Microsoft’s program to ensure that developers build secure code is showing early signs of success, according to a senior executive from the company. The Security Development Lifecycle program is one of the results of Microsoft’s announcement outlining concentration on security and secure development.
In regards to security Microsoft has probably the worst track record of any company in history so they shouldn’t advertise with that argument.
In terms of development they are loosing developers by the dozens right now and have a hard time to get anyone to volunteer their time and code for them. Just among among the people I know there are two who went from MSDN to OSDN…
Just among among the people I know there are two who went from MSDN to OSDN…
So, Microsoft developers have an awful track record for security and you’re happy that they’re moving over to doing Open Source development?
Also, when you have statements like “In terms of development they are loosing developers by the dozens right now and have a hard time to get anyone to volunteer their time and code for them.“, do you have links you can provide for this or just because you know two developers that left all the sudden they’re leaving in droves? Well, I know two developers that moved to Washington from Atlanta about a month ago and I just received an e-mail from them saying they’re contracting at Microsoft right now. According to your logic that must mean Microsoft is gaining tons of developers.
So, Microsoft developers have an awful track record for security and you’re happy that they’re moving over to doing Open Source development?
LOL! Funny stuff man! +1
Waaouhh ! What a news ! Please wake me up when MS as really a better security track confirmed by independent source. Until now, I still do my best to forbid any program using IE engine to access internet.
Yes, Microsoft has a bad track record, but they have thrown lots of resources at the problem, and recruited some of the best talent in the world to Microsoft Research, where they’ve done some very interesting work (e.g. the SLAM project) on formal verification of software (e.g. obtain a formal proof that a device driver does not violate any of hundreds of requirements).
But it’s the legacy that kills them. Tons of software only runs correctly if the user has administrator privileges, so everyone runs as administrator, meaning that any piece of malware they can be tricked into running can do anything.
Yes amongst them Prof CA Hoare inventor of CSP amongst other things that shows how to do concurrency right while they continue to do it all wrong.
Like they actually pay attention to these peoples work, they are for the companies PR. If you hire the best, they kind of get a free pardon to put out mediocre stuff.
A real OS built on the best of these researchers work might be very interesting but would need a clean slate to start on.
my 2c
This statement is not valid because the results are from MS and the efforts are from MS. Two areas that MS has never been sucessful in regarding security.
Sorry, but this is too little too late.
Not to mention that all their efforts, even if skilled (which they are not) cannot turn Windows into a secure OS. It’s flawed by design and was never designed for security.
How do these stories fool anyone?
Sooner or later it will be time to forget these rediculous articles and seriously consider your saftey on the Internet regarding Windows and Microsoft.
Windows is the hand gun of the internet!
Things are not getting better. But, there is something each of us can do.
1) learn about the safer alternatives
2) support these alternatives
3) educate others
It’s our world, our lives.
It’d be strange if Microsoft claimed something else. If it really works, good for them, good for the end-user.
Freedom loving people shouldn’t work for Satan.
Starting from scratch sounds all well and good, but you just can’t do that with these many users. If you even break a bit of backwords compatibility in the name of security everyone’s going to bitch about it. They broke some stuff with SP2 for XP and we all know how many people bitched about that. Now they’re trying to fase out Win32 API’s and move over to WinFX which is new, managed, and safer. But this shit doesn’t happen overnight.
The fact is that Windows is getting better, NT by itself IS just as secure as *nix. It’s all the 9x stuff they tossed on top in the name of compatibility and support to get the 9x users to move over, that hurt NT’s overall security.
The way I see it though Win2k3 is more secure then Win2k is, anyone who’s used both before can see that it’s true.
I’m just happy to see that they’re finally moving in the right direction.
you are kidding,right?
Because the link is broken for me. No one seems to be complaining about the link being broken, and no one seems to have read the article, from the looks of the posts.
I guess we are jaded by the number of “We, M$, are so much better, cheaper, and innovative than anyone else that you don’t need anyone else” articles or studies that are continually shown to bend, twist or break the truth, that we automatically assume the worst.