[PLUG] Fwd: Microsoft Quality

[Jeff Weisberg <jaw+plug@tcp4me.com>]

Forwarded-by: "Rex Burkheimer - WM" <rex@txol.net>

It was recently reported in eWeek that "A senior Microsoft Corp.
executive told a federal court last week that sharing information
with competitors could damage national security and even threaten
the U.S. war effort in Afghanistan. He later acknowledged that some
Microsoft code was so flawed it could not be safely disclosed."
(Emphasis added.) The follow up from Microsoft is even better: As
a result of the flaws, Microsoft has asked the court to allow a
"national security" carve-out from the requirement that any code
or API's be made public. Microsoft has therefore taken the position
that their code is so bad that it must kept secret to keep people
from being killed by it.

During his second day on the stand, Allchin conceded that Microsoft
has already identified at least one protocol and two APIs that it
plans to withhold from public disclosure under the security carve-out.

The protocol, which is part of Message Queuing, contains a coding
mistake that would threaten the security of enterprise systems
using it if it were disclosed, Allchin said.

When Kevin Hodges, attorney for the dissenting states, asked him
how many APIs would be exempt, Allchin said he did not know the
exact number, but it would include APIs that deal with anti-piracy
and digital rights management.  Microsoft has already identified
APIs involved with Windows File Protection that would be withheld,
he said.

When pressed for further details, Allchin said he did not want to
offer specifics because Microsoft is trying to work on its reputation
regarding security. "The fact that I even mentioned the Message
Queuing thing bothers me," he said.


______________________________________________________________________
Philadelphia Linux Users Group       -      http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion  -  http://lists.phillylinux.org/mail/listinfo/plug