linuxdot.org Linux Expo Birmingham 2002
Linux news | Newbie's Linux manual | Linux links | Link us
The Linux columns | Book reviews
  DistroWatch + TuxReports October 22, 2002

Microsoft "gets it" at last?

Bill Turnerby , 19 January, 2002

Kudos to Microsoft and Bill G. for finally seeing the light on the absolute importance of security in their products. Personally, I have to wonder why it took them so long. Outlook Express and Internet Explorer (to name two of the worst), have been the subject of numerous and widespread security holes for a long time now. The Melissa email virus took down servers worldwide. A long list of others as well. All using exploits that Microsoft chose to do nothing about, even when it was something that was not only well-known, but a long-standing exploit.

I sincerely hope that Microsoft is going to put security-fixes as the top priority in their products. I have to see it first though. Like Laurence, I do not think six weeks to get a patch out to fix a security problem is a "speedy response". Two days would be a speedy response.

Microsoft needs to take a page from the anti-virus people. Have someone on-watch 24/7. Soon as something is discovered you do whatever it takes to get the fix out the door to the people that need it. This is not a "Monday-to-Friday 9-to-5" job. Security should be a concern every minute of every day.

If Microsoft cannot, or will not do whatever it takes, to make their products as secure as possible, there are always Microsoft alternatives to every product they produce. They would do well to remember that.

CIO's worldwide are sick to death of having Microsoft ignore security holes in their products you could drive a Mack truck through. A nice marketing campaign means nothing. A pretty face, means nothing.

Even the most fanatical Microsoft booster has a hard time explaining to their CEO--yet again--why his company's computers got taken down, worldwide, by yet another "Melissa" virus run amok.

Microsoft claims to have gotten that at long last. We will see soon enough. Their response to the next Melissa-type problem will be a pretty clear indication of how seriously they are taking security. I'm giving odds they fail that test. Badly.

About us  
Latest stable kernel: 2.4.19 | Latest development kernel: 2.5.44
Copyright © 1998-2002 Linuxdot.org.
Linux ® is a registered trademark of Linus Torvalds.