Completely off topic: FW: Trustworthy Computing
Becker, Rob
Becker at celeritas.com
Fri Jul 19 13:22:21 CDT 2002
I thought some of you folks might like to read this. Kinda strange to get email from Bill Gates.
-----Original Message-----
From: Bill Gates [mailto:BillGates at chairman.microsoft.com]
Sent: Thursday, July 18, 2002 9:03 PM
To: Becker, Rob
Subject: Trustworthy Computing
I'm writing to you, as a reader of one of Microsoft's customer newsletters, about an issue of
particular importance to those of us who routinely use computers in our work and personal lives -
making computing more trustworthy. Trustworthy Computing involves a lot of things - reliability,
security, privacy and business integrity.
Before I share my thoughts about this in more detail, I want to give you some context on why I am
sending this email. This is the first in an occasional series of mails that CEO Steve Ballmer and
I, and periodically other Microsoft executives, will be sending to people who are interested in
hearing from us about technology and public-policy issues that we believe are important to computer
users, our industry and everyone who cares about the future of high technology. This is part of our
commitment to ensuring that Microsoft is more open about communicating who we are and what we are
doing.
As I mentioned at the outset, you are receiving this email as a recipient of a Microsoft
newsletter. If you would like to hear from me, Steve and periodically from other Microsoft
executives in the future, please go to
http://register.microsoft.com/subscription/subscribeMe.asp?lcid=1033&id=155. If you don't wish to
hear from us again, you do not need to do anything. We will not send you another executive email
unless you choose to subscribe at the link above.
************************************************************************************************
As I've talked with customers over the last year - from individual consumers to big enterprise
customers - it's clear that everyone recognizes that computers play an increasingly important and
useful role in our lives. At the same time, many of the people I talk to are concerned about the
security of the technologies they depend on. They are concerned about whether their personal data
is being protected. Although they know that computers can do amazing things, they are frustrated
that their technology doesn't always work consistently. And they want assurances that the high-tech
industry takes these concerns seriously and is working to improve their computing experience.
Six months ago, I sent a call-to-action to Microsoft's 50,000 employees, outlining what I believe
is the highest priority for the company and for our industry over the next decade: building a
Trustworthy Computing environment for customers that is as reliable as the electricity that powers
our homes and businesses today.
This is an important part of the evolution of the Internet, because without a Trustworthy Computing
ecosystem, the full promise of technology to help people and businesses realize their potential
will not be fulfilled. Ironically, it is the growth of the Internet and the advent of massive
computing systems built from loose affiliations of services, machines, communications networks and
application software that have helped create the potential for increased vulnerabilities.
There are already solutions that eliminate weak links such as passwords and fake email. At
Microsoft we're combining passwords with "smart cards" to authenticate users. We're also working
with others throughout the industry to improve Internet protocols to stop email that could
propagate misleading information or malicious code that falsely appears to be from trusted senders.
And we are making fundamental changes in the way we develop software, in our operational and
business practices, and in our customer support efforts to make the computing experiences we
provide more trustworthy.
For example, we've historically made our software and services more compelling for users primarily
by adding new features and functionality. While we are continuing to invest significantly in
delivering new capabilities that customers ask for, we are now making security improvements an even
higher priority than adding features. For example, we made changes to Microsoft Outlook to block
email attachments associated with unsafe files, prevent access to a user's address book, and give
administrators the ability to manage email security settings for their organization. As a result of
these changes, the number of email virus incidents has dropped dramatically. In fact, email viruses
like the recent "Frethem" virus propagate only to systems that have not been updated - underscoring
the importance of updating them regularly.
We are also undertaking a rigorous and exhaustive review of many Microsoft products to minimize
other potential security vulnerabilities. Earlier this year, the development work of more than
8,500 Microsoft engineers was put on hold while we conducted an intensive security analysis of
millions of lines of Windows source code. Every Windows engineer and several thousand engineers in
other parts of the company were also given special training in writing secure software. We
estimated that the stand-down would take 30 days. It took nearly twice that long, and cost
Microsoft more than $100 million. We've undertaken similar code reviews and security training for
Microsoft Office and Visual Studio .NET, and will be doing so for other products as well.
THE TRUSTWORTHY COMPUTING FRAMEWORK
Trustworthy Computing has four pillars: reliability, security, privacy and business integrity.
"Reliability" means that a computer system is dependable, is available when needed, and performs as
expected and at appropriate levels. "Security" means that a system is resilient to attack, and that
the confidentiality, integrity and availability of both the system and its data are protected.
"Privacy" means that individuals have the ability to control data about themselves and that those
using such data faithfully adhere to fair information principles. "Business Integrity" is about
companies in our industry being responsible to customers and helping them find appropriate
solutions for their business issues, addressing problems with products or services, and being open
in interactions with customers.
Creating a Trustworthy Computing environment requires several steps:
- Making software code more secure and reliable. Our developers have tools and methodologies that
will make an order-of-magnitude improvement in their work from the standpoint of security and
safety.
- Keeping ahead of security exploits. Distributing updates using the Internet so that all systems
are up to date. Windows Update and Software Update Services, discussed below, provide the
infrastructure for this.
- Early Recovery. In case of a problem, having the capability to restore and get systems back up
and running in exactly the same state they were in before an incident, with minimal intervention.
FIRST STEPS TOWARD MORE TRUSTWORTHY COMPUTING
There is still much work that Microsoft and others in our industry must do to make computing more
trustworthy. Here is a summary of some of the progress we've made, six months after my email to
Microsoft employees:
- We have changed the way we design and develop software at all phases of the product development
cycle. Our new processes should greatly minimize errors in software, and speed up the development
process for new products and services.
- Software Update Services (SUS) is a security management tool for business customers that enables
IT administrators to quickly and reliably deploy critical updates from inside their corporate
firewall to Windows 2000-based servers and desktop computers running Windows 2000 Professional and
Windows XP Professional.
- Microsoft Baseline Security Analyzer is a new tool that customers can use to analyze Windows 2000
and Windows XP systems for common security misconfigurations, and to scan for missing security hot
fixes and vulnerabilities on a variety of products, including newer versions of Internet
Information Server, SQL Server and Office.
- In addition to providing customers with tools and resources to help them maximize the security of
Windows 2000 Server environments, we are committed to shipping Windows .NET Server 2003 as "secure
by default." We believe it's critical to provide customers with a foundation that has been
configured to maximize security right out of the box, while continuing to provide customers with a
rich set of integrated features and capabilities.
- The error-reporting features built into Office XP and Windows XP are giving us an enormous amount
of feedback and a much clearer view of the kinds of problems customers have, and how we can raise
the level of reliability in those products - and that of products made by other companies. As part
of this effort, we recently created a secure Web site where software and hardware vendors can view
error reports related to their drivers, utilities and applications that are reported through our
system. This enables the vendors who work with us to identify recurring problems and address them
far more quickly than in the past. All of our server software products will incorporate these
error-reporting features in subsequent versions of the products.
- With Microsoft Windows Update, we are completing the customer-feedback loop based on the
error-reporting features mentioned above. This globally available Web service delivers more than
300 million downloads per month of the most current versions of product fixes, updates and
enhancements. When customers connect to the site, they can choose to have their computer
automatically evaluated to check which updates need to be applied in order to keep their system
up-to-date, as well as identify any critical updates to keep their system safe and secure.
- We are working on a new hardware/software architecture for the Windows PC platform, code-named
"Palladium," which will significantly enhance users' system integrity, privacy and data security.
This new technology, which will be included in a future version of Windows, will enable
applications and application components to run in a protected memory space that is highly resistant
to tampering and interference. This will greatly reduce the risk of viruses, other attacks, or
attempts to acquire personal information or digital property with malicious or illegal intent. Our
goal is for the Palladium development process to be a collaborative industry initiative.
- We've incorporated what is known as P3P (Platform for Privacy Preferences) technology in the
Internet Explorer browser technology in Windows XP, which enhances a user's ability to set privacy
levels to suit his or her needs. The P3P standard enables a user's browser to compare any
P3P-compliant Web site's privacy practices to that user's privacy settings, and to decide whether
to accept cookies from that site.
Identifying and addressing critical Trustworthy Computing issues will require significant
collaboration across our industry. One example of the kind of cross-industry effort we need more of
is the recent creation of the Web Services Interoperability (WS-I) Organization
(http://www.ws-i.org/). Founded by IBM, Microsoft and other industry leaders including Intel,
Oracle, SAP, Hewlett-Packard, BEA Systems and Accenture, WS-I's mission is to enable consistent and
reliable interoperability of XML-based Web services across a variety of platforms, applications and
programming languages. Among other things, WS-I will create a suite of test tools aimed at
addressing errors and unconventional usage in Web services specifications implementations, which in
turn will improve interoperability among applications and across platforms.
WHAT YOU CAN DO
Given the complexity of the computing ecosystem, and the dynamic nature of the technology industry,
Trustworthy Computing really is a journey rather than a destination. Microsoft is fully committed
to this path, but it is not something we can do alone. It requires the leadership of many others in
our industry and a commitment by customers to establish and maintain a secure and reliable
computing environment. For customers, the most important first step is understanding what it will
take to make their computers and networks more reliable and safe. Below are some suggestions on
what individuals and businesses can do to create a more Trustworthy Computing environment for
themselves and others.
- Give us feedback by using the error-reporting features built into Office XP and Windows XP.
- Use Microsoft Windows Update (http://windowsupdate.com/) to ensure that you have the most
up-to-date and accurate versions of product updates, enhancements and fixes.
- Businesses customers can take advantage of Software Update Services to download critical updates
from Windows Update. (http://www.microsoft.com/windows2000/windowsupdate/sus/)
- Use Microsoft Baseline Security Analyzer to analyze Windows XP and Windows 2000 for common
security misconfigurations.
(http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/MBSAhome.as
p)
- Enterprise Systems Integrators can take advantage of the Systems Integrator Source Licensing
Program (http://www.microsoft.com/licensing/sharedsource/).
- Hardware, software or systems vendors can sign up for Microsoft's Windows Logo Program at
http://www.microsoft.com/winlogo/ to ensure a high-quality user experience.
- Find more information about computing security at http://www.microsoft.com/security/.
- Our White Paper on Trustworthy Computing is at
http://www.microsoft.com/PressPass/exec/craig/05-01trustworthywp.asp.
- If you don't already have Internet Explorer 6.0, download it for free at
http://www.microsoft.com/windows/ie/evaluation/overview/ to take advantage of its increased
reliability and security and privacy features.
We are doing everything we can at Microsoft to make software as trustworthy as possible. By
building awareness, through collaborative work and with a long-term commitment, I am confident we
can and will create a truly Trustworthy Computing environment.
Bill Gates
For information about Microsoft's privacy policies, please go to:
http://www.microsoft.com/info/privacy.htm.
More information about the Kclug
mailing list