Microsoft sets Google's record straight

Despite there being no official acknowledgement from Google that it's ditching Microsoft's Windows operating system, the Redmond giant felt compelled to respond.

Despite there being no official acknowledgement from Google that it's ditching Microsoft's Windows operating system, the Redmond giant felt compelled to respond.

A report surfaced earlier this week that Google has started easing Windows PCs out of its internal network based on security concerns, related in part to the attacks on its infrastructure late last year. Google has so far declined to confirm that report, but Microsoft released a blog post defending Windows security and pointing out that security concerns helped derail a Gmail deployment at Yale University.

"When it comes to security, even hackers admit we're doing a better job making our products more secure than anyone else. And it's not just the hackers; third-party influentials [sic] and industry leaders like Cisco tell us regularly that our focus and investment continues to surpass others," Microsoft said in its blog post.

For some reason Microsoft declines to use Google's name directly in the post, preferring instead to discuss "whether or not one particular company is reducing its use of Windows". The two industry titans are far from best friends, battling each other on any number of fronts from operating system and office productivity software to search and mobile devices.

Microsoft also made sure to take a shot at old rival Apple, highlighting reports on Tuesday that spyware targeting Mac OS X machines is being downloaded along with some free applications.

"Microsoft makes the security of our customers a huge priority," it said, going on to list a number of security features in Windows 7.

The news also caught the attention of David Marcus, security research and communications manager for McAfee. Marcus said in a blog that the Aurora attack, which is reportedly the reason for Google's decision to de-Microsoft itself, was about people, not Microsoft's Internet Explorer vulnerability through which attackers gained access to Google's systems.

"The attackers who launched Operation Aurora knew their targets well from both corporate and personal viewpoints. They knew what their victims were running and what their roles were. The attackers even knew what application versions they used," he said. "The intel that the attackers gathered to make Operation Aurora work is what made it a success — not the operating system involved. The targets were the people."

It wouldn't have made a difference if Linux or another operating system were used, according to Marcus. "When an attacker knows the details of a company's technical deployment and personnel to the level we saw in Operation Aurora, the difference between one operating system and another is irrelevant. Any system or network can be technically compromised."

"Social engineering and intelligence gathering trumps technology every time. It always has and always will."

Via CNET