Ben Fathi: looking beyond Vista

It’s not easy being Ben Fathi. As corporate vice president of Microsoft’s Security Technology Unit, Fathi took the place of longtime STU leader Mike Nash in March amid a larger management shake-up just days after Microsoft announced that the shipment date for Vista was slipping yet again. After Nash’s high-profile tenure, Fathi’s charge is more subtle: building what he calls a “trust ecosystem” around Vista and its new security features and promoting the company’s secure development practices. But first he must help get Vista out the door. Fathi sat down to talk with InfoWorld Senior Editor Paul Roberts at the recent Security Standard Conference in Boston about Vista’s progress, and the world after Vista.

InfoWorld: Recently there’s been some back and forth with Symantec about issues such as Vista’s Kernel Patch Protection feature for 64-bit systems, as well as some public criticism of Vista code for having security holes. What should enterprise folks make of that?

Ben Fathi: First, on the paper Symantec published: We thank them for their input. I think it’s unusual for a partner to go public with a paper like this on a beta product, but they did identify a few issues. To the best of my knowledge, all those were already fixed in more recent beta releases. We love to hear feedback on beta products. That’s why we’re in beta. It’s a test. We’ll fix them as long as they report them to us.

As for the kernel patching, we fundamentally believe that the current model of kernel patching is broken and not sustainable. We never recommended it or supported it on any version of our operating systems. As we’ve been telling our vendor partners, this is the only chance we have, as 64-bit computing becomes available, to start with a clean architecture and build on top of that. We want to work with you to find ways to extend the kernel functionality by having a clean architecture, APIs, and filters. … instead of patching instructions and data structures in the kernel. In the long term, what we want to do is move a lot of these functionalities to a hypervisor that sits under the kernel to make the kernel even smaller and the trusted computing base even more secure. We still have a window of opportunity here. … and we’re working with two or three vendors in the space to come up with that kind of architecture.

One of the other comments that’s been made is that [Kernel Patch Protection] is anti-trust. That we’ll go back in with our own products and get around it. That’s absolutely not true. We’d never do that.

IW: You recently patched a beta version of Vista. Is it a bad sign that you’re patching beta Vista?

BF: I believe that Vista is significantly more secure than any version of XP or anything else we’ve shipped in the past. Just SDL (secure development lifecycle) in general and the process of penetration testing and hardening kernel services. These all created a stronger, defense in depth strategy. What I would say is, Yeah, there will be patches and vulnerabilities as we move forward. What we’re hoping is that by creating these layers of defense, we’re giving customers, especially enterprise customers, a longer time to test and make sure things are not broken.

IW: Do you see your job description and responsibilities changing after Vista?