Yet Another Security Initiative From Microsoft

Bill Gates, Microsoft Chairman, gave the keynote address at the RSA Security conference held in San Francisco this week. Mr. Gates introduced yet another Microsoft security initiative to a somewhat hostile audience.

He explained that the majority of Microsoft's research and development budget now goes towards security. "Our research group is making advances that are very important here," he said. Gates also spoke about the now two year old Microsoft Trusted Computing initiative. "Over the last two years, I think we've made a lot of progress," he said. Indeed, new software developed and launched since the initiative began has proven to be more secure, with Windows 2003 having about half the critical vulnerabilities of its predecessor.

"The people who attack these systems are getting more and more sophisticated," Gates said. "For every time we take a type of attack and eliminate that as an opportunity, they move up to a whole new level. That's not an unending process - we can make it dramatically difficult," but it will require substantially more work on Microsoft's part, and will also require a change in attitude.

"[Security] is not at the top of the list of what should hold us back from innovating," Gates said. "I'm very optimistic about this, even though there are a lot of years of work ahead of us."

RSA Security, the host to the annual conference, develops and sells various encryption products, including the popular PGP encryption package. RSA technology also helps make shopping secure on the Internet by providing the safe encryption between web browsers and servers known as SSL.

Microsoft's New Security Plan

Microsoft is introducing some new features into some of its key products. These include:

• A code-scanning feature build into the next version of the programmer's Visual Studio
• A pop-up blocker added to Internet Explorer
• An enhanced firewall for Windows XP
• Various "active protection technologies" which will monitor a computer's performance and usage looking for potential viruses and worms
• White lists built into Outlook to provide an "opt-in" capability for e-mail receipt
• E-mail puzzle inclusion, which would slow down the delivery of SPAM, and also increase the cost to SPAMmers

A new system-wide Windows Security Control Center will also be introduced into Windows XP in Security Pack 2. This control center will monitor various security aspects of any computer it is installed on. It is intended to provide users with an overview of their computer's current security level. It will let them know what their anti-virus, firewall and other security software has been up to.

Conclusion

Microsoft's position as the number one target for hackers isn't likely to change until Microsoft's own position as the number one software vendor world-wide changes. Gate's own attitude of innovation before security isn't going to hurry things along. It will be a long time before things are solved at Microsoft.

Gates conclusion? "There's not a single solution to the problem of cyber security," he said. "It's a range of solutions that need to be deployed collectively to raise the overall security." Let's hope they hurry.

See Also

• Over $40 billion in costs world-wide for Microsoft Viruses just in February, 2004.
• ZDNet - Netsky causing billions in damages
• Text of Bill Gates' Speech at the RSA Convention
• Microsoft Demos New Security Features

View Responses (0)

Post Response