Microsoft security executive promises improvements (2000)
Pittsburgh (July 25, 2000) - The man who receives more complaints about the security of Microsoft Corp.'s software than anyone on the planet vowed Monday that the company's products are improving in quality and will continue to become more secure.
In particular, Whistler, the planned next version of Windows 2000 for business users as well as consumers, is due to show the results of several security-improvement initiatives that are now in the works at Microsoft when it becomes available next year, said Steve Lipner, manager of the company's Security Response Center.
Lipner's comments at a security summit for officials from industry, government and academia come in the wake of a series of disclosures about security holes in Microsoft's products. For example, Microsoft last week said it was working to fix potentially dangerous holes in both its Outlook e-mail software and its Internet Explorer browser.
Lipner told attendees at the Cyber Security Summit, sponsored by Carnegie Mellon University's Institute for Survivable Systems, that the Microsoft response center typically receives 10 to 100 messages per day from users who are reporting security problems. "But recently, it's been closer to 100," he said.
He added, though, that the complaints often are about hacks that could have been prevented had users downloaded software patches published months -- and sometimes years -- earlier. Asked about the future of Microsoft products, Lipner said, "Believe it or not, I see fewer vulnerabilities and problems ahead" because of the work of external security researchers and Microsoft's own product developers.
Nonetheless, other speakers at the conference sounded a consistently pessimistic note about the escalating threats to computer security from viruses, denial-of-service attacks and the like -- and about the technology industry's failure to get on top of the problem thus far.
Dave McCurdy, president of the Electronic Industries Alliance in Arlington, Va., shared a panel with Lipner and said he's not convinced the situation is improving. "Steve, I don't necessarily agree with you that security is going to get better," McCurdy said. "Maybe at Microsoft it will get better."
And without singling out any vendor, Mike Jacobs, deputy director of the National Security Agency, said users "need more secure and stable operating systems" in order to better protect themselves from malicious attackers.
"It's in the realm of operating systems that the most troublesome problems exist," Jacobs said, noting that safeguards such as firewalls and encryption can fail if operating systems are flawed. But fully securing operating systems remains "an elusive goal," he added.
In an interview Monday, Lipner outlined several steps taken by Microsoft that he said are already helping to improve the security of its products. Design and code reviews have been beefed up, as have the internal "tiger team" attacks that the company uses to mimic security attacks before it releases products, he said.
Automated tools also are taking some of the guesswork out of designing software to be more secure, Lipner said. For example, compilers in many cases can now anticipate when code is likely to result in buffer overflows, a common flaw that can open up vulnerabilities and potentially cause system crashes.
In addition, the .Net framework announced by Microsoft last month will introduce a layer of software on top of Windows that sets up a "sandbox" within which downloaded code must run. Lipner said it can block access to machine resources by malicious code, except as permitted by the user.
Lipner also promised faster distribution of software patches via a more automated process. But he discounted the popular notion that there will be, anytime soon, "benign viruses" that can roam through a system or network to sniff out and then fix security flaws.
Some attendees at the summit called for Microsoft and others to open all source code for inspection, saying that's the only way users can have total confidence in the security of a software product. But Lipner said Microsoft is "not going to give up our intellectual property."
However, Lipner added, the number of universities that have been given Windows source code for security reviews has almost doubled in the past year to some 140 -- a trend that he said will continue.
Summit attendees also repeatedly pointed out the inherent conflict between the goals of making a system richly functional and making it more secure and reliable. Asked if many users wouldn't gladly trade a few bells and whistles to get software that was less prone to attacks, Lipner said Microsoft took a step in that direction last month when it released a patch for Outlook that disables some functions in an attempt to tighten security.
But it's not clear that users really are willing to make that trade-off, according to Lipner. "My informal impression is, most customers still like the functionality," he said.