Security Market Segment LS
Wednesday, 16 February 2011 09:23

Microsoft: Typhoid Mary wants others to carry the can


COMMENT Passing the buck is a game at which Microsoft is adept. In the computer security industry, one needs to have tons of chutzpah to hold others responsible for one's own security stuff-ups.

The good folk at Redmond possess this quality in spades.

Probably the best example of chutzpah that I can recall came from a young Bill Gates many years ago when the company was getting off the starting blocks. As Paul Allen, the other co-founder, had also taken up a job as head of software at MITs, the maker of the Altair, Gates argued that since he was working for Microsoft only and Allen was dividing his time, he (Gates) should have 64 percent of the founders' shares and Allen should only get 36 percent.

Shortly after the division was done this way, young Bill went to MITs founder Ed Roberts and got a job there as well, for $US10 an hour. Microsoft's culture has always been defined by Gates.

Scott Charney's comments at the ongoing RSA conference are a good example of the blithe manner in which Microsoft tries to force the rest of the world to carry the can for the abysmal security of its products.

The monoculture otherwise known as Windows is in the main responsible for the plethora of viruses, worms, malware, scumware and other such $wares that plague the internet. DDoS attacks come, more often than not, from armies of Windows machines grouped in a botnet.

Sure, there are other operating systems involved too but they are in a minority. A very small minority. Windows is the main problem and everyone, his/her dog, his/her cat and his/her goldfish is aware of that.

For Microsoft, security has always been a PR problem. A good example of how it goes about conveying this message to the masses is detailed here.

Microsoft is the Typhoid Mary of the internet - with a little twist. The company is fully aware that its products are the problem; Mary Mallon was a carrier of typhoid and was unaware of it.



COMMENT But back to Charney. The Microsoft security chief wants websites to devise a means whereby infected PCs can be detected and blocked from gaining access to said website. This squarely puts the responsibility for containing the digital equivalent of the bubonic plague - for which Windows is mainly responsible - on website creators.

It's a method of franchising a problem. It's like saying, "we've screwed up but we'd like you to carry the can - for free."

But when people like Charney advance solutions to push the responsibility for $ware onto others, others in the industry bend over backwards and form a cheer squad.

In this instance, we have Howard Schmidt, cyber security coordinator at the White House, saying Charney's "self-healing, self-detection, self-solving of consequences model" has merit.

And, of course, we have Microsoft's faithful acolyte, Symantec, saying, through its chief executive Enrique Salem, that "everyone has a role".

Australia's Internet Industry Association, a lobby group for the big ISPs, has also decided to carry part of the burden for Microsoft by setting up a website called icode which carried instructions for de-infecting one's PC. An infected PC is redirected to the icode homepage by an ISP. The icode project kicked off in December last year.

This will not fix the problem. No, it will only encourage more casual security practices by software vendors - after all, someone is out there with a safety net.

There's cause - in this case poor security in Windows - and effect - the various $wares. Dealing with the effects is of no use. If you have a cut on your hand and develop a fever as a result, it's no point treating the fever. Get rid of the cause - the cut - and the fever will disappear.

I'm waiting for the day when Microsoft gets serious about dealing with security problems in its products instead of calling on the equivalent of vassal states to do its job. Somehow, I suspect it won't come in my lifetime.


Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News