Microsoft Takes Security Defense

By Peter Galli  |  Posted 2002-04-08 Print this article Print

Microsoft's newfound security zeal is shaping up to become one of the company's main weapons in its ongoing antitrust battle.

Microsoft Corp.s newfound security zeal is shaping up to become one of the companys main weapons in its ongoing antitrust battle. The Redmond, Wash., software maker launched its Trustworthy Computing initiative in January, claiming security would trump all other development concerns—including functionality and backward compatibility—going forward. The move came just as nine states and the District of Columbia began gathering evidence from industry rivals seeking interoperability as part of expanded remedies to thwart the companys monopolistic ways.
While outside the Washington, D.C., District Court Microsoft is pressing ahead with security efforts, inside the courtroom the company is pitting security against so-called code sharing. In cross-examining states witnesses, Microsoft has set up a zero-sum game in which more interoperability will mean less security.
Microsoft is banking on security concerns winning out, but the duality suggests that the company would have cause to rein in its Trustworthy Computing initiative if the interoperability argument does not sway the court, according to insiders. Users, even some who applauded the Trustworthy Computing initiative, said that using security concerns as a loophole to skirt code-sharing requirements could mean less interoperability among Windows, .Net, and third-party applications and platforms, resulting in major headaches for developers trying to tie disparate systems together. "They are afraid that if someone sees the code, it will allow people entrance into the fortress," said Eric Stromberg, a senior electrical engineer at Dow Chemical Co., in Midland, Mich. "In so saying, they have revealed that the walls around the fortress have holes big enough for people to crawl through. Microsoft not wanting to show their code is a smoke screen. They will come up with whatever excuse they can not to do it." Indeed, observers say that until Microsoft stops pitting interoperability against security and finds a way to reconcile both needs, little will change. "Security goes against the very thing that theyre designing for, which is openness [to other applications]," said Steve Raber, president and chief operating officer of CipherTrust Inc., an e-mail security company in Alpharetta, Ga., and a Microsoft partner. "Its like trying to make sure a net doesnt leak. But opening their code isnt going to hurt them." "We are moving ahead with Trustworthy Computing; its a company imperative, and we want to be very upfront about how much of a priority this is for us as a company," said Microsoft spokesman Jim Desler. Microsoft linked security to the issue of interoperability via interface disclosures in the settlement it inked with the Department of Justice in November. The deal requires certain API disclosures, but it allows Microsoft to refuse those disclosures given a sufficiently important security concern, which Microsoft alone would determine. The so-called security carve-out was among the issues that led dissenting states to reject the deal and pursue tougher remedies. On the witness stand late last month, Red Hat Inc. Chief Technology Officer Michael Tiemann said the DOJ settlement will leave Microsoft many ways to avoid the disclosures necessary to permit Linux to attempt interoperability. "[Microsoft] could argue that due to some nondisclosable security reason, they will not disclose key interfaces," Tiemann said. "And under that security [carve-out], there would be no further recourse." In addition to the API disclosure proposals, Microsoft remains concerned about security risks in a proposed requirement for a modular version of Windows, said Microsofts Desler. "The challenge becomes exponentially greater, given the support needs and testing requirements for the thousands of different versions of Windows that would be required if the states remedies pass," he said. Related stories:
  • At Microsoft, Security Trumps App Compatibility
  • Trusting in Microsoft
  • Microsoft Gets New Security Chief
  • Gates: Security Over Features
  • Following Through on Priority 1: Security
  • Special Report: Microsoft vs. DOJ
    Peter Galli has been a financial/technology reporter for 12 years at leading publications in South Africa, the UK and the US. He has been Investment Editor of South Africa's Business Day Newspaper, the sister publication of the Financial Times of London.

    He was also Group Financial Communications Manager for First National Bank, the second largest banking group in South Africa before moving on to become Executive News Editor of Business Report, the largest daily financial newspaper in South Africa, owned by the global Independent Newspapers group.

    He was responsible for a national reporting team of 20 based in four bureaus. He also edited and contributed to its weekly technology page, and launched a financial and technology radio service supplying daily news bulletins to the national broadcaster, the South African Broadcasting Corporation, which were then distributed to some 50 radio stations across the country.

    He was then transferred to San Francisco as Business Report's U.S. Correspondent to cover Silicon Valley, trade and finance between the US, Europe and emerging markets like South Africa. After serving that role for more than two years, he joined eWeek as a Senior Editor, covering software platforms in August 2000.

    He has comprehensively covered Microsoft and its Windows and .Net platforms, as well as the many legal challenges it has faced. He has also focused on Sun Microsystems and its Solaris operating environment, Java and Unix offerings. He covers developments in the open source community, particularly around the Linux kernel and the effects it will have on the enterprise.

    He has written extensively about new products for the Linux and Unix platforms, the development of open standards and critically looked at the potential Linux has to offer an alternative operating system and platform to Windows, .Net and Unix-based solutions like Solaris.

    His interviews with senior industry executives include Microsoft CEO Steve Ballmer, Linus Torvalds, the original developer of the Linux operating system, Sun CEO Scot McNealy, and Bill Zeitler, a senior vice president at IBM.

    For numerous examples of his writing you can search under his name at the eWEEK Website at


    Submit a Comment

    Loading Comments...
    Manage your Newsletters: Login   Register My Newsletters

    Rocket Fuel