BBC News: security didn’t matter to Microsoft until users started looking for alternative OSes

“David Aucsmith is Microsoft’s security architect, and he came to London this week to ask forgiveness for his company’s former sins,” Bill Thompson writes for BBC News. “Speaking to an audience of senior police officers and security professionals at the E-Crime Congress, he admitted that when Windows 95 was released to the world it came with no security features at all.”

“Microsoft admits that it did not think about protecting users from hackers, viruses, worms and other malware. It did not worry about keeping personal data safe, or personal computers secure,” Thompson writes. “Yet the world was hardly safe in the early 1990s, at the time Windows 95 was being designed and built by Microsoft’s developers, including the great software architect himself, Bill Gates. There were viruses.”

Thompson writes, “Getting security right did not matter to Microsoft when users did not seem care about it, but it matters now because it could give individuals, organisations and governments a reason to move from Microsoft’s operating system to another, whether Mac OS or a Unix variant. And if Microsoft no longer provides the operating system, everyone has far less reason to buy their application software, even if it would run on top of the alternative platform.”

“There are good reasons why Unix – and Mac OS, which is now built on top of a version of Unix – is more secure and less prone to virus attack than Windows. Perhaps the most significant is that Unix was designed from the start as a multi-user system on which files and programs belonging to different people would need to be kept separate from one another, and this gives it a security model which has evolved to meet new challenges. But this also provides a model which Microsoft can emulate in its new releases of Windows, under development today,” Thompson writes.

Full article here.

18 Comments

  1. Wow! Hello lawyers! Here is one BIIIG class action suite waiting!! Any greedy lawyers here?
    Oh Joy ” width=”19″ height=”19″ alt=”smile” style=”border:0;” /> More entertainment!

  2. This is fun fun ” width=”19″ height=”19″ alt=”smile” style=”border:0;” /> I’ve read that BBC article now ten times and posted that link to all different magazines faster than PC infected with spam virus =)

  3. the authors last comment was quite foreboding,
    “Of course, if Microsoft is willing to admit that it just ignored all of the known threats and built a completely open system back in 1995, we may want to ask ourselves what sorts of confession we can expect about Windows XP in 10 years time.”
    Now THAT’S a scary thought.

  4. treadlightly

    Not yet. I want them to be the last to know this. So that they look completely idiots next time when they speak about Winshit being better than Apple ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
    Then we can brake the news for them. I would like to tell this though.. Should we??

  5. Yes there is a unix security model that microsoft bought and paid for, what else do you think microsoft is doing with the Code they bought from SCO. Apple went to BSD begining’s for it’s new operating systems, and it took them years to get it ready. and then a few more to get it great, Longhorn is 3 years away, another 2-3 to get it useful(not great) and away we go. Unless of course, it comes out in a year that SCO didn’t have the right to sell to Microsoft ad longhorn needs to be scrapped.

  6. This begs the question of why IT departments are replacing UNIX servers with Windows 2000 and Windows 2003 servers. Maybe given this admission, a class-action lawsuit could be launched against for Microsoft for damages based upon KNOWN security issues with their software.
    If BSD Unix is the safest OS out there, why would anyone desire to replace it with a LESS secure OS at the very time that the security of systems is becoming more and more important. Where are the blood-sucking lawyers when you need them?

  7. Give the clueless a break.
    The clueless use Windows, when they get burned enough,
    they will switch to BSD or OS X.
    People learn at different rates,
    you have to respect that.

  8. So, can we stop with security through obscurity? MS just plainly admitted that their security is based on insecurity through neglect.

    “This begs the question of why IT departments are replacing UNIX servers with Windows 2000 and Windows 2003 servers.” – NoPCZone

    I have said this many times: the purpose of IT support has changed. No longer do they support any computer with which any user feels comfortable and productive. It’s no longer about a company as a whole. They simply support the IT department itself by trying to make themselves more important and they simply care more about themselves than the users. Your MSCE means nothing in a company that is 100% linux or UNIX or OS X. You are less important when users have less problems with computers. Your ego takes a beating when a lowly secretary troubleshoot a complex machinary called a computer when you actually have to be trained to do so. So, what to do? Standardize on an OS that gives you the best position: Windows. Costs have nothing to do with it, it’s company’s money. Easy support has nothing to do with it. Only power.

  9. Bill Gates is not a “great software architect”. He is a copying drone with great ruthless, unscrupulous business habits.

    Plus if you have ever seen him live you will have to admit he is one of the most un-cool guys you have ever seen. The guy may be way rich but he is a total dofus and a dork.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.