Gates Unleashes Security Initiatives at RSA

Microsoft Chairman Bill Gates on Tuesday unveiled many new security technologies slated for inclusion in Windows over the coming months and even years. The new capabilities include a dynamic protection system and a caller ID system for e-mail.

SAN FRANCISCO—Bill Gates used his keynote speech at the RSA Conference here Tuesday to unveil a host of new technologies and features that Microsoft Corp. is preparing to drop into Windows in the coming months and years. Many of the revelations will come as bad news for the security vendors assembled here, as the worlds largest software company will be giving away a lot of the features and technologies that these vendors are all trying to sell.

Gates spoke to what was likely the largest crowd in this conferences history, and was warmly received by the assembled security experts, cryptographers and CIOs, despite Microsofts somewhat shaky reputation in the security community.

The new technologies that Gates introduced include a code-scanning feature in the next release of Visual Studio, a new Security Control Center in Windows XP and a set of advances known collectively as Dynamic System Protection. He also discussed several efforts that Microsoft is making to help slash the amount of spam on the Internet, including a kind of caller ID system for e-mail.

Sounding confident in the strides that his company has made in recent years, Gates said that security should not be a hindrance to innovation.

"This is not at the top of the list of what should hold us back from innovating," said Gates, chairman and chief software architect at Microsoft, based in Redmond, Wash. "Im very optimistic about this, even though there are a lot of years of work ahead of us."

The first of the new security technologies to reach customers will be the Security Control Center and some changes to Internet Explorer and the Windows Firewall that are included in Service Pack 2 for Windows XP. The firewall, formerly known as the Internet Connection Firewall, will give users the option of allowing or preventing applications from accessing the Internet on a case by case basis, much the way that other personal firewalls do.

Administrators also will be able to manage multiple Windows Firewalls from a central location and will have the ability to establish multiple security profiles for each machine, depending upon whether the PC is on the corporate network or in another location.

The Security Control Center is essentially a GUI-based management console that gives users an overview of the security posture of their PCs, including the status of antivirus software, the Windows Firewall and other security-related systems.

For many, the most interesting revelation is the Dynamic System Protection technology that is currently in alpha form. The system is a collection of features that, taken together, will amount to a host-intrusion-prevention solution, all built into Windows.

The key element is a behavior-blocking capability that is tied into the Windows Firewall, as well as ISA Server 2004, Microsofts corporate firewall product.

The system can detect the security state of a given machine, finding problems such as missing patches. In a demonstration, the system found that a Windows XP machine was without a patch that protects against an attack on IE. So, when the user visited a site that tried to download a potentially dangerous ActiveX control on the PC, the firewall dynamically blocked the control and informed the user of the action and why it happened.

The technology also can detect configuration changes, application modifications and changes in the location of the machine and adjust the PCs security posture accordingly.

On the spam front, Gates said that Microsoft is working with all of the major ISPs on an initiative to positively identify the senders of e-mail. The system will rely on data from the DNS infrastructure to ferret out the true IP address of e-mail senders in an attempt to defeat the address-spoofing that is de rigeur for spammers. Gates said the system may be up and running by this summer.

Gates got a big round of applause from the RSA partisans in the crowd when he announced that Microsoft and RSA Security Inc. have developed a joint two-factor authentication solution using RSAs SecurID tokens. The solution will require users to enter a PIN and a one-time password for authentication, regardless of whether the machine is connected to the corporate network.

Gates nearly was upstaged, however, by his warm-up act, ABC News contributor and political commentator Cokie Roberts, who came out swinging at both the Republicans and Democrats and drew a lot of laughs from the overflow crowd. Comparing the world of computer security to the body politic, Roberts said she couldnt help but laugh when she read over the agenda for the conference.

"Hacks, attacks and flaws. I thought, This is my world. Im surrounded by hacks, there are always plenty of political attacks, and lets not even talk about the character flaws," Roberts said. "And identity theft? Every one of the Democratic candidates is trying to steal Bill Clintons identity. Without Monica, of course."

Analyzing the reasons for George W. Bushs victory in the 2000 election, Roberts noted that regular churchgoers overwhelmingly voted for Bush, while voters who rarely attended church were mainly in Al Gores camp.

"[Gores Supporters] were probably at home with the Internet. Which he had invented," Roberts deadpanned, drawing a roar of laughter from the audience. "This is a problem for Democrats, because they dont really want to be the party of heathens."

/zimages/2/28571.gifCheck out eWEEK.coms Server and Networking Center at for the latest news, views and analysis on servers, switching and networking protocols for the enterprise and small businesses.