Microsoft Gets Security Religion, Part 2
The Trustworthy Computing Initiative
On Janauary 15th, Bill Gates sent out a memo outlining an inititiative for something he calls Trustworthy Computing. The memo can be read in its entirety here.
Here are some snippets which should give you the gist of the initiative…
Trustworthy Computing is computing that is as available, reliable and secure as electricity, water services and telephony.
“Reliable and secure as electricity?” Obviously he didn’t live in California during the start of 2001.
Today, in the developed world, we do not worry about electricity and water services being available. With telephony, we rely both on its availability and its security for conducting highly confidential business transactions without worrying that information about who we call or what we say will be compromised. Computing falls well short of this, ranging from the individual user who isn’t willing to add a new application because it might destabilize their system, to a corporation that moves slowly to embrace e-business because today’s platforms don’t make the grade.
Of course, what he doesn’t say is that a lot of the system destabilization that comes from installing new apps is Microsoft’s fault. I once had a customer call me with a problem where after installing an app I’d written, his printer was no longer working. And no, it wasn’t my fault.
That customer was a victim of what Windows developers call DLL Hell. The quickie explanation for non-technical people is that DLLs are software Lego blocks that are shared by many programs that perform functions that are common to many programs. For instance, the “Open” and “Save” dialog boxes you often see are services provided by the Windows Common Dialog DLL; by using this DLL, developers are saved from having to write, test and debug new “Open” and “Save” dialog boxes for each application and the users get a consistent experience every time they want to open or save. So far, so good. The problem is that DLLs are often upgraded, and sometimes the new version of a DLLs is not backwards-compatible with an old version. As a result, programs that relied on the old version of a DLL may suddenly stop working properly. A real-life analogy: imagine the kind of tragedy that would occur if someone changed all the coffee — a shared utility that many workers rely on — in your office from regular to decaf without telling anyone.
The events of last year — from September’s terrorist attacks to a number of malicious and highly publicized computer viruses — reminded every one of us how important it is to ensure the integrity and security of our critical infrastructure, whether it’s the airlines or computer systems.
The attacks on the World Trade Center and Pentagon, being “low-tech, high concept” operations — had nothing to do with computers, but they do make a convenient bogeyman. As for the highly publicized computer viruses, most of them took advantage of Windows systems.
Our new design approaches need to dramatically reduce the number of such issues that come up in the software that Microsoft, its partners and its customers create. We need to make it automatic for customers to get the benefits of these fixes. Eventually, our software should be so fundamentally secure that customers never even worry about it.
More in upcoming postings. Lots of work to do today.