- Protecting yourself from a new online scam
- Diary of a deliberately spammed housewife
- Silly Internet traditions: A concise history
- How to avoid laptop loss at the airport
- Top 10 worst uses for Windows
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
The aftereffects of the W32.Blaster worm that have beset Microsoft during the past two weeks have been particularly painful for Jim Allchin, a self-described perfectionist. The vice president of Microsoft's platforms group spoke last week with Computerworld about security matters and his belief that the company has to come up with a "new approach."
What sorts of plans are you formulating to deal with the effects of the Blaster worm?
I personally have spent a lot of time on this, because I think I've concluded that we have to take a different tack than what we've been taking. I have nothing to report now, but you can stay tuned because. ... I've had enough, and I'm going to do something about it. We have a team trying to propose some new approaches on this.
Are you talking about internally holding individuals or groups of engineers accountable for specific code vulnerabilities?
No. All software has problems. We have to come at it with a different approach, and just stay tuned.
When analyzing the Blaster case, what did you find when you did your analysis, beyond the fact that some people didn't install a patch a month ago?
If everybody had the patch on in the entire universe, fine. But the question is: Can you really expect anybody to do that? I think that it's a very difficult proposition to expect people to do that perfectly. If it's done perfectly, you're home free, and frankly I've talked to companies that did it perfectly.
But let's suppose you didn't. What are the downsides of having one hole?
One machine gets into your environment, and you've got a problem. If your perimeter protection doesn't save you, then it's inside, and let's suppose there are just a few machines that haven't been patched for whatever reason. They were laptops. They never connected up to get the antivirus signatures, or whatever. I think we're going to have to come at it from a different approach (than) expecting perfection by the distribution, even though we're going to give great distribution technology.
Is it something that we can expect to see this year, or next year?
I don't know.
But there will be some form of technology that you will offer to IT professionals?
That's right.
And whether that's going to be a separate product?
I don't think (it will be) a separate product.
- on-demand, instant resourcing: you can request 200 new compute instances and you can get them, there...- Craig Balding
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment