Yukon to Ship with Features Securely Off

By Lisa Vaas  |  Posted 2004-02-25

Yukon to Ship with Features Securely Off

In an effort to make it more secure, Microsoft Corp.s "Yukon" version of its SQL Server database will ship with certain features turned off, according to Microsoft Director of Product Management for SQL Server Tom Rizzo, in Redmond, Wash.

Rizzo said that, while its too early to say exactly which features will be turned off, core functionality features will be left on in order to ensure that getting the database running out of the box wont be a nightmare. "We dont want you to go to install it and find it wont work out of the box," he said.

Microsoft engineers are also working to ensure that customers wont have to go through painful gyrations to turn on the turned-off features. "New functionality—extensions and things that make the server even better—well turn off by default, but well make it easy to turn those back on. We dont want customers to say, Hey, I like XYZ feature, but I have to go through this nightmare process to turn it on."

There are signs that the second beta of "Yukon" (which is the code name for Microsoft Corp.s update of its SQL Server database), originally expected in late spring or early summer, is already well on its way.

While Beta 1 is a closed beta for past testers and certain customers only, Beta 2 will be public, and people interested in Yukon will be able to participate in Microsofts Customer Preview Program.

Next page: Screwing the lid down on SQL Server.

Securing SQL Server

While customers await Yukon, however, SQL Server itself has been getting more secure, Rizzo said. Microsoft has been spending extra money on security, as executives acknowledged during the companys second-quarter financial conference call, with much of the funds getting pumped into educating developers and customers.

One security-related educational venture has been the recent launch of the new Security Guidance Center on Microsofts TechNet site. Launched about two weeks ago, the Center is a portal for all things security-related that might concern SQL Server customers. Security-related funds are also going to other initiatives, including Webcasts, written articles and other educational ventures for outside partners and customers, Rizzo said.

Rizzo also pointed to Microsofts automated Baseline Security Analyzer tool as proof that the company is helping customers to secure SQL Server. Released some two years ago, this free tool seeks out unpatched Windows systems and applications on networks, then tells users what they need and where to find patches. Finally, the company is aiming to come out with a SQL Server-specific update feature similar to its current Windows Update, which notifies users when patches or drivers are available, though a release date has yet to be determined.

Customers are clamoring for such a feature in hopes that it could protect them from catastrophes such as that wrought by Slammer. Slammer, a SQL Server worm that brought down the Internet some 13 months ago, preyed on machines that lacked a patch that had been available for some time. As a result, many small to medium-sized businesses with small and/or overworked IT staffs voiced need for some help with patch management.

To find out how patch mismanagement fueled Slammer, click here.

Next page: More people, more strategy around adding features.

Securing the Design Process

Microsofts security efforts have borne fruit. For example, SQL Server 2000 has only had one critical alert since Service Pack 3 shipped over a year ago.

For its part, Yukon is being designed using a three-part process. First, Microsoft sends program managers, developers and testers through security training so theyll understand what the most common types of flaws are in developers code. Such common flaws include opening ports, buffer overruns and integer overruns, Rizzo said.

Next, as product features are being designed, product managers follow a ritual of asking security-related questions about the feature, such as, whats the security of this feature? Does it open ports? And, is it vulnerable to injection attacks?Only then are developers free to go off and build a given feature.

The third leg of security comes in with the use of automated tools that scan each line of code, plucking out commonly made mistakes. Such automated tools are a help. Line-by-line, manual code analysis was performed on SQL Server 2000 and 7.0—a process that took some three months, Rizzo said—back when Microsofts security push resulted in Service Pack 3.

Microsoft has also been staffing up its SWAT teams, which consist of ethical hackers who try to crack Yukon and other SQL Server versions. Rizzo said that recently Microsoft added "a whole bunch" of ethical hackers to the SQL Server team but declined to name how many new staffers were brought on-board.

"Of the 1,000 people who work on SQL Server, securitys top of mind," he said. "Even though we have a SWAT team, everyones on the SWAT team."

Check out eWEEK.coms Database Center at http://database.eweek.com for more database news, views and analysis.

Be sure to add our eWEEK.com database news feed to your RSS newsreader:

Rocket Fuel