Subscribe to
Computerworld How Microsoft missed the boat on zero-day threats
How Microsoft missed the boat on cybercrime
- Microsoft releases Vista SP2 beta
- Obama's DHS pick may find support for raising H-1B cap at confirmation hearing
- IBM wants info from Apple execs in Papermaster case
- Report: Former AOL chief exec tries to raise funds to buy Yahoo
- U.S. Report: Major terror attack by 2013
- 10 Microsoft research projects
 The Security Zone
With the mobility of employees and the ease with which external devices can be brought in and out of a network, continuing to build your security plan for network servers and clients is a must. Fortunately, there is much that organizations can do to protect themselves from attacks - internal and external. Having the right policies, procedures and server configurations is critical... Learn more in The Security Zone See All Zones
|
May 26, 2008 (Computerworld) On Jan. 15, 2002, Microsoft Corp. Chairman Bill Gates issued a jaw-dropping memo with the subject line "Trustworthy Computing." To stem rising hacker attacks, Gates ordered all Windows development halted and directed his company's full attention to shoring up security.
Microsoft has since poured vast resources into making Windows PCs more secure. And yet the risk of having your PC compromised and your sensitive data used in scams has never been greater, according to a new book, Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity (Sterling Publishing, 2008), by USA Today technology reporters Byron Acohido and Jon Swartz. The authors point to a confluence of factors increasing the danger: a banking system built for speed; a tech industry enamored with commercializing the Internet; consumers hooked on convenience. In these edited excerpts, Acohido and Swartz convey Gates' acknowledgment of the problem.
Command Performance
Bill Gates seemed weary and disengaged. He had just co-delivered a keynote address to about 3,000 tech-security executives, analysts and researchers at San Francisco's Moscone Center and was sitting in a vast room behind the stage waiting to do a requisite one-on-one interview with one of the authors.
The Feb. 6, 2007, speech was billed as Gates's final command performance at the giant RSA Conference, the tech-security industry's premier convention, held early each year. At his first RSA keynote, delivered in 2004, Gates had a good story to tell. It had been two years since he had issued his Trustworthy Computing edict, ordering his troops to alter their features-first worldview and make security their new religion. Microsoft developers at the time were in the home stretch of hammering together Windows XP Service Pack 2, which would make the use of personal firewalls and automatic patching standard practice for most home computer users.
Now here he was, five years into Trustworthy Computing, with Windows Vista, the first Microsoft desktop operating system with security accounted for in every major component, freshly delivered to store shelves. Evangelizing Security
Microsoft now had a more well-rounded security story to tell. And tell the story it did. Beginning in the summer of 2006, a crack team of Vista "evangelists" -- the product managers and marketing specialists assigned to wine and dine researchers, analysts and reporters at conferences and other events -- began spreading the SDL gospel. SDL stood for Security Development Lifecycle, a process for meticulously rooting out coding errors and security holes throughout the development of a new software product.
Given the timing of his swan-song appearance at RSA, Gates had the perfect pulpit to drive home the message his SDL disciples had delivered to many of the people seated in Moscone Center's main hall. But Gates' focus appeared to be elsewhere. Several months earlier, he had announced his intent to retire in mid-2008 to turn his attention to eradicating disease in Third World nations.
Today's Top Stories
Resource Alerts
Webcasts
Web Threats Don't Discriminate
The Secure Web Gateway. Mission Critical For Business
Dynamic Data Center and Virtualization Drives Operational Excellence at Emory Healthcare
 Fired up about IT? Join Sharkbait and share your true tales of IT. SharkBait is the place for you to sound off about everything IT – the good, the bad, and the rest of the weird stuff you deal with every day.New baits 
|
|
 |
|
Patrick Thibodeau: Satellite images of U.S military bases Which is more important? Helping terrorists or protecting military bases? Answer: protecting Web 2.0 ... [more] |
| White Papers  Read up on the latest ideas and technologies from companies that sell hardware, software and services. | ||||||
|
