MESSAGE
| DATE | 2003-09-26 |
| FROM | Michael Richardson
|
| SUBJECT | RE: [hangout] Microsoft: National Security Threat?
|
Can Microsoft be detained under the Patriot Act?
-----Original Message-----
From: Inker, Evan [mailto:EInker-at-gam.com]
Sent: Friday, September 26, 2003 11:52 AM
To: hangout-at-nylxs.com
Subject: [hangout] Microsoft: National Security Threat?
September 25, 2003
Microsoft: National Security Threat?
By Roy Mark
http://dc.internet.com/news/article.php/3083121
The government's increasing reliance on Microsoft (Quote, Chart) desktop
software makes federal systems "susceptible to massive, cascading failures,"
according to a report issued Wednesday by the Computer & Communications
Industry Association (CCIA), an industry organization that promotes open
systems and networks.
The report was promptly criticized by another trade group, which includes
Microsoft as one of its members, as "marketing by fear to line the pockets
of a handful of large companies" that compete with Microsoft.
The CCIA paper was presented in Washington during the CCIA's meeting of
government and industry officials.
"As fast as the world's computing infrastructure is growing, vulnerability
to attack is growing faster still," said Daniel Geer, the report's author
and chief technical officer of -at-Stake, a computer security consulting firm.
"Microsoft's attempts to tightly integrate myriad applications with its
operating system have significantly contributed to excessive and complexity
and vulnerability. The deterioration of security compounds when nearly all
computers rely on a single operating system subject to the same
vulnerabilities the world over."
Microsoft's software is pervasive throughout the government. In July, for
instance, the Department of Homeland Security signed a five-year, $90
million contract with Microsoft to supply Windows operating systems for its
140,000 employees. The government also heavily depends on a number of other
Microsoft products including word processors, spread sheets, Internet
browsers and multi-media players.
Geer said Microsoft's near monopoly of government business ensures that its
software will continue to be the number one target of viruses, worms and
other attacks.
"Ironically," Geer said, "Microsoft's efforts to deny interoperability of
Windows with legitimate non-Microsoft applications have created an
environment in which Microsoft programs interoperate efficiently only with
Internet viruses.
According to the report, Microsoft's complex integration of its programs
with its operating system requires writing code that is "15 to 35 times more
complex and, by extension, more vulnerable to attack" than its peers.
"Beyond a certain threshold of complexity, patches become inadequate and
perhaps even counter productive," the report states. "When complexity
produces vulnerability, adding more code via patches ultimately exacerbates
the problem."
The CCIA wants the government to require Microsoft to make its code
available in order for competitors to design applications that integrate
better with Microsoft products. The group also says the government should
require Microsoft to design its applications to work better with
competitors' programs.
In response to the white paper, Jim Prendergast, executive director of
Americans for Technology Leadership (ATL), said the CCIA was attempting to
exploit cyber-security issues.
"Computer security is a serious issue that affects consumers, government and
the entire technology industry and it is a real shame that the issue is now
being exploited by CCIA as one more element of their anti-Microsoft
campaign," Prendergast, who counts Microsoft as a member of his group, said
in an statement. "Cyber-security is an industry-wide problem that will not
be solved by malicious finger pointing and political attacks."
Prendergast stressed that consumers, including government users, play a
significant role in cyber-security, saying users need to install and keep
virus software up to date, activate or install a firewall, delete any
questionable e-mails and regularly change passwords.
"Software security is a never ending battle that the technology industry is
constantly fighting. It's critical that consumers know that by following a
few simple steps, they can play a big role to insure that they do not become
a victim of a cyber attack or an unwilling participant in spreading an
attack to others," Prendergast said.
Prendergast added, "The tech sector has enough challenges without worrying
about the specter of more regulation and litigation."
****************************************************************************
This message contains confidential information and is intended only
for the individual or entity named. If you are not the named addressee
you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received
this e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed, arrive
late or incomplete, or contain viruses. The sender therefore does not
accept liability for any errors or omissions in the contents of this
message which arise as a result of e-mail transmission.
If verification is required please request a hard-copy version.
This message is provided for informational purposes and should not
be construed as an invitation or offer to buy or sell any securities or
related financial instruments.
GAM operates in many jurisdictions and is
regulated or licensed in those jurisdictions as required.
****************************************************************************
____________________________
NYLXS: New Yorker Free Software Users Scene
Fair Use -
because it's either fair use or useless....
NYLXS is a trademark of NYLXS, Inc
____________________________
NYLXS: New Yorker Free Software Users Scene
Fair Use -
because it's either fair use or useless....
NYLXS is a trademark of NYLXS, Inc
|
|
