Somebody finally clued in!
- Thread starter scott
- Start date
Klink
Member
"Russ Cooper, a security expert with TruSecure Corporation, said the change occurred in part after a new security team assigned to attend every product meeting met resistance from product teams."
-That sounds like it could have been a cat fight. I would have loved to be listening in on those product meetings.
"Gates also referred to the Sept. 11 terrorist attacks as another impetus to stress security."
"Microsoft products can be found in almost every government facility, from the White House to aircraft carriers at sea."
-I wonder if the State Department was squeezing Bill's n_ts on this one. I find it hard to believe he would do a 180 on security across all products without some sort of pressure from the outside to do so.
-That sounds like it could have been a cat fight. I would have loved to be listening in on those product meetings.
"Gates also referred to the Sept. 11 terrorist attacks as another impetus to stress security."
"Microsoft products can be found in almost every government facility, from the White House to aircraft carriers at sea."
-I wonder if the State Department was squeezing Bill's n_ts on this one. I find it hard to believe he would do a 180 on security across all products without some sort of pressure from the outside to do so.
I agree with Level9 - this was meant for the press. It was an email sent to employees - hmmm that is tricky to keep secure....not. Microsoft wanted to announce that they were combating their security problems but can't be too public about it because people would ask 'OK, so you are getting tough on security now, but why weren't you before?'.
This way if people ask about this leak it appears that M$ are putting extra effort into their security issues just because they are nice guys.
It is just spin. I have no doubt that they are working quite hard on their security issues but it would take a fundemental change of architecture and product strategy to really make a difference. They are patching holes at the moment which will always appear because of the way that Windows works. (bit of irony in those last two words - 'Windows' and 'works' in the same sentence.)
This way if people ask about this leak it appears that M$ are putting extra effort into their security issues just because they are nice guys.
It is just spin. I have no doubt that they are working quite hard on their security issues but it would take a fundemental change of architecture and product strategy to really make a difference. They are patching holes at the moment which will always appear because of the way that Windows works. (bit of irony in those last two words - 'Windows' and 'works' in the same sentence.)
kenny
Registered
I wouldn't (won't?) be so quick to discount this as spin. Remember the last time a major shift in strategy was announced like this?? I do. In late '95/early '96, Microsoft announced that the internet was to become a major focus for the company. It was very much the same "stop what you're doing and make this your primary goal" type of marching orders. Now, Microsoft is very influential in the direction of the internet, holding majority share with their browser, a large share of the streaming/digital media (Windows Media Player), and making a serious play for middleware services with .NET.
With this shift, we (the non-Windows user communities) will have to watch their every move, keeping in mind not "how does this improve security?", but "how does this benefit Microsoft?" It's been a very very long time since Microsoft has been about advancing the state of the art for technology's sake, but instead they've been very smart about how to own and control things. I suspect that this is no different. It could get very uh... interesting..
With this shift, we (the non-Windows user communities) will have to watch their every move, keeping in mind not "how does this improve security?", but "how does this benefit Microsoft?" It's been a very very long time since Microsoft has been about advancing the state of the art for technology's sake, but instead they've been very smart about how to own and control things. I suspect that this is no different. It could get very uh... interesting..
One of the fundamental ways to make a network secure is to keep it heterogenous, and keep your edge devices and devices with outside access completely diffirent from your backbone and critical data servers. What would be best for security is fundamentally for M$ to back off it's monopoly. This is not going to happen. This is a press release. The best thing M$ could do for security would be ... nothing for about 5 years. Then we'd have a market based once again on interoperability standards with competition and there would be different machines again.
Mac web servers, Windows desktops, and linux data centers with no direct outside link, this would be hard te get through illegitimately. What are the chances M$ would try to sell something like this?
Mac web servers, Windows desktops, and linux data centers with no direct outside link, this would be hard te get through illegitimately. What are the chances M$ would try to sell something like this?
kenny
Registered
I completely agree. Heterogenous networks are the way to go, but Microsoft will not allow that to happen if they have any choice. Their strategey has always been end-to-end ownership of the network - from handhelds all the way to the enterprise-grade servers (although, I don't believe that Microsoft really understands what it means to be enterprise-grade the way, say, Sun does).
The huge problem with heterogenous networks is managing them. I work in an environment that uses Sun, HP, AS/400, Winnt, and Linux to name a few (sorry, no Macs
). Around each of these platforms has grown different empires; the NT guys, the Unix guys, the mainframe guys, etc. Getting each group to agree with the others on anything is usually a lengthy and painful process. And Microsoft knows this. It's exactly this sort of culture that they sell to avoid - "Wouldn't it be so much easier if there were only one platform to manage (Windows)?" They're partially right, damn them, but it would do nothing for the ultimate security of the network...
The huge problem with heterogenous networks is managing them. I work in an environment that uses Sun, HP, AS/400, Winnt, and Linux to name a few (sorry, no Macs
). Around each of these platforms has grown different empires; the NT guys, the Unix guys, the mainframe guys, etc. Getting each group to agree with the others on anything is usually a lengthy and painful process. And Microsoft knows this. It's exactly this sort of culture that they sell to avoid - "Wouldn't it be so much easier if there were only one platform to manage (Windows)?" They're partially right, damn them, but it would do nothing for the ultimate security of the network...OK, a completely heterogeneous network can be a bear to manage, but a completely homogeneous network will either live flawlessly or fail catastrophically. The sweet spot is somewhere in between. And you definitely have to plan ahead to deal with the potential issues. If you're pure windows though, you need to plan for the unexpected arrival of Anna Kournikova.