Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Look at Microsoft's Security War Room

Posted by ryuzaki0 on from the but-can-they-call-jack-bauer dept.

Josh Fink writes "C|Net has an interesting piece about Microsoft's Security War Room, or rather, shall I say rooms. This room came about when Microsoft's security chief, Mike Nash, had issues finding open conference rooms. The response; a dedicated room only for him and his staff to handle emergencies. "And while he was at it, why not have two? That way, the folks working on fixing a security crisis could have a little breathing room from those drafting the public and customer communications around the issue. ""

40 of 199 comments (clear)

  1. on the door? by mseidl · · Score: 5, Funny

    "No Penguins Allowed"

    1. Re:on the door? by PPH · · Score: 5, Funny

      That's on the front door only. How many back doors do these rooms have?

      --
      Have gnu, will travel.
    2. Re:on the door? by Hymer · · Score: 2, Funny

      A more useful sign would be "No Executives allowed !" they usually fuck things up even more in a crisis.

    3. Re:on the door? by Anonymous Coward · · Score: 5, Interesting

      I'm posting anonymously because of NDA implications. I used to work at a network security firm that supplied MS with a security console for detecting, investigating, and mitigating attacks on their network. (Hint, they use the same one as the Pentagon's network security war room.) This system relied upon certain defacto standards in their networking gear, but MS had purchased gear that did not support that feature, and were blocking much of their gear that did. MS's proposed solution, distribute a few hundred Linux boxes all through their network to serve as probes.

      It was an unworkable idea, and we eventually worked around their problems in a different way, but it does indicate that some of the head security guys at MS may not be as opposed to Linux as you'd think. So long as they don't have to make it public, they seem happy to use OSS. Note, the servers that provide their security system run a highly customized version of either OpenBSD or Linux, depending on which version they're using.

    4. Re:on the door? by irongroin · · Score: 2, Funny

      Yeah, but everyone knows your IP address. It's 10.151.73.140.

      Wait a second, mine is 10.151.73.141, Joe? Is that you?

  2. Interesting photo question... by dada21 · · Score: 5, Funny

    Anyone notice that all the swivel chairs are bolted to the ground? I wonder why they made them fixed and permanent.

    1. Re:Interesting photo question... by Kranfer · · Score: 2, Funny

      Well, we all know that freedom of movement is something that needs to be taken seriously. Either that or they liked the idea from the Enterprise bridge... Just imagine Data and Wesley crusher pushing eachother around on rollable chairs... It would have brought havoc to the Enterprise and Picard would be forced to sick Worf on them... Maybe they just want to avoid Klingons destroying their security people? I dunno? Stationary employees are more well behaved and productive employees?

      --
      -- Josh
      "Whoopie! Man, that may have been a small one for Neil, but that's a long one for me!" - Pete Conrad
    2. Re:Interesting photo question... by Entropius · · Score: 2, Funny

      No, obviously there are ||: developers developers developers developers :|| under his shirt.

  3. Billions of dollars in damages... by gerf · · Score: 3, Funny

    Viruses, backdoors, security holes, buffer overflows, trojans galore... and they get a room. Ooooh, they're so dedicated to security!

    1. Re:Billions of dollars in damages... by Smidge204 · · Score: 3, Funny

      They can't even keep people from breaking in and stealing their expresso supplies! No wonder they have so much trouble with security...

      =Smidge=

  4. The cabinets are unlocked by BadAnalogyGuy · · Score: 3, Funny

    They have a big sign out front indicating security, but they don't even have locks on the kitchen cabinets.

  5. Can't see... by thelima · · Score: 2, Funny

    ...any windows there... ;)

  6. From this state of the art bunker... by DeeVeeAnt · · Score: 2, Funny

    Microsoft's top engineers relentlessly persue their war on security.

    --
    Home fucking is killing prostitution.
    1. Re:From this state of the art bunker... by Locutus · · Score: 3, Insightful

      Didn't Bill Gates declare essentially, 'Mission Accomplished', when they shipped Windows 2000? You know, saying it was the most secure version of Windows. Then again when Windows XP shipped and the grand finale when he declared Windows Vista as the most secure OS available. That's right, not the most secure version of Windows, but the most secure OS available!

      Is he retiring from Microsoft to run for President? He's got the ethics to do so. IMO.

      LoB

      --
      "Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
  7. Re:The real war room at Microsoft by jamstar7 · · Score: 2, Funny

    But where is the "sekrit world headquarters" of Linux that they intend to nuke?

    --
    Understanding the scope of the problem is the first step on the path to true panic.
  8. Re:reality and spin rooms. by ByOhTek · · Score: 4, Interesting

    One dedicated fix team for all that code?

    That wouldn't make sense at all, there's too much for anyone to grasp. It would be like a dedicated fix team that cover Linux+KDE+OpenOffice. (replace Linux with OpenSolaris or *BSD if you like, KDE with Gnome or some other high-feature window/session/desktop manager if you like)

    It's to complex to keep aware of the ins-and-outs of everything - just one of those would be hard enough. Each project should have their own dedicated fix team - The top-string regular devs for the project (hence they understand the code), maybe one or two outsiders (another perspective), who normally work on the specific project, but drop everything and work on fixes if they occur.

    Also, it never said that they didn't (or for that matter, did) already have a dedicated team then (or now), simply that until '05, they had to share conference rooms.

    --
    Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
  9. Two rooms by ShiningSomething · · Score: 5, Funny

    When I read there were two rooms, my first reaction was: one to work on the current security threat, a second to work on the security threats created by the first one...

  10. The reason for having a second room... by MiniMike · · Score: 5, Funny

    It's a backup for when the first room crashes!

  11. Are those liquor bottles? by Iphtashu+Fitz · · Score: 4, Interesting
    In the cabinet containing food supplies it looks like they have the following available:
    • a bag of pretzels
    • a couple bottles of hersheys chocolate syrup
    • one can of soda or juice
    • a couple containers of nondairy creamer
    • 3 bottles that look like liquor bottles
    All that to feed a group of engineers that "gets hit with an emergency and has to pull an all-nighter."

    Sounds like a typical geek diet to me.
    1. Re:Are those liquor bottles? by corsec67 · · Score: 2, Informative

      Those 3 bottles are flavor syrups, like the variety Starbucks uses to make some of the more bizzare drinks. (Rasbery/Vanilla/Cherry/etc...)

      --
      If I have nothing to hide, don't search me
    2. Re:Are those liquor bottles? by iONiUM · · Score: 5, Funny

      Yes, you are right. The GP either doesn't drink alcohol, or doesn't drink coffee. Either way, what the fuck is he doing on slashdot.

    3. Re:Are those liquor bottles? by the_one(2) · · Score: 2, Funny

      never heard of the ballmer peak? =)

  12. War rooms... by aicrules · · Score: 2, Informative

    it's nice that it's so clearly stated exactly why there is this "war room". We have similar requests by various teams in our organization as if a war room is some amazing thing that you just can't live without. In reality it's almost always because some asshat can't be bothered to book meeting rooms in advance. If all the rooms are always booked, add more rooms. What you end up with is a room that no one else can use and except in dire situations, no one is using at ALL.

  13. Re:war room? by Geste · · Score: 5, Informative
    "Is it just me or is slashdot's headlines as of late running parallel to the average idiots way of describing everything as a war?"

    In somebody's defense, they probably just picked up the concept and terminology from large telcos. If you go to a large network operations center (say like what AT&T operates in Piscataway, NJ) you will find two or more good-sized conference rooms provisioned with 10-15 workstations each that sit idle 99 percent of the time. Just used in cases of major outages/problems or sometimes for network upgrades. Known as the "war rooms" for as long as I am aware.

  14. That explains it! by christurkel · · Score: 2, Funny

    There is no one in those rooms!

    --

    CDE open sourced! https://sourceforge.net/projects/cdesktopenv/
  15. Disappointed by hcdejong · · Score: 4, Interesting

    I expected this, not some crummy office with a conference table.

  16. To misquote Dr. Strangelove... by Hanners1979 · · Score: 2, Funny

    "You can't patch in here, this is the Microsoft Security War Room!"

  17. War Room? More like Scuffle Closet? by Spinlock_1977 · · Score: 4, Funny

    I've been in a few war rooms, control centers, command centers, etc etc etc over the years. Even helped design one a little. 4 Flat screens is all they've got? Four? That's no war room. Scuffle closet maybe?

    --
    - The Kessel run is for nerf herders. I can circumnavigate the entire Central Finite Curve in a lot less than 12 parse
  18. Re:war room? by stranger_to_himself · · Score: 3, Funny

    I am interested in joining your war on the inappropriate use of the word 'war'.

  19. Re:24? by Cro+Magnon · · Score: 2, Funny

    Considering how many moles are in CTU, I definitely see the resemblence to Microsoft security.

    --
    Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
  20. What a non-story by InlawBiker · · Score: 4, Insightful

    Seriously, a few photos of a conference room? And Harvey Keitel and an espresso machine? This is just a room where people sit down to discuss issues. Just like in every office everywhere in the world, except this one has some TVs on the wall. Can I please have that 10 minutes of my life back?

  21. Pulp Fiction - The Wolf by zerofoo · · Score: 2, Funny

    It seems fitting they have a picture of Harvey Keitel playing The Wolf character from Pulp Fiction hung on the wall.

    I've had to clean up after a large scale Microsoft failure a few times, and it the whole process did seem like going on "Brain Detail" in the back of a car.

    -ted

  22. Re:A new shill by TubeSteak · · Score: 2, Insightful

    Tired of having to fight for a free conference room, Microsoft's security chief, Mike Nash, decided in early 2005 that the company needed a dedicated "war room" where his team could handle emergency responses.
    ...
    The Microsoft Security Response Center (MSRC) was completed in June 2005.

    Why would anyone shill 2+ year old "news"?
    --
    [Fuck Beta]
    o0t!
  23. Re:Looks shitty, uninspired by PitaBred · · Score: 2, Insightful

    But... Microsoft told me they take security seriously! They wouldn't lie to me!

    --
    My blog. Good stuff (when I remember to update it). Read it.
  24. and underneath that sign by commodoresloat · · Score: 2, Funny

    Please wear a helmet; look out for flying chairs.

  25. Re:reality and spin rooms. by VE3MTM · · Score: 3, Insightful

    I'm sure they're vastly simplifying their processes. This seems to just be a triage centre (and a fairly rudimentary one too). I doubt the actual fixing takes place here, rather just co-ordinating that process.

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 Whoops, silly middle mouse button...
  26. Re:reality and spin rooms. by ByOhTek · · Score: 2, Funny

    that's kinda what I was trying to say, but you were much more concise.

    showoff

    --
    Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
  27. Re:war room? by Fred_A · · Score: 3, Funny

    The proper name is "War on Security". It's not supposed to be used outside of Redmond though.

    --

    May contain traces of nut.
    Made from the freshest electrons.
  28. Re:And inside.. by MrNiceguy_KS · · Score: 2, Funny
    You're right. I thought there was a way to always win, but I did some playing and realized that there is a sure way for the second player to force a draw. It just requires taking a move that most people won't. I remember seeing references to tic-tac-toe programs that are unbeatable, but "Unbeatable" is not the same thing as "Always Wins".

    Glad I did some checking. I had started typing up a response challenging you to ascii-art tic-tac-toe right here on /. I had even made a mention of $50 via PayPal. "Think first, post second" saves the day again, (but didn't quite kick in before I made my original post.)

    I still stand by my claim on WinME, though.

    --
    Redundancy is good And also good.
  29. Re:24? by Blakey+Rat · · Score: 2, Insightful

    Why do I get a vision of Jack Bauer taking orders from Bill Gates to wipe some Chinese online terrorists off the map from some CTU-like complex?

    Because you watch too much TV?

    --
    Comment of the year