He was keen not to make any grandiose claims for Palladium, Microsoft's controversial proposal for a future secure architecture based on public key cryptography. "Palladium is a long term project, not something you can buy in the shops," he commented. "It is several years off." Critics of Palladium see it as a way for Microsoft to integrate software and hardware more closely and limit the software that will run on its systems, as well as introducing Digital Rights Management which will limit the ways content can be treated by the system -- in other words more to do with securing Microsoft revenues than user data. But Adler believes it will bring something new and less controversial. Ultimately, he expects Palladium to be routinely used to provide users with PCs that they automatically trust for such tasks as visiting bank sites for transactions. "Nowadays when you buy a car, it will have immobilisers but no steering lock. If you want a steering lock, you have to understand it, buy it and fit it yourself," he said. "There are a combination of things that allow us to improve the system." The milestones of the Trustworthy Computing initiative will be Service Pack 3 for Windows 2000 and Service Pack 1 for Windows XP, he said, as well as a revamp of several security tools, coming before the end of the year. In future the security aspect will not slow development: "There will be payoffs in future versions," he hoped. "We can back port things to previous versions, although patching will always be with us." But can you ever make a system completely secure? Surprisingly, Adler thinks you can, but only at the cost of functionality. "Once you reach a certain level of maturity, there are no exploits for hackers to take advantage of," he said. "If you stop adding features, you could go through and eliminate all vulnerabilities till the weaknesses are approximately zero." "However, there are always new problems to solve," he said. Applications have to deal with new demands, and so Microsoft, even if it swore off new features, would be forced to deliver them. Microsoft versus open source
When posed the question "Who is best, Microsoft or open source?" Adler replied "I like this debate. There are enough proof points to show that proprietary source code can be as secure as open source code." He noted that a recent bug in Apache was accompanied by public debate over whose job it was to fix it (perhaps not that different from what might happen inside a software company, of course). "Who will fix and distribute a patch?" he asked pointedly. "Who does the reviews of open source code?" "One proof point I would like to point out is this. The CERT [security watchdog] site has information about a buffer overflow bug in Kerberos [a widely used security software component]. The bug has just been found in code that has been in use for ten years." Other bugs have been found in DNS services. "This is important code," he said. "Where is the QA process? Just because code is available, there is no proof that someone has reviewed it." "We have a process in place to fix vulnerabilities," he said, indicating the Microsoft Security Response Centre, established for some years, (mailto:sec@ms.com). "It's open 24x7, and triages all the alerts it receives, so urgent calls get dealt with. It's like a Microsoft CERT -- it notifies CERT of any problems and their resolution." "If a user notifies us of a vulnerability and there are no fixes, it goes to engineering for a quick fix," he said. "Typically there is a patch out within 24 hours. We have a good process internally to respond to vulnerabilities and get patches out to the marketplace." With all this coming out of Microsoft's Redmond HQ, it is tempting to wonder if there is enough of a European angle to justify Adler's role, but he claims to have an active part to play in the future development of Microsoft's trustworthy computing push. "We look at EC digital signatures legislation, and how to comply with it. It's my responsibility to feed stuff back to the EC on meeting the requirements." Clearly, Adler can talk the Microsoft security talk, but can Microsoft walk the walk?
Have your say instantly in the Tech Update forum.
Find out what's where in the new Tech Update with our Guided Tour.
Let the editors know what you think in the Mailroom.
