Nevertheless, he understands why not all Microsoft developers were satisfied with the explanation.
"I'm also sure Ford wasn't too happy with (Ralph) Nader's reports in the late '60s," he said. "What do you mean you are telling people our cars can blow up?"
By the end of the two days, those on both sides felt they had just scratched the surface and were more than willing to meet again.
And executives such as Toulouse and Anderson said they came to a better understanding of what makes hackers tick.
"We have conversations where we say an attacker might do this or an attacker might do that. Now there is a face to some of those guys," Anderson said. "They were just as much geeks as we were."
The next time a Blue Hat event is held, as promised by Microsoft, Kaminsky said he would jump at the chance to return — assuming Microsoft lets him back.
"I'll be there next time, no matter what," he said. "I have some really interesting and devious plans coming up."
Talkback
If security is really that important to Microsoft then why can't their heavily budgetted dream "we invented everything, others are just trying to copy us" R&D team come up with fixes that work on both XP and W2K? Or even quick and dirty patches like IE7 for that matter?
Why is it always: if you want real security then buy our next/current product? But wasn't that one of the reasons why you bought the current/previous one?
Another thing. Blue hats might give an impression but are not the actual thing Microsoft needs to defend its products against. Again Microsoft managed to motivate those that can to make the next slap-in-the-face that much harder. And with tons of Microsoft engineers thinking that they only need to defense against Blue hat level of attacks (given that that is the focus of their management currently) things will become interesting in time.
How would the world fare if the black hats decided they hated Unix based systems as much as Microsoft????????
People have a choice in Life to do the right thing, cyber crime is no different to normal crime, people choose to commit not because they see a crappy front door on the house, but because they are criminals and thats what satisfys them.
Far be it from me to take Microsofts side, i think QoS is the most imporatant thing, because its your innocent customers who get hurt not a Company that is already making more money that most on the planet in a week.
So i think as a community of mixed cultures (Linux, Windows, Solaris, etc) we have a responsibility to our customers to stop the friggen criminals from damaging our crap by making the best system we can, and then support it, but quit fighting and bitching about he's better or worse or whatever, and lets get some unbreakable Opearting System code on the market, it is the year 2005.