Microsoft Enlisting Black Hat for Vista

Posted by benjamin on August 04th 2006 to General, Security, Microsoft

black-hat.jpgI haven’t forgotten about my promise to continue my rant on performance remoting, but first I wanted to follow up on yesterday’s post on Microsoft’s efforts to bolster security in their platform, with this interesting piece of reporting from news.com on how the software giant is enlisting the help of Black Hat conference attendees to find holes in the latest build of Vista.

Microsoft is handing out an early version of Vista at Black Hat and is soliciting feedback from attendees. “We hope that they will look at it and if they find any security issues we hope they will tell us,” Steven Lipner, senior director for security engineering strategy at Microsoft, said in an interview.

This can be read in several ways. One is that it’s great to see Microsoft building connections to such a community.

The other way to read it is as I read yesterday’s news, that being that Microsoft is once again looking for outside help when it comes to security. If it works that’s great but what concerns me is that it shows a general lack of internal competence in this area.

No Comments

Microsft to Bolster Security with Acquisitions

Posted by benjamin on August 03rd 2006 to General, Security, Software, Companies, Microsoft

broken_lock.jpgZdNet.co.uk has a piece about how Microsoft will be acquiring a number of niche security players to bolster its platform and Vista in particular.

I can’t help but feel the whole thing feels a bit piecemeal and Band-Aid-like:

“We will lock Vista down as much as we can. We hope Vista won’t have too many security disadvantages, but if it does we will address those as fast as we can [through Microsoft security products],” said Kutwaroo.

And then there’s the reality that such a strategy is not likely to entice large scale enterprises, like say, Wall Street, which the good folks at ZD had the sense to point out:

Security analyst Andy Buss of Canalys predicted that Microsoft would have a bigger impact on the consumer market with its OneCare security service than in the business arena with Forefront.

“Microsoft is not proven in the enterprise security space,” said Buss. “It will take longer to penetrate large businesses, which are naturally cautious [of unproven technology],” said Buss.

Although I like to complain, sometimes it’s no wonder why OS upgrades are so slow going at financial firms.

No Comments