With the Sobig.F worm on the wane and its successor presumed to be waiting in the wings, fingers are pointing angrily at Redmond.
"People sometimes ask me why I loathe and detest Microsoft with such a visceral passion," wrote packet-radio pioneer and security
expert Phil Karn on his Web site. "A major reason is the never-ending stream of viruses and worms infesting [Microsoft's] abysmally insecure software."
For users of Linux and Mac OS X, the recent outbreak was a bittersweet validation. These systems were immune to the worm but
-- because we are all e-mail users -- not to its effects.
Open source software partisans never seem to follow their argument to its logical conclusion, however. If more people used
Linux and/or Mac OS X, more attackers would exploit the vulnerabilities of these systems. Hardly anybody argues that those
systems are invulnerable to attack. What most serious advocates claim, rather, is that the open source process includes a
more thorough review of code, resulting in more effective means for discovering and repairing flaws. That's a credible claim,
especially when you compare today's open source methodology to what Microsoft, by its own admission, has been doing until
recently. But times change.
Critics used to delight in saying that Microsoft would never "get" the Internet. Now that Microsoft is a leading contributor
to Internet standards, you don't hear that complaint so much. In fact, the Microsoft that didn't "get" security has largely
been reinvented. The effects of Microsoft’s heightened awareness and newfound commitment to rigorous code review, however,
won't be felt for a long time, especially because Windows 9x isn't going away anytime soon. According to Microsoft Senior
Developer Chris Brumme, who was diverted from stress-testing the CLR (Common Language Run time) to reviewing the DCOM (Distributed
Component Object Model) stack in the wake of MSBlast, "Some of those source files contain comments from the ’80s."
You can't turn Windows’ installed base on a dime, but you can turn it eventually. In four or five years, the true nature of
the struggle between the methodologies of Microsoft and the open source community may finally begin to emerge. My hunch is
that both strategies will produce reliable and secure software, and that competition between them will benefit everyone. Neither
strategy will deliver perfect security, of course, because no such thing exists. We'll always be assessing risks and making
trade-offs.
In his new book, Beyond Fear, Bruce Schneier -- one of the world's leading authorities on security trade-offs -- completes the metamorphosis from cryptographer
to pragmatist that began with Secrets and Lies, published in 2000. The new book dissects a range of security solutions in terms of the agendas of the players (attackers
and defenders) and touches -- too briefly -- on ways of modifying those agendas. I particularly like the idea that insurance,
the standard tool used in business to control risk and convert variable costs to fixed costs, can help make developers accountable
for insecure software. Product-liability laws aren't likely to change anytime soon. But if actuaries measured the risk associated
with use of competing software products and priced insurance policies accordingly, maybe we could close the feedback loop
in a positive way.
The mess we're in is largely Microsoft's fault, to be sure, but any dominant software player would have created a similar
mess. Ideology, of any flavor, won't help. We need rational ways to quantify risk and to value its mitigation.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
