[wordup] speaking of funny: microsoft code so bad it's dangerous!?

Adam Shand adam at personaltelco.net
Tue May 21 15:45:05 EDT 2002 

wtf?  obviously it wasn't the marketing department that made this
statement ;)

while you're at it check out "the best excuse ever!"

  http://markfiore.com/animation/excuse.html

adam.

Via: http://slashdot.org/article.pl?sid=02/05/20/2124248

MS Cites National Security to Justify Closed Source
Posted by timothy on Monday May 20, @02:34PM

guacamolefoo writes: "It was recently reported in eWeek that "A senior
Microsoft Corp. executive told a federal court last week that sharing
information with competitors could damage national security and even
threaten the U.S. war effort in Afghanistan. He later acknowledged that
some Microsoft code was so flawed it could not be safely disclosed."
(Emphasis added.) The follow up from Microsoft is even better: As a
result of the flaws, Microsoft has asked the court to allow a "national
security" carve-out from the requirement that any code or API's be made
public. Microsoft has therefore taken the position that their code is so
bad that it must kept secret to keep people from being killed by it.
Windows - the Pinto of the 21st century." 

From: http://www.eweek.com/article/0,3658,s%253D701%2526a%253D26875,00.asp

Allchin: Disclosure May Endanger U.S.
May 13, 2002
By  Caron Carlson

A senior Microsoft Corp. executive told a federal court last week that
sharing information with competitors could damage national security and
even threaten the U.S. war effort in Afghanistan. He later acknowledged
that some Microsoft code was so flawed it could not be safely disclosed.

The bold statements and candid admissions were part of Jim Allchin's
testimony during two days in court here before Judge Colleen
Kollar-Kotelly, who is hearing the case of nine states and the District
of Columbia seeking stricter penalties for Microsoft's antitrust
behavior.

Allchin, group vice president for platforms at Microsoft, was the final
executive lined up to defend the Redmond, Wash., software developer.
Like company Chairman and Chief Software Architect Bill Gates before
him, Allchin highlighted the security problems he foresaw that could
result from technical information disclosure requirements sought by the
nonsettling states.

"It is no exaggeration to say that the national security is also
implicated by the efforts of hackers to break into computing networks,"
Allchin testified. "Computers, including many running Windows operating
systems, are used throughout the United States Department of Defense and
by the armed forces of the United States in Afghanistan and elsewhere."

Unlike the states' proposed remedy, the federal settlement proposal that
Microsoft and the Department of Justice agreed to in November contains a
carve-out that permits Microsoft to withhold API and protocol
disclosures if such disclosures would compromise security. The provision
is designed to address hackers, viruses and piracy, according to
Allchin.

In his testimony, Allchin also addressed .Net and countered charges made
by rivals—particularly Jonathan Schwartz, senior vice president of
corporate strategy and planning at Sun Microsystems Inc.—about its
interoperability. Charging that Schwartz's testimony oversimplified the
interoperability of .Net and Java technology, Allchin claimed the two
systems are not perfect equivalents.

"Microsoft has invested substantial time and resources in providing
great interoperability between .Net and older technologies," Allchin
said. "Sun's strategy of promoting '100 percent pure' Java applications
discourages interoperability."

During his second day on the stand, Allchin conceded that Microsoft has
already identified at least one protocol and two APIs that it plans to
withhold from public disclosure under the security carve-out.

The protocol, which is part of Message Queuing, contains a coding
mistake that would threaten the security of enterprise systems using it
if it were disclosed, Allchin said.

When Kevin Hodges, attorney for the dissenting states, asked him how
many APIs would be exempt, Allchin said he did not know the exact
number, but it would include APIs that deal with anti-piracy and digital
rights management. Microsoft has already identified APIs involved with
Windows File Protection that would be withheld, he said.

When pressed for further details, Allchin said he did not want to offer
specifics because Microsoft is trying to work on its reputation
regarding security. "The fact that I even mentioned the Message Queuing
thing bothers me," he said.

-- 
"The first casualty of war is truth." -- Rudyard Kipling

More information about the wordup mailing list