Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft No Longer a 'Laughingstock' of Security?

Posted by ryuzaki0 on from the set-the-bar-high-guys dept.

Toreo asesino writes "In a Q&A with Scott Charney, the vice president of Trustworthy Computing at Microsoft, Charney suggests that security in Microsoft products has moved on from being the 'laughing stock' of the IT industry to something more respectable. He largely attributes this to the new Security Development Lifecycle implemented in development practices nearly six years ago. 'The challenge is really quite often in dealing with unrealistic expectations. We still have vulnerabilities in our code, and we'll never reduce them to zero. So sometimes we will have a vulnerability and people say to me, "So the [Security Development Lifecycle (SDL)] is a failure right?" No it isn't. It was our aspirational goal that the SDL will get rid of every bug.'"

2 of 282 comments (clear)

  1. Re:I say, set a standard by 0p7imu5_P2im3 · · Score: 0, Troll

    The only thing OpenBSD sets a standard for is having a complete cockshiner in charge of the project.

    If you want a project with a world class cock wallet in charge, look to OpenBSD. ... or look to Microsoft...
    --
    Resistance is futile. Your technological distinctiveness will be added to our own. You will become one with the morgue
  2. Fewer logical fallacies, please. by mattgreen · · Score: 0, Troll

    All I see is hand-waving "I bet there are tons of unpatched holes in IIS" sentiments in your post. I'd like to see proof that there exist unpatched IIS holes, not vacuous appeals to emotion.

    You're perfectly aware if you'd said the same thing about Apache you'd be flamed to hell and back around here. I'm just keeping you intellectually honest.