Problems with Vista Security in Europe


I was wondering when this issue was going to come up in the anti-trust discussions. It seems as if the EU commission is raising concerns that the 'bundled' security features of Microsoft Vista might block out competitors in the security space.


To me, (and I'm really trying hard to not be bias here), the decision to add additional security requirements and features to our products is one that is completely driven by our customers, not by some hidden agenda to wipe out a competitor.


Back before the days of the TrustWorthy Computing Initiative at Microsoft, our customers spoke in very clear terms to Mr. Gates that security was of their biggest concerns when using Microsoft products. As a result of this customer feedback, Microsoft has spent the last ~5 years completely re-vamping the way it develops software through structured security engineering and the SDL (Secure Development LifeCycle) procedures.


I don't want to trivialize the concerns of the EU commission or Microsoft's need to comply with their rulings, however; to me, this is clearly a case of Microsoft taking action against a Threat Model which showed a vulnerability that required a certain set of mitigations.


 


 


Comments (0)

Skip to main content