In his keynote presentation Wednesday at the Gartner Symposium/ITxpo here, Ballmer asked Windows users to trust him that Microsoft would do whatever it could to fix security problems.
"Trust is not a word that I would use" in relation to Microsofts promises on security, said Paula Dallabetta, director of product marking at CreekPath Systems Inc., a storage management software producer based in Longmont, Colo.
She said she has no reason to trust Microsoft because it "hasnt delivered anything to date" that improves the security situation.
"People always joke that Microsoft has set the bottom bar in terms of security," she said. Dallabetta said she might begin to trust Microsoft "with the delivery of a product that actually works."
In his speech Wednesday, Ballmer said Microsoft has "learned more about security than anyone else in the world."
"We need to focus in on a few things," he said. "We need to engineer in fewer vulnerabilities going forward. We have new development tools to spot security vulnerabilities. We will release those to users. These tools have made a difference in [Windows] Server 2003 and [Windows] XP SP2 [Service Pack 2]."
Dallabetta said she hasnt deployed Windows XP SP2 and will rely on her companys IT department to determine whether to install it companywide. CreekPath Systems has had to contend with security issues and still has security concerns it hopes Microsoft eventually will resolve. She declined to describe in detail any security breaches the company has experienced.
It really doesnt matter whether one trusts that Microsoft will keep Ballmers promise to fix security loopholes in Windows, said Richard Warren, chief financial officer at Sterling Life Insurance Co. of Bellingham, Wash. If Microsoft doesnt manage to fix the problems, "What are you going to do about it?" Warren asked. He said most people have little choice but continue working with Windows.
But Warren said he agrees with Ballmer that Microsoft is certainly in the best position to understand the problem "because they have had the most exposure to it."
"I believe they are committed to trying to do something to solve the problem," Warren said. But he said a question remains about how much Microsoft or anyone else can do to solve all of the security issues.
"I think that the problem is evolving," he said. "Its like saying that you are going to win the war on terrorism." New security threats and avenues for attack keep cropping up, he said.
"There are always people whose mission in life is to penetrate other peoples networks," Warren said. Hackers are always going to try to find new ways to breach computer security measures, so there is no guarantee that Microsoft is going to be able to permanently solve the problem, he said.