“A computer security expert who contributed to a paper deeply critical of Microsoft has been dismissed by his employer, a consulting company that works closely with the software giant,” John Borland reports for CNET News.com.
Dan Geer, a longtime computer security researcher along with several colleagues released a study this past Wednesday that “called the ubiquity of Microsoft software a hazard to the economy and to national security,” Borland reports. “Cambridge, Mass-based @Stake, where Geer worked as chief technical officer, said in a statement Thursday that the researcher had not gotten his employers’ approval for the study’s release, and that he was no longer associated with the company.”
A Microsoft spokesperson said Microsoft had nothing to do with Geer’s dismissal, according to Borland’s report.
Full article here.
This will bring much needed attention to the report. And I trust Dan will find gainful employment – perhaps Apple should offer this guy a job?
Don’t f*cking write bad about St*ve f*cking B*llmer, or else your *ss will get fired!
“A Microsoft spokesperson said Microsoft had nothing to do with Geer’s dismissal, according to Borland’s report.”
ahuh….yeah, right. They’ve had nothing to do with a lot things in the past. Verging on angelic one could almost assert.
Toll Troll: Sure does. It shows somebody really was bothered about the report within the walls of Redmond. It also goes to show how deep their reach really goes. Beware the government-software complex.
A Microsoft spokesperson said Microsoft had nothing to do with Geer’s dismissal, according to Borland’s report.
Is the MSFT spokesperson indicating merely that they did not pressure @Stake to sack Geer? Regardless of the answer, that comment is absurd – of course Microsoft had everthing to do with Geer’s dismissal!
With MSFT being a large client, paranoia at @stake that they might lose favor with Microsoft would be considered “something to do with Geer’s dismissal.”
This is priceless. I hope it gets the press it deserves.
I am willing to bet that @Stake is deep in bed with Microsoft. @Stake has probably in the past been practicing and preaching the Windows world. Now one of their own contradicts what @Stake in preaching, get rid of the rogue minister so to speak.
I am a fan of computer integration not racism.
Oh it’s all corporate politics. Simple as that. All they got to do is threaten the contract at hand (pulling out multi-million dollar contract) and hang up the phone. It’s done.
Why does a 3rd party know more about the vulnerabilities than the company who owns and has the source code? Why does Symantec write antivirus software and Microsoft doesn’t just put that software into the OS ? WHAT AM I MISSING HERE. Are the bright people at Microsoft that clueless?
Why does a 3rd party know more about the vulnerabilities than the company who owns and has the source code? Why does Symantec write antivirus software and Microsoft doesn’t just put that software into the OS ? WHAT AM I MISSING HERE. Are the bright people at Microsoft that clueless? or is Microsoft keeping the OS vulnerable to “CREATE” a market for antivirus software?
No, Jim that just implies that the software is vulnerable to viruses. That’s like me calling Better Business Bureau to be a member…like I already commited a violation.
Rejoice, ndelc! The Friday (9/26) Houston Chronicle included an article on this issue in its Business section.
Boring news today. “Guy gets sacked”. Dull, dull, dull.
Sue them, Geer !!
as far as hitting the news? reuters and AP picked up the story today. it is filtering through the wire today. it will have a big splash in the media!
Not ‘a’ guy. But, which guy. And why?
Oh, and I thought it was Dell Dull Dell ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Until Geer speaks up on this – was he fired, did he quit?, or hires a lawyer all comments are suppositions at this time.
Lets hope this guys sues the pants off of @Stake for everything their worth. I guess it’s time to add ‘Freedom of Opinion’ to the ‘Bill of Rights’. I guess ‘Freedom of Speech’ just isn’t specific enough for these corporate big wigs!
Sorry, DudeMac, the First Amendment doesn’t cover employer-employee contracts. It merely says ‘CONGRESS shall make no law. . . .’ This has been adjudicated to cover state & local governments as well. But it’s quite common for people to sign suffocating nondisclosure agreements as a condition of employment. (In the public sector, ‘national security’ or ‘privacy’ are usually used as excuses. Private-sector corporations don’t need an excuse.) Probably Geer could have been fired for sneezing in public without permission.
That said, his dismissal stinks to high heaven. The top pinheads at @Stake have done themselves, their company, & Microsoft incalculable damage by firing Geer. They can’t even accuse him of revealing trade secrets; any intelligent observer might have said the same things Geer said, based only on information available to the public.
From the Houston Chronicle:
The CCIA trade group also ran into trouble Thursday when it sought to send a paid announcement about its critical report to 140,000 subscribers of popular trade magazines for chief security officers and chief information officers.
The publisher for CIO and CSO magazines, CXO Media, offers such announcements, but in this case, the subject was too touchy.
“We find it is too sensitive of material to send out. I’m sorry to be the bearer of bad news, but I have to deny your request,” according to an e-mail from the publisher obtained by The Associated Press.
well…
It’s probable that nothing will happen to @Stake or Microsoft over this –however, something did happen to Dan Geer. The message is clear: If you are an informed professional armed with relevant facts and research that prove anything anti-Microsoft, you should not open your mouth.
This is so wrong.
MHO
Windows users are at fault. If Micros**t had no reasons to believe they have all those lemmings by their balls it would be more cautious in all its attitude. The fact that Micros**t has proof that Windows users eat Gates’ shit everyday and even ask for more allow them to do whatever with implicit impunity.
“Are the bright people at Microsoft that clueless?”
No, they are just to busy “innovating” products such as iLoo
Makes you question any security company MS hires. Is MS hiring them just so they can SAY we have external security auditors? Or does MS want honesty?
And two points to always keep in mind–the report came from the CCIA, not the employer @stake. And the conclusion that diversity is good for security is just plain good sense–for everyone but MS.
The actual report is quite good–20 pp, 800k PDF–read it here:
http://www.ccianet.org/papers/cyberinsecurity.pdf
(And Greer was one of 7 authors, NONE of whom were from CCIA. The CCIA did not pay for or sponsor the report in any way. They presented it TO the CCIA, who is now disseminating it, having added their own introduction. So the report is not actually by @stake OR the CCIA.)
Also, see more from Greer on the situation here:
http://dc.internet.com/news/article.php/3084381
A quote from p. 13 of the report:
“The near universal deployment of Microsoft operating systems is highly conducive to cascade failure; these cascades have already been shown to disable critical infrastructure.
After a threshold of complexity is exceeded, fixing one flaw will tend to create new flaws; Microsoft has crossed that threshold.”