Coffeehouse Thread

30 posts

Microsoft, innovation, security and 9/11

Back to Forum: Coffeehouse
  • User profile image
    FG

    I think, as an external observer, that Microsoft is becoming, during the last month, too conservative (see Longhorn and Windows light versions). The shift from new features and performances to security, in my opinion, is a dangerous choice in a highly innovative market such as ICT.

     

    I’m afraid that Microsoft is suffering of the 9/11 Americans syndrome.

     

    When innovates (Longhorn) Microsoft appear to be slower then smaller competitors.

     

    The idea to completely secure complex systems (as the user + operating system connected at a world wide scale) is foolish. In few month, someone will find a way to bypass the SP2 security features or use that code against the security itself (we’ve already seen samples of it). And Microsoft will develop new patches. And user will update. And than hacker or computer scientist will find new holes. And…

     

    In the meanwhile some users (although forced by secure default options) will probably continue to neglect the importance of the updates, firewall and antivirus.

     

    I think we have to accept this iteration (code-patches-code) as physiological to the system. This happens because we are not able to predict the evolution of complex systems and not because Microsoft is not able to write secure code (and there is no reason to believe that Linux or OSX code is more secure).

     

    The number of people who use the same Windows OS in the world and the connectivity offered by the Internet constitute a strictly insecure complex environment. One possible chance for the system to become more secure is to differentiate. One of the main reason we have less linux virus then windows (first one is, of course, the windows diffusion) is because any linux distribution is slightly different then any others.

     

    That’s why interoperability standard are the key for security. When we have such a kind of standard the system can differentiate. TCP/IP and WWW is a great example of it.

     

    I’ll be happy to discuss with you this ideas.

     

    Best regards, FG.

  • User profile image
    Manip2

    I think Microsoft's shift towards security is long due and has very little to do with 9/11. I mean look at the MS code base that has been getting worse and worse if they don't act now and start securing it then it is going to continue getting worse.

    What important features do you need? If you just want 'features' all your going to get is forced ideas, things just for the sake of it. Really good ideas present themselves. And performance is always important but I don't think they have shifted away from performance or at least not that I've seen any evidence of.

    The fact that America is on a security crack down and then Microsoft does the same is purely coincidence. Microsoft would have had to switch to security sooner or later and I have never heard it suggested that these 'terrorists' are going to attack using people’s home computers.

     

     

     

  • User profile image
    Tom Malone

    linux is not really more secure because of different distros as, for a start you can statically link binaries, and secondly, they still act in the same way, they just have slightly different versions and in the different places.

    Also there is a slight difference in microsoft and 9/11, as 9/11 is a result if americas foreign policy and internet hacking is the result of?

  • User profile image
    eagle

    Il detto ciò "Microsoft soffre della 9/11 sindrome di Americani" è realmente stupido.

    Penso che lei siano lo stesso Inglese che viene qui di tutti i giorni.

  • User profile image
    Shining Arcanine

    Tom Malone wrote:
    linux is not really more secure because of different distros as, for a start you can statically link binaries, and secondly, they still act in the same way, they just have slightly different versions and in the different places.

    Also there is a slight difference in microsoft and 9/11, as 9/11 is a result if americas foreign policy and internet hacking is the result of?


    9/11 was the result of the mentality that we were safe from problems of the rest of the world. Unless you consider that to be foreign policy, they are two different things.

  • User profile image
    lars

    FG wrote:

    I think we have to accept this iteration (code-patches-code) as physiological to the system. This happens because we are not able to predict the evolution of complex systems and not because Microsoft is not able to write secure code (and there is no reason to believe that Linux or OSX code is more secure).



    I think you are correct. There is just no way to be 100% sure that any non-trivial system is totally secure (free of bugs). So the cycle will go on.

     

    FG wrote:
    The number of people who use the same Windows OS in the world and the connectivity offered by the Internet constitute a strictly insecure complex environment. One possible chance for the system to become more secure is to differentiate.


    Good point. If you don't run the same software as most internet hosts the chances are lower that you will be hit by worms that spread automaticly. But it's a two edged sword. Smaller user base means less testing and less reported and fixed bugs.

  • User profile image
    lars

    Tom Malone wrote:
    Also there is a slight difference in microsoft and 9/11, as 9/11 is a result if americas foreign policy and internet hacking is the result of?


    I agree with you. But the American people is scared shitless and will buy anything that ups their sense of being "secure". So what Microsoft is doing is good both for the users and for the bottom line. Especially since your next door 12yr old script kiddie nowadays is refered to as a "terrorist".

    (Edit: I just want to make it clear that I think Microsofts move towards focusing on security is a good thing no matter what their motives are for doing so. Just in case that isn't apparent.)

  • User profile image
    FG

    lars wrote:
    FG wrote:

    I think we have to accept this iteration (code-patches-code) as physiological to the system. This happens because we are not able to predict the evolution of complex systems and not because Microsoft is not able to write secure code (and there is no reason to believe that Linux or OSX code is more secure).



    I think you are correct. There is just no way to be 100% sure that any non-trivial system is totally secure (free of bugs). So the cycle will go on.

     

    FG wrote: The number of people who use the same Windows OS in the world and the connectivity offered by the Internet constitute a strictly insecure complex environment. One possible chance for the system to become more secure is to differentiate.


    Good point. If you don't run the same software as most internet hosts the chances are lower that you will be hit by worms that spread automaticly. But it's a two edged sword. Smaller user base means less testing and less reported and fixed bugs.



    You are right. Otherwise, a bug is really a bug only if you now it exist.

    less users = less extensive test = less (discovered) bug = more secure system ?

    Smiley

    To answer to someone else to. When I talk about security instead of features I refer mainly to WinFS. I tried the PDC release of Longhorn and I really believe that WinFS was the killer application of the future Windows. Microsoft competitor (Apple, Google, some open source projects) are expeted to ship fast meta-data search engine sooner. Why?

    About the 9/11 and Microsoft behavior connection I know that U.S. government (after 9/11) is funding almost everything that deals with security. With this enfasi on security Gates and Ballmer play, in some way, the Bush "war on terror" game.

  • User profile image
    eagle

    Lei sa che quanti italiani sono morti su 9/11?

  • User profile image
    lars

    FG wrote:

    less users = less extensive test = less (discovered) bug = more secure system ?


    That is also true. It's not easy to tell which one outweighs the other. If noone ever tries to break into your house, does it matter if the door is locked? Smiley


  • User profile image
    lars

    eagle wrote:
    Lei sa che quanti italiani sono morti su 9/11?


    Thank God for the Babelfish. Smiley

  • User profile image
    FG

    Lei sa quanti italiani sono morti l'undici settembre?

    (this is a better translation)

     

    I can’t understand the reasons of your question.

    Anyway I don’t know.

     

    I can understand how a big shock 9/11 was for us people. I also believe this shock is being (and is) used for political reasons by Mr Bush. Don’t forget that Bill Gates is one of the main republican party financial supporter.

    Best regards.

  • User profile image
    Manip2

    Oil

  • User profile image
    FG

    eagle wrote:
    Lei non sono italiano, your a slimey British provocateur.


    Why do you think so?

  • User profile image
    eagle

    Lei non sono italiano, you're a slimey British provocateur.

  • User profile image
    Manip2

    Eagle, who are you suggesting he is?

  • User profile image
    eagle

    You're too familiar...

    The cadence of your writing gives you away and only a Brit could be so verbose.

    I've been to Italia many times, if you were from there you would be laughing...not asking a silly leading question.

  • User profile image
    eagle

    He'll be back tomorrow with different name, who do you think it is?

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.