madison
Home / News & Blogs

New worm--no excuses this time

Charles Cooper | August 13, 2003 12:23 PM PDT

Summary

After two decades' worth of Swiss cheese software security, the world's biggest supplier of operating system software has run out of excuses.

Topics

Charles Cooper, Technology News
COMMENTARY--Here's how my day went: E-mail was the first to goin the morning. Then the phone--a voice-over-Internet protocolsystem that uses Windows Server software--wentdown. Just to complete the hat trick, Microsoft Word'scut and paste feature conked out without anyexplanation.

Misery loves company and I was not alone. For theumpteenth time in recent memory, companies around theglobe were sent scrambling to catch up with anInternet worm that penetrated a security hole inMicrosoft Windows. As that noted computer scientistLawrence (Yogi) Berra surely remarked on a similaroccasion, it was deja vu all over again.

Recall that more than a year ago, Microsoft made a big production of its determination to put this issue to bed. After getting repeatedly hammered for shipping versions of the Windows operating systems that were vulnerable to nasty hacks, the company let it be known that it had had enough. In January 2002, Bill Gates sent out a well-publicized company memo elevating security to the top of Microsoft's prioritylist.

The Redmond spin machine did a fabulous job of convincingthe world that Microsoft was listening to its customers andworking harder to provide better software security.The company proceeded to take the unprecedented stepof shutting down software development for an entiremonth to let its people turn their full attention tothe job at hand.

But such is the burden of being a monopolist whosesoftware dominates the world. Companies here andabroad expect this stuff to be bulletproof, not aperennial work-in-progress. Since when should acompany receive kudos for fixing something it shouldhave taken care of years ago?

Microsoft has argued that this is hard stuff tomaster. No doubt. But is it much more complicated thanairline engineering or bridge construction?

Since when does a company receive kudosfor fixing something it should have taken care ofyears ago?
Funnything about expectations. Travelers getting ontoplanes expect to debark in one piece. When peopledrive across a bridge, they do so confident aboutexiting safely on the other bank. If the plane orbridge dumps out halfway, I doubt surviving familymembers would be consoled by the promise that Version1.1 will take care of the glitches.


News Focus
New worm blasts Microsoft
MSBlast carries a threat

People's lives don't usually ride on the security ofoperating system software, but a work force reduced totwiddling its thumbs waiting for the IS department torepair a worm's damage doesn't make for a prettypicture.

To its credit, Microsoft did issue a patch for thislatest worm after it was uncovered by a group ofPolish hackers and independent security consultants a couple of weeks ago. However, I'd do a hard stop rightthere.

After two decades' worth of Swiss cheesesoftware security, the world's biggest supplier ofoperating system software has run out of excuses.

If this were the exception rather than the rule, Iwould agree that the customer should be heldresponsible for making sure the latest fixes weredownloaded onto a company's computers. But after twodecades' worth of Swiss cheese software security, theworld's biggest supplier of operating system softwarehas run out of excuses. It took scientists less timeto map the human genome

Businesses, which rely on the assumption thatMicrosoft operating systems will stand up to attacks,might have assumed the statute of limitations onmaking lousy software ran out with the last of theInternet sock puppets. Users should be so lucky.

biography
Charles Cooper is the executive editor of commentary at CNET News.com.

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity