 Rules' does this violate? And how many people really believed in the 'Kinder, Gentler, Microsoft'?

    --

    www.lucernesys.comHorizon: Calendar-based personal finance

  10. Re:from TFA: visitors are those not saying anythin by jkabbe · · Score: 4, Insightful

    Microsoft would be irresponsible if they did not include a clause in the agreement giving them rights to use anything disclosed at the conference.

    Imagine Microsoft was busy working on feature X. Then, along comes someone from Symantec who talks about feature X at the conference. Later, Microsoft comes out with an update to their product incorporating feature X. Symantec cries fowl and starts complaining about how Microsoft stole their confidential information.

    All the clause effectively says is that the information disclosed at the conference is not confidential. If it's not a trade secret, Microsoft can use it as it sees fit anyway. The same would hold true for anyone else at the conference. The agreement just puts it down in plain English for those not up on IP law.

  11. Job security, for me by RickBauls · · Score: 5, Interesting

    Microsofts poor security and anti-virus is what keeps bills paid for me and a lot of people I know. If you ask me, malware can be a good thing in a capitalist run country like USA. If it wasn't for malware, the entry level jobs at a lot of IT companies would be gone.

  12. We Live Upon a Ship of Fools by RailGunSally · · Score: 4, Insightful

    I sat in a meeting yesterday with "developers" who had never heard of Bachus-Naur form. I routinely confer with "programmers" who have never heard of a finite state machine. I work daily with "data architects" who have never heard of Dr. Codd or of normalization. I am personally acquainted with upper managers who are just dying to replace OpenBSD-based firewalls with M$ Vista Server. THIS, my fellow cognoscenti, is the extent to which our society is infested with charlatans and ignorami. That M$ can now, on the one hand, generate security holes of arbitrary obscurity, and, on the other, miraculously detect and repair them far and away better than their erstwhile "competitors" is a final and apocalyptic testimonial to the supreme stupidity (I use the word advisedly, in the sense of "willful ignorance") of our omnipotent layers of corporate management. Wasn't it bad enough when M$ were the sole possessors of the Most Sacred A[PB]Is? Wasn't it awful enough that they were able to ignore even the most rudimentary dictates of software engineering with impugnity -- that the drooling imbeciles in management would keep right on paying vast sums of money for hideous deformities of Logic without batting an eyelash? Do they now get to rake in huge profits from "repairing" systemic defects of their own intentional manufacture? I am 41. I am tired and old. I have watched, like a Felliniesque "Sad Clown of Life," wave upon wave of utter inanity wash up on the vast, dead-whale-stinking beach of corporate and academic IT. I have seen too much. I can cry no more. I want to know how to stop caring now. How, for the love of God, do I join the endless ranks of these gibbering fools who never think one picometer beyond their golf handicaps? How, for the bleeding love of the pumping, pulsating heart of Jesus Christ on a pogo stick do I just sit in meetings daydreaming about jumping into my big yellow H2 and driving back to my prefab McMansion in the burb-sprawl and staining my redwood deck with Johnson's WaterSeal? Why oh why must I KNOW that the imminent deaths of such elegancies as Tru64 Unix and MIPS and Alpha are a sin against art and science and technology and Man? Can't I just be stupid too? What's so wrong with me? What have I done? Why must I suffer so? One day, my friends, we will all lounge in paradise happily signing off on million-dollar purchases of Microsoft AntiVirus Protection(TM) with huge idiotic grins upon our faces and lovely oblivious strings of rancid drool dangling from our chins. We will not be tormented by the Knowledge of Good and Evil. Our eyes will bear the brilliant, unfocused glow of perfect, orgasmic stupidity. Until then, we must work to balance our egregious karma. Can there be any doubt whatever that we fried and devoured living human babies in each of our wretched previous incarnations? What more glaring evidence can there be of our complete, total, and inherent evil? We sinners must needs endure the terrible, sadistic wrath of a cold and childish god. May he soon tire of so gleefully tormenting us. Amen. Railgun Sally

    1. Re: We Live Upon a Ship of Fools by Skippy_kangaroo · · Score: 4, Funny

      Sorry, I've never heard of cognoscenti, charlatans, and ignorami.

      Ignorami is a variant of the ancient Japanese art of paper folding. (Ignorami practitioners have been known to leave their creations on sidewalks creating serious public safety issues.)

      Charlatans are a salamander-like creature that can originally be found on the Galapagos islands, but who are now becoming a problem in urban areas because of specimens escaping from zoos. (Hence society being infested with them.)

      Cognoscenti just refers to employees of Cognos.

  13. No need to pray by EmbeddedJanitor · · Score: 4, Insightful
    EU does have more sense than DOJ, though perhaps not enough.

    MS were quite clever to get DOJ all hot under the collar about Netscape & IE. These are no longer competitive areas. What is more important is that DOJ monitors future manuipulations by MS. For example, how they are playing in mobile space, how they're playing in personal audio (will their new audio device kill iPod through fair means or foul?) and things like anti-virus products.

    For MS's point of view, being able to lock up the anti-virus APIs makes more than just business sense. It also allows them to shut the door on (limited) review of their system by citing some lame excuses like "there is no valid reason for anyone to look at these interfaces, anywone doing so is probably a terrorist!". Loss of that (limited) review would be a bad thing for the industry.

    --
    Engineering is the art of compromise.
  14. Re:Ok, it might be a monopolizing tactic... by BCW2 · · Score: 4, Insightful

    If they were smart enough to know the flaws, why not just fix them?

    --
    Professional Politicians are not the solution, they ARE the problem.
  15. It's called a protection racket. by slashdotwriter · · Score: 4, Insightful

    Offering someone protection for a fee when you're part of the danger to that person means that you're running a protection racket. For a fee, MS offers to close the holes which it leaves in its operating system. I think that you see this kind of scheme at work all over the computer industry. The pushing of upgrades of software and hardware as a fix against problems is of a similar nature.