Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Security Expert: Microsoft Gave Up on Security to Gain Market Share

Privacy laws could hurt the little guy

,----[ Quote ]
| InfoWorld: When the PC went on the network, there were security
| implications that nobody thought about. Microsoft has spent the
| last five years fixing all of the security problems that maybe
| could have been foreseen.
| 
| Whit Diffie: Wait a minute. I think there are two issues. I
| think you'll find that lots of them were foreseen. I think the
| critical thing [is] that Microsoft showed that its judgment was
| correct. If it had paid less attention to security, maybe it would
| have had less market share.
| 
| It had no real motivation, I think, until the last few years to
| try to fix these things. The interesting thing to me is why it's
| been so hard for them to do so, because they must have half the
| smart people I know about in the industry, and in security,
| working for them. And I think it has to do with the problems
| of legacy code, and the legacy interface expectations of
| their customers. 
`----

http://www.infoworld.com/article/07/03/05/10NMmain_1.html?source=NLC-SEC&cgd=2007-03-05


Related:

Microsoft could be teaching police to hack Vista

,----[ Quote ]
| Microsoft may begin training the police in ways to break the
| encryption built into its forthcoming Vista operating system.
`----

http://www.vnunet.com/vnunet/news/2150555/microsoft-teaching-police-hack


UK holds Microsoft security talks

,----[ Quote ]
| "UK officials are talking to Microsoft over fears the new version of 
| Windows could make it harder for police to read suspects' computer files."
`----

http://news.bbc.co.uk/1/hi/uk_politics/4713018.stm


How NSA access was built into Windows

,----[ Quote ]
| A careless mistake by Microsoft programmers has revealed that
| special access codes prepared by the US National Security Agency
| have been secretly built into Windows.
| 
| [...]
| 
| The first discovery of the new NSA access system was made two years
| ago by British researcher Dr Nicko van Someren. But it was only a
| few weeks ago when a second researcher rediscovered the access
| system. With it, he found the evidence linking it to NSA.
`----

http://www.heise.de/tp/r4/artikel/5/5263/1.html


Data Protection Commissioner criticizes search of private PCs online

,----[ Quote ]
| "In the case of a search via the Internet a police officer covertly,
| without the person knowing about it, accesses a person's computer."
| During such an operation he or she might copy data and obtain all
| kinds of personal documents; the police officer was acting as a "state
| hacker," so to speak. Mr. Schaar observed. "Such an approach is in
| conflict with the legal obligation to protect the core of
| individuals' privacy," Mr. Schaar stated emphatically.
`----

http://www.heise.de/english/newsticker/news/82529/from/rss09


NSA Builds Security Access Into Windows

,----[ Quote ]
| A careless mistake by Microsoft programmers has shown that special access
| codes for use by the U.S. National Security Agency (NSA) have been secretly
| built into all versions of the Windows operating system.
`----

http://www.techweb.com/wire/story/TWB19990903S0014


Botnet 'pandemic' threatens to strangle the net

,----[ Quote ]
| Cerf estimated that between 100 million and 150 million of the
| 600 million PCs on the internet are under the control of hackers,
| the BBC reports.
`----

http://www.theregister.co.uk/2007/01/26/botnet_threat/


McAfee: Microsoft completely unrealistic on Vista

,----[ Quote ]
| Windows Vista does not ship with antivirus software installed and active,
| but for the first time Microsoft will be promoting their own antivirus
| service in Windows OneCare. Alex Eckelberry, CEO of Sunbelt Software,
| has already called Microsoft's plans predatory based on pricing. McAfee
| is focusing its critique on operating system design, arguing instead that
| Microsoft's decisions with Vista will simply make the operating system
| less secure.
| 
| In the advertisement, McAfee CEO George Samunek is quoted as saying,
| "Microsoft is being completely unrealistic if, by locking security
| companies out of the kernel, it thinks hackers won't crack Vista's kernel.
| In fact, they already have." The advert continues: "With its upcoming
| Vista operating system, Microsoft is embracing the flawed logic that
| computers will be more secure if it stops co-operating with the
| independent security firms."
`----

http://arstechnica.com/news.ars/post/20061002-7875.html


Vista still vulnerable

,----[ Quote ]
| Vulnerabilities in Windows Vista will plague users in coming months
| and years, a prominent security researcher warns, despite its
| security improvements over predecessor XP.
`----

http://www.smh.com.au/news/security/vista-still-vulnerable/2007/02/26/1172338546822.html
http://tinyurl.com/2o82lf


Digital Criminals

,----[ Quote ]
| My concern is that Microsoft says it does all sorts of great
| things to protect its code but doesn't like to tell anyone what
| it is. And it's not willing to compare best practices. Other
| people have developed a whole list of things of what companies
| should do to protect their code. And Microsoft is not telling
| them what they do.
`----

http://www.forbes.com/2007/02/28/clarke-terrorism


Vista security overview: too little too late

,----[ Quote ]
| So, what have we got here? An adequately secure version of Windows,
| finally? I think not. We have got, instead, a slightly more secure
| version than XP SP2. There are good features, and there are good
| ideas, but they've been implemented badly. The old problems never
| go away: too many networking services enabled by default; too
| many owners running their boxes as admins and downloading every
| bit of malware they can get their hands on. But MS has, in a
| sense, shifted the responsibility onto users: it has addressed
| numerous issues where too much was going on automatically and
| with too many privileges. But this simply means that the ownerw
| ill be the one making a mess of their Windows box.
| 
| Data hygiene is still an absolute disaster on Windows. In fact,
| it's worse than it ever was in some ways, and that's very bad
| indeed. Browser traces still in the registry, heavy and
| complicated indexing to improve search, new locations where data
| is being stored. It all adds up to a privacy nightmare. Keeping
| a Vista box "clean" is going to be impossible for all but the
| most knowledgeable and fastidious users.
| 
| So don't rush out to buy Vista in hopes of getting much in
| return security-wise. I do like some of the changes, at least
| in theory, or as a decent platform on which to build an
| adequately secure version of Windows one day. But that day,
| if it ever comes, will be well in the future. 
`----

http://www.theregister.co.uk/2007/02/20/vista_security_oversold/


Symantec: Microsoft conflict of interest is damaging internet

,----[ Quote ]
| Symantec's chief executive has lambasted Microsoft for a dangerous
| conflict of interest as both the provider of an operating system
| and seller of software designed to secure its users.
| 
| [...]
| 
| Thompson told RSA delegates: "You wouldn't want the company that is
| keeping your books to audit your books. The same logic should apply.
| You wouldn't want the company that created your company's operating
| platform to be the one that is securing it from a broad range of
| threats. It's a huge conflict of interest."
`----

http://www.theregister.co.uk/2007/02/07/symantec_thompson_microsoft/

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index