Hats Off to Microsoft Security Efforts

Attending the RSA security conference five years ago in San Jose, Calif., I sat in the audience while a member of the Microsoft “security” team made a presentation amid titters and shakes of the head. I almost felt sorry for him. Microsoft wasnt always known for its software security problems. Windows worked just fine—until you connected it to the Internet, and then all bets were off. Before the Web, Microsoft developers never had to make their software secure, and once the Internet exploded, they were suddenly swimming upstream in an effort to plug holes while trying to anticipate new ones.

By 2002, Bill Gates had had enough, and he introduced the Trustworthy Computing initiative early that year. Again, the reaction was skeptical at best, and many experts have subsequently declared the initiative a failure. But now, almost four years later, we are experiencing a sea change in attitudes toward Microsoft and security—two words that no longer produce snickers but attention and discussion. Rather than being a pariah in the computing industry, Microsoft is now a partner in fighting Internet crime, designing software that is more secure from the ground up. Rather than being a target, it is now a leader. Senior Writer Paul F. Roberts reports this week that Microsofts recent Blue Hat meetings, where hackers show Microsoft developers where its software is vulnerable and how to prevent those vulnerabilities, is one example of how the company is working with the security experts rather than against them. We certainly have not seen the last security flaw in Microsoft software, but we are on our way to seeing fewer of them.

Judging by the popularity of Skype, Gizmo Project and Vonage, everybody wants VOIP. Those systems tie users to their computers. The next evolutionary stage is voice over wireless, also known as VOW, writes Technical Analyst Andrew Garcia in eWEEK Labs this week. The number of offerings is slim and performance is not uniformly great now, but, by next year, Garcia expects more and better phones and better standards support. Still, Technology Editor Peter Coffee says that despite the advancements and popularity in VOIP systems, we should not be so quick to discount the advantages and reliability of POTS (plain old telephone service).

Also this week, Senior Editor Carmen Nobel reports that Cisco Systems is taking a big step in its mesh networking efforts as it helps to rebuild Gulf Coast schools damaged during Hurricane Katrina. Cisco will spend $40 million to build a wireless broadband network, and, putting his money where his mouth is, CEO John Chambers is kicking in $2 million personally. Cisco is planning to release its first mesh hardware in November.

eWEEK magazine editor Scot Petersen can be reached at scot_petersen@ziffdavis.com.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.