Return-Path: <sentto-279987-4784-1023467417-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Fri, 07 Jun 2002 09:34:08 -0700 (PDT) Received: (qmail 3438 invoked by uid 510); 7 Jun 2002 16:30:39 -0000 Received: from n21.grp.scd.yahoo.com (66.218.66.77) by all.net with SMTP; 7 Jun 2002 16:30:39 -0000 X-eGroups-Return: sentto-279987-4784-1023467417-fc=all.net@returns.groups.yahoo.com Received: from [66.218.67.195] by n21.grp.scd.yahoo.com with NNFMP; 07 Jun 2002 16:30:17 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_3_2); 7 Jun 2002 16:30:17 -0000 Received: (qmail 18555 invoked from network); 7 Jun 2002 16:30:16 -0000 Received: from unknown (66.218.66.218) by m2.grp.scd.yahoo.com with QMQP; 7 Jun 2002 16:30:16 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta3.grp.scd.yahoo.com with SMTP; 7 Jun 2002 16:30:16 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g57GXMX03992 for iwar@onelist.com; Fri, 7 Jun 2002 09:33:22 -0700 Message-Id: <200206071633.g57GXMX03992@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 7 Jun 2002 09:33:22 -0700 (PDT) Subject: [iwar] [fc:Feds.Seek.Better.Microsoft.Security] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.0 required=5.0 tests=DIFFERENT_REPLY_TO version=2.20 X-Spam-Level: Feds Seek Better Microsoft Security By D. Ian Hopper, Associated Press, 6/4/02 <a href="http://www.washingtonpost.com/wp-dyn/articles/A59179-2002Jun4.html">http://www.washingtonpost.com/wp-dyn/articles/A59179-2002Jun4.html> Government technology officials, tired of security holes in Microsoft's products, are discussing whether to use their collective purchasing power to force changes in the way the software giant does business. Their efforts got a boost Tuesday when consumer activist Ralph Nader joined the cause in a letter to the White House saying that changes in purchasing policy may be more effective and palatable to the administration than antitrust sanctions. The Bush administration gave a cool response to the four-year antitrust case against Microsoft, which it inherited from the Clinton administration, settling it last year on terms that many critics found too weak. The government is "going to have a harder time explaining this proposal away," Nader said. "This deals with taxpayer efficiency, promoting competition without resorting to regulation, and national security." It is a long-simmering problem among government officials, where almost every office from the smallest cubicle in Washington to aircraft carriers at sea use Microsoft's Windows operating system and its software - and are forced to install frequent security fixes. The White House Office of Management and Budget did not respond to a message seeking comment. In an earlier interview, however, an OMB official said federal officials have discussed how to deal with Microsoft's security problems. "We haven't gone to them as a united front yet. That's one of the options," White House Information Technology chief Mark Forman said late last year. "This is actually much bigger than just Microsoft." Since then, the government's top computer officials have said they have been too busy with other computer security issues to confront Microsoft about the problem. Microsoft declined to discuss its conversations with the government. "We think that if Mr. Nader took a close look at the software industry he would find that no one delivers more technology at affordable prices to empower consumers worldwide," company spokeswoman Ginny Terzano said in a statement. While Nader's proposal also deals with ways to control Microsoft's power, federal officials are focused on security holes. "All of us rely on Microsoft to a greater or lesser extent, and we all wish Microsoft did a better job on security," said David B. Nelson, head of computer security at NASA. Most commercial products are made for business and consumer customers, Nelson said, and the growing number of software gadgets added into Microsoft products is a headache for federal computer buyers. "They come with all kinds of bells and whistles and every bell is a vulnerability," he said. Microsoft has taken some of the concerns to heart. After being embarrassed on an almost regular basis by security flaws in its products - including a debilitating problem found in its latest Windows XP operating system just days after its release - it began a companywide training program on security issues earlier this year. Open-source operating systems like Linux, which makes its software blueprints free to the public for inspection and changes, have made some headway in the government for use on large servers that store software and Web sites. A recent study completed for the Pentagon by Mitre Corp. recommended further use of open-source computing systems on the grounds that they are less vulnerable to computer attacks and far cheaper. Microsoft, which does not widely distribute its source codes, disputes that conclusion. The Nader letter, also signed by James Love of the Nader-founded Consumer Project on Technology, suggests the government should place limits on the number of Microsoft products it buys, dividing the federal pot among Microsoft, Apple, IBM and other companies. Decades ago, government computers ran proprietary, often outdated, software. While Microsoft's ubiquity increases the possibility of viruses, officials have said it also ensures that workers in different agencies will be able to share files among themselves and with others. The letter suggests the government could push Microsoft to make changes, using that market share limit as leverage. Many of the changes - such as more technical disclosure and making its products available on competing operating systems - mirror those suggested during the antitrust case and championed by the nine states still suing Microsoft. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Save 30% on Web addresses! Get with the times, get a web site. Share information, pictures, your hobby, or start a business. Great names are still available- get yours before someone else does! http://us.click.yahoo.com/UBc4BA/nFGEAA/Zr0HAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT