Microsoft to Clean Up Code 466
the_pooh_experience writes "Microsoft has decided to beef up their security group by adding a code cleaning group according to Infoworld. As the director of MS security engineering says: 'Microsoft is a long way from its ultimate goal where users can take security for granted in its products...the majority of viruses written attack Microsoft products.'" The new group is called Security Engineering Strategy and while it may seem long overdue to many, it's still a step in the right direction for the folks in Redmond.
Doesn't look like they'll fix existing code (Score:5, Informative)
Second, there are only ten people on this task force. Will they have enough time to fix the programming methodology for all Microsoft software? Somehow, I doubt it -- and it doesn't take much imagination to guess that the Mac products, for example, aren't likely to be the primary targets, as well as any spyware that Microsoft finds convenient (*cough*WMP
So it's a step in the right direction but I think they need to use more manpower to solve this problem. God knows they have plenty of it. Until they do, across the board, I don't think many of us will ever trust Microsoft's security. (I'll leave the question of trusting Microsoft itself to another discussion.)
-- shayborg
Re:Credit Where Due (Score:5, Informative)
Microsoft also got hit a lot harder every time they claimed some semblance of security. They've learned their lesson, albeit slowly. Now they only claim to be working on improving security, considerably different than Larry's claims.
woof.
Re:Port to Java! (Score:3, Informative)
Nope, don't think so... I develop on 1.4.1, and my stuff runs fine on 1.2.2 and up.
Re:Fat Chance (Score:5, Informative)
Remember, Security is Job 1! (Score:2, Informative)
In all reality, if they want to fix their security, they need to fix the way they view data and process. They blur the lines between the the two way too much. They also encourage the users to blur the line between the two as well.
If they truely want to make a more secure OS, they need to remove the ability to run code from every form of document you cvan make with their code. Macros are nice but when they let you have full access to the system and it's resources they are deadly and the biggest security hole you can ask for!
I should not be able to run full blown basic apps just by opening a word doc, email, spread sheet or whatever.
Comment removed (Score:2, Informative)
Re:Credit Where Due (Score:1, Informative)