MS Cites National Security to Justify Closed Source 827
guacamolefoo writes: "It was recently reported in eWeek that "A senior Microsoft Corp. executive told a federal court last week that sharing information with competitors could damage national security and even threaten the U.S. war effort in Afghanistan. He later acknowledged that some Microsoft code was so flawed it could not be safely disclosed."
(Emphasis added.) The follow up from Microsoft is even better: As a result of the flaws, Microsoft has asked the court to allow a "national security" carve-out from the requirement that any code or API's be made public. Microsoft has therefore taken the position that their code is so bad that it must kept secret to keep people from being killed by it. Windows - the Pinto of the 21st century."
Nice (Score:5, Interesting)
Nothing will ever be the same again indeed.
Now what are they trying to hide? (Score:4, Interesting)
Worrying isn't it?
Hypocrits (Score:5, Interesting)
If a car was dangerous enough to possibly cause death, wouldn't the government require a recall? Wouldn't the media jump on them like rabid wolves like they did Firestone? Wouldn't people avoid the things like they did Firestone?
Equality (Score:3, Interesting)
This is big news... (Score:2, Interesting)
What's the solution for the DOJ (who holds the reigns now)?? Simple: force MS to adopt open standards and open code modules in the future. Given that the MS business model is based on leveraging its "secret" elements, this could force them to abandon nearly all of their anticompetitive practices.
Playing both sides of the fence (Score:2, Interesting)
Fear the future... (Score:5, Interesting)
1) A software system with 1 or more serious _known_ flaws must be used on a worldwide scale by a government agency or large company.
2) That software must then fail.
3) The failure must cause thousands of deaths or hundreds of billions of dollars in loss or damage.
The result will be like the 9/11 of software...when the world wakes up and realizes that we have become so dependent on software systems for our daily lives that we actually have to start caring whether or not they work correctly. We need to start taking an engineering approach to software and KNOW (not think) that it will operate as advertised.
I'm actually hoping that this will occur sooner than later. The later it happens, the more catastrophic the result will be and the less time we'll have to rectify the problem before it happens again.
Re:Now what are they trying to hide? (Score:2, Interesting)
An interesting point? (Score:3, Interesting)
So the obvious question arises, is Linux/BSD (and any other software that has source available) more exposed to "serious" attacks. By "serious" I mean being launched by somebody who knew enough to be able to look at the source and find security flaws, vs a script kiddie who takes a virus toolkit and modifies the virus name and subject line. Theoretcially, it should be more vunerable than a picece of closed source software that was written with a similar level of "quality".
Again, I AM NOT DEFENDING OR SUPPORTING M$'S POSITION, only bringing up what I think is an interesting question.
They may argue themselves back to a breakup? (Score:3, Interesting)
Re:Of course our security lies in... (Score:3, Interesting)
Just imagine your only phone call from you jail cell: "Sorry, I tried writing a st-valentines letter to you, but the 400 year old poem that I included was considered copyright and my computer called the cops."
Re:They must be getting desperate... (Score:3, Interesting)
Granted I don't use all aspects of the API, so perhaps parts of it are poor, but the parts I use are highly documented, examples given, and all sorts of other goodies. This is what dragged me, and many hundreds of thousands of other developers into the MS world where we make a good living building solutions to business problems.
-me
Re:Hypocrits (Score:2, Interesting)
Now on this car there is a secret button that unlocks the cars doors and starts the engine. It can only be found by maticulously taking the car completly apart 200 times or by reading the blueprint.
If this car makes up 90% of all the cars owned in america, should they make this blueprint public over a small issue like a cupholder?
What about... (Score:2, Interesting)
In this pleading, Microsoft themselves admit that their stuff is widely installed on Federal Interest Computers.
Microsoft's use of so-called operating system patches to disable user mail applications and replace them with the Outlook mail server application is unauthorized hacking of Federal Interest Computers, a Federal felony under US Code Title 18 Section 1030 (the COMPUTER FRAUD AND ABUSE STATUTE: see http://www.cpsr.org/cpsr/privacy/crime/fraud.act.t xt [cpsr.org]).
Microsoft's pervasive practice of using their upgrade/patch excuse for hacking Federal computers and replacing relatively secure software like Eudora with nightmares like Outlook (which is itself responsible for something like 80% of the viruses and worms on the net!)is a violation by my reading of the Act (but IANAL). I think that Paragraph (b)(1)(B) ought to be applied!
Whose Your God Daddy? (Score:4, Interesting)
Actually, this is entirely consistent with MS's strategy all along: it has been arguing that it and its products are so profoundly important to the American economy and security that any remedy which interferes with its ability to act as it pleases should be struck down by the court. Otherwise, everyone will suffer at least as much as MS will.
It's the exact equivalent of a mob boss saying that he shouldn't be imprisoned for running a protection racket, because then he wouldn't be able to protect his customers. Moreover, he wouldn't be able to provide for his innocent wife and children (even though it's been shown he abuses them as well).
Microsoft isn't at all desperate; they're just so arrogant, and so blind to basic security principles, that they don't really see a problem with what they're saying.
Staggering (Score:4, Interesting)
"Uhh, sorry Mr. President, the NSA can no longer monitor international communications. Our systems are just too vunerable to hacking to be used. Jim Allchin assured us that a comprehensive fix would be available within 18 months."
"In other news, the US Navy has ordered all AGEIS cruisers into port indefinatley. The AGEIS computer systems were deemed too risky for combat use. The Pentagon would not comment on reports the entire US fleet would require software overhauls before any offensive combat operations could be contemplated."
"World stock markets are today in freefall as most major international corporations raced to secure information systems based on Microsoft's Windows operating system. Some experts estimate that the expense of fixing or replacing mission critical software to provide an adequate level of security would dampen the World economy for a decade."
This goes so far beyond a computer industry issue. Its a staggering admission of guilt. What CIO would be caught dead installing an MS system unless they have absolutly no alternative?
There is also the legal issue. If someone has sustained an economic loss due to "flawed code", that they are using because MS illegally supressed competitive alternatives, then they have a really good case for compensation. And the hardest part, proving that MS illegally manipulated the market, is already done. And they have some tens of billions just sitting around, waiting for the right lawyer to just take away.
Re:er, (Score:3, Interesting)
How many of you kids remember a.out to elf? Or the switch from libc to glibc? Any of you try to upgrade through that yourself without reinstalling a new distribution? Think of both of those, multiply it by 10000 and throw a couple major security holes in that the entire world may not be privy to. Then you are starting to scratch the surface of how large this problem is. On top of that why not factor in some bullying from the MS sales force, how many larger MS customers have been bullied at one point or other? Probably enough that if they were told they have to replace everything some of them would get really pissed off and seriously think about shopping elsewhere.
MS fucked up and they fucked up bigtime. They need more time too, they've got
Tools for Terrorism.. (Score:2, Interesting)
__________
Microsoft - The Number One Manufacturer of 'Tools for Terrorism (tm)'.
__________
This was inspired by the then almost weekly anouncements about security problems with the design of and use of Active-X, macro-viruses, IIS, etc.
Now their lawyers have concurred.
Guess I was right all along !
- Mchummer
__________
More relative than this: the play's the thing
Wherein I'll catch the conscience of the king.
Hamlet. Act ii. Scene 2
__________
Re:Nice (Score:3, Interesting)
Another person at the Naval Air Warfare Center, who also requests anonymity, says: "In my view, and this is only my opinion, the move [IT 21] is not only illegal, but wrong. Moving the Navy completely towards a proprietary computer (a memo quoted states only 'Intel' computers could be purchased) and a proprietary OS (Windows) is against Navy procurement standards requiring OPEN competition. If anything, the Navy should stress compatibility, and open standards. MS Windows is not an open standard.
David Kastrup of the Institut fur Neuroinformatik in Bochum, Germany observed last year that "The specifications call for use of Windows NT 5.0 [now Windows 2000] when available, without any prior tests for usability or whatever. This means that the military is signing a blank cheque of trust to Microsoft to deliver what their marketing hype promises.
Re:Nice (Score:4, Interesting)
I don't see how thats microsofts problem. The government decided they wanted to use off the shelf computer equipment and software. They got sick of developing a computer system and maintaining it for 30 years. You realize that in the 80s there were software engineers that were maintaining code for submarines that had ferrous-core memory systems.
The navy wanted to get away from that.
So, its nice that you're mad about the navy's choice of computing infrastructure. The fact that it happened to fail has nothing whatsoever to do with microsoft, and you're being irrational about being upset with them over this.
Not that there aren't other things to be upset with them about
Re:Microsoft products = crap admitted in court (Score:3, Interesting)
Ho hum, might just turn interesting...