Re: Gates says Microsoft security push cost $100 mln

[InfoSec News <isn () c4i org>]

Forwarded from: Richard Forno <rforno () infowarrior org>

To do so would admit responsibility for the problems plaguing the
Internet from Microsoft products. They could never do that - not only
would that go against years of carefully-crafted corporate branding
and marketing, but probably open themselves up to years of product
negligence lawsuits if they actually admitted such.

$100M on Trustworthy Computing? Too little, too late. And besides,
what does "100M invested..." actually mean? Did that all go in-house,
or did that go for external research, product acquisitions, etc. on
stuff that's related to security? The way it sounds, you think that
$100M was spent on programmers, and stuff all within MS, which I find
very, very hard to believe.  Given MS track record, "investing in
security" could mean full-page ads in magazines saying Windblows
eXPloitable is a secure OS.....eg, spin control for security.

Joking aside, I find it very hard to believe much of anything Redmond
tells the public.

rick
infowarrior.org



> Forwarded from: Joe Klein <jsklein () mindspring com>
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I think it would have saved Microsoft Stock Holders and the company
> a lot of money if they would have designed security into the
> operating system from the beginning.  I remember a quote from my
> college professor that 'for every $1 spent on planning, it will take
> $10 to 'fix' in the development phase and $100 to fix if it goes
> into production'. So I guess someone at Microsoft needs to answer up
> to why the 1 million dollars was not spent on the beginning of their
> software development process, instead of costing the Stock Holder
> $99 Million at this juncture.
>
> Joe Klein  



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.