Re: Microsoft developers feel Windows pain

[InfoSec News <isn () c4i org>]

---------- Forwarded message ----------
Date: Sun, 10 Feb 2002 22:10:05 -0500
From: Dan Geer <geer () world std com>
To: R. A. Hettinga <rah () shipwright com>
Cc: Digital Bearer Settlement List <dbs () philodox com>, dcsb () ai mit edu
Subject: Re: [ISN] Microsoft developers feel Windows pain 

Bob, 

A couple of things...
    
As an historical tidbit: Steve Lipner is one of the authors
of the Orange Book.

As a comment: Security as an imposed focus for Microsoft is
heaven sent, you heard me, heaven sent.  Consider, as we
discussed before, the pressure for feature expansion in
Microsoft products as the main determinant for continued
competitive and market control -- it must be hell.  How
many more features can, say, Microsoft Word have anyhow?
Feature expansion is an extremely taxing game to play at
the limit and Microsoft is there.  With this sudden interest
in security(*), our friends in Redmond have a heaven sent
excuse to get off the rat race for features and *not* bring
out any new ones for more or less as long as they like.
This is the best cover they will ever, ever have for doing
something about quality (which heretofore both sucks and
could only get worse in the face of feature explosion).
I have to hand it to them -- they are one slick group of
lemonade makers for any species of lemon.

--dan


(*) Disclaimer -- I am a security guy and I could not be
happier for both personal and commercial reasons.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.