Vendors have said that there's a danger that some of the security features in Vista, such as User Account Control and Parental Control, will alienate people because of usability. Do you agree?
Parental Control has been a particular topic of debate. With the BSI Kitemark Committee — which is going slowly — a big debate has been what's on by default, how much you have in place straightaway and how much you leave to choice. If you have too-rigorous controls on by default, people switch them off.
With my son, I set up access to the CBeebies site. Every time he wanted to play a new game I had to authorise it through Parental Control because the games were being served from other sites. I ended up switching Parental Control off.
Chris Lindsay, general manager for broadband at BT Business, told us this week that Microsoft's "brand image" might count against it in the security space, and that Vista's hardware requirements will hamper take-up. What's your view?
Historically we had a problem in the past with our image and reputation. We hope that perceptions have changed. We used to have a large number of vulnerabilities on the platform. Since we started the Trustworthy Computing initiative five years ago, and baked in security by design, there's been a dramatic drop in the number of vulnerabilities.
As for the hardware comment, a lot of current PCs won't run Vista advanced graphics. But if you don't have an Aero-compatible graphics card, Vista will still run. I've got an old Sony Vaio laptop — and you can't retrofit a graphics card in a laptop. However, I'm going to drag it to Vista.
What do you see as the major future security threats across the industry?
With every device potentially on the internet, the security risks increase — especially for mission-critical devices streaming information. It's challenging to secure all that. There's also the issue of identity in a grid-enabled internet — you have to prove who you are to a mesh of internet devices. Suddenly there's a completely different scale to the challenge, particularly for real-time stuff. Take ignorance of the basic protocols for VoIP — people chewing up bandwidth saying "Hi honey, I'm on the train", drowning out a high-priority 999 message.
Will deperimeterisation and encryption solve those issues?
There's scope to use identity selectors such as Cardspace as a secure way of improving information flow, and making sure you're in the loop so information can flow by you if you're an IT manager.
Looking at the public sector, what are the security implications of the government's latest data-sharing plans?
The system they already have — the Government Gateway — is quite a good one. It enables data sharing without releasing information that doesn't need to be released. Gateway keeps track of an information request against an individual's credentials.
At the moment people's IDs are compartmentalised, so there's no reason for your NHS number to be given to anyone else, for example.
Do you have any concerns over the government's database plans for ID cards?
The ID cards programme won't be one big database, but a combination of three. That's a potential security and privacy risk. In a world of distributed systems, how do you safeguard privacy and security? There's lots of challenges around security, privacy, data integrity and data matching.