It’s a matter of trust
- 14 September, 2003 22:00
A delay would probably upset only a few bleeding edge hipsters. Regrettably, software delays are far from unusual, and building an operating system like Longhorn is a huge undertaking. Most people would prefer Longhorn to be useful rather than early.
However, Longhorn’s shipping date does have implications for two of Microsoft’s most controversial initiatives: Software Assurance and Trustworthy Computing.
Software Assurance is Microsoft’s plan for corporates to license software, including updates, two years in advance (see MS users see licence cost hikes). Longhorn seems likely to be released after the current round of licensing expires, which may be a disappointment for some licensees.
Of course, that’s the risk you take with a licensing plan like Software Assurance. Most companies who adopt Software Assurance will be planning to stick with the programme — trying to upgrade a bunch of corporate desktops to squeeze inside a licensing deadline isn’t a great approach for IT departments. If it’s not cost-efficient, seek an alternative.
Of more concern is the delay in seeing benefits from the ballyhooed Trustworthy Computing programme. Trustworthy Computing was first heard of in early 2002, when Bill Gates sent an email to all Microsoft employees announcing the company needed to “go much further” in making its products secure.
“Our products should emphasise security right out of the box, and we must constantly refine and improve that security as threats evolve,” Gates wrote.
Twenty months later, and we’ve just had the worst month ever for computer security, according to some observers. The worst damage was caused by the Blaster and SoBig.F worms, both exploiting known and well-understood vulnerabilities in Windows desktop systems. By one estimate almost 75% of email traffic in mid-August was generated by SoBig.F.
Longhorn is supposed to deliver the fruits of Trustworthy Computing to end users, but in the meantime things are ugly on the desktop.
Trustworthy Computing correctly stresses that Microsoft needs to be seen by consumers as trustworthy. Here’s a short list of things Microsoft could do to make its products seem a little more, well, trustworthy.
- Stop shipping consumer PCs with unneeded, insecure services enabled. Microsoft has made a concerted effort to cut down on the number of default services running on its servers, but Windows XP Home Edition still has open ports for services such as Messenger and Windows RPC. Messenger — not to be confused with MSN Messenger — allows anybody to pop up messages on a user’s screen, and Windows RPC was the vector for the Blaster worm. Services intended for use by local networks should be disabled — anybody who needs a network should know how to switch them on.
- Make sure security updates don’t have other, unwanted changes. Security updates should always use the same licence agreement as the software that was originally installed. It’s not that long ago that updating an insecure version of Windows Media Player required consenting to a new EULA that allowed the content of your hard drive to be examined. Security updates should confirm the EULA hasn’t changed.
- Patching needs to be simple. I remember a recent patch for SQL Server that was delivered as a bunch of binary files with text instructions on how to install it. It was too easy to make a mistake, and not suitable for use in a production environment. When the Slammer worm emerged to exploit the hole, it was no surprise there were plenty of unpatched machines, including inside Microsoft itself.
- Security shouldn’t be used as a reason to need a paid upgrade. Just this month I received a security warning from Microsoft that I should patch Office to guard against a hole that allowed running “code of attacker’s choice”. What followed was a frustrating 30-minute journey through a number of website dead-ends before eventually learning I would have to contact Microsoft support directly to get a fix, which might incur a charge. Office 97 was the suite of choice just a few years ago. It should be supported.
It’s true that at least some of the responsibility for the spread of malware like SoBig sits between keyboard and chair. Blaster was well-predicted and a patch available before the worm struck, but too many users just don’t install Microsoft’s fixes. Perhaps it’s not surprising that one solution Microsoft has publicly mulled over is to set Windows Update to automatically check for, download and install updates without prompting users.
That’s an extreme step. Microsoft needs to meet its own trustworthy targets first.