First tangible Trustworthy Computing Initiative from Microsoft
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 08/14/03
- Previous message: Marc Brawner: "Re: Delving into the contents of MS03-026 on XP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 14 Aug 2003 10:36:12 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
In an interview with noted tech journalist John Markoff of the New York Times;
http://www.nytimes.com/2003/08/14/technology/14WORM.html
long time friend and newly appointed Microsoft Director of Security Engineering Strategies, Steve Lipner, said that Microsoft was changing the default configuration of the Internet Connection Firewall shipped with Windows XP. Instead of being partially configured, it will now be fully configured.
The significance here to me is that this is the first time that Microsoft has ever gone back and altered the defaults of an existing product. Historically, you wouldn't see such a change until the next major version release of the OS.
This is a clear sign that there is an understanding that existing systems are as important as future versions. The closest thing to happen like this in the past was the Microsoft Strategic Technology Protection Program, also run by Steve, which was a great initiative that died somewhere along the way (well, died after it was released really.)
Hopefully this won't be the only step they take towards dealing with previously released products, we look forward to initiatives that will actually reach people who are dumb-founded by notices that new updates are available, fail to maintain their AV definitions, or double-click on attachments in Outlook Express.
After ragging on the initiative for so long, I had to acknowledge this step forward. It may be interesting to note that Steve isn't part of the official "Trustworthy Computing Initiative" headed by Scott Charney. Instead, this comes from yet another Trustworthy Computing Initiative run out of the Windows Development Group and/or Security Business Unit. Seems Charney's group are somewhat at odds with each other.
Cheers,
Russ - NTBugtraq Editor
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to
http://www.trusecure.com/offer/s0100/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Marc Brawner: "Re: Delving into the contents of MS03-026 on XP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
