Now blogging at diego's weblog. See you over there!

what's the solution again?

I was just watching this video of Steve Ballmer talking (supposedly) about how Microsoft is going to solve their security problems.

The summary goes something like this:

Blahblah blah security problems ... blahblah blah hackers get the information from our patches [yeah right!] ... blahblah blah to solve this we need innovation blahblah blah ... and customer education... blahblah blah ... innovation blahblah blah we believe viruses should be stopped before they get to the computer [read: we are not going to fix those memory overflows or our engineering processes, we are just going to give you chain and a couple of locks to put around your house... and if you don't like living in a cage, well, too bad.] blahblah blah ... innovation blahblah blah the whole industry needs to innovate blahblah the solution is innovation... blahblah blah innovation blah blah .... innovation [and it goes on like this]...

So, that's great! Apparently the solution to insecure runtime environments is innovation!

What's the URL for that? Or do I get it on a CD or what?

Seriously, though, I thought it was the performance of a spin-addicted politician, rather than a CEO of a technology company.

I would challenge anyone to explain in two short sentences what, exactly, Ballmer said.

You can't, because he didn't say anything. Pure rethoric. Lots of obvious points ("we need to improve the entire patch management process [...] we have to continue to improve". Yeah, no kidding, Steve). Again, pure rethoric. No content.

I suddenly remembered this excellent, excellent article by Cringely from a couple of weeks ago: The Innovator's Ball. Note this quote:

[...] there is another issue here, one that is hardly ever mentioned and that's the coining of the term "innovation." This word, which was hardly used at all until two or three years ago, feels to me like a propaganda campaign and a successful one at that, dominating discussion in the computer industry. I think Microsoft did this intentionally, for they are the ones who seem to continually use the word. But what does it mean? And how is it different from what we might have said before? I think the word they are replacing is "invention." Bill Shockley invented the transistor, Gordon Moore and Bob Noyce invented the integrated circuit, Ted Hof invented the microprocessor. Of course others claimed to have done those same three things, but the goal was always invention. Only now we innovate, which is deliberately vague but seems to stop somewhere short of invention. Innovators have wiggle room. They can steal ideas, for example, and pawn them off as their own. That's the intersection of innovation and sharp business.

Yes, Microsoft is an innovator and I don't think that is good.


I can't help but compare it to McNealy's keynote the other day. While McNealy is a bit dry as a speaker, he actually talks about solutions. He doesn't descend into useless generalities (I can imagine see Ballmer talking about famine problems in Africa: "eating some food every day is good to stay alive... we need more innovation... people shouldn't have problems to get food.... innovation... we need to improve things ... innovation..."). McNealy doesn't say "let's get more customer education." He doesn't imply that "the way to fix viruses is to hide your computer in the closet and disconnect it from the Internet". He doesn't utter the word innovation every two milliseconds.

It's sad that Microsoft, instead of using their tremendous resources (both human and financial) to actually fix problems and invent new stuff and create new ways of thinking, are more interested in spinning the situation and proposing that somehow the best way to create security is not to fix the obvious and widespread problems in the architecture of Windows, but rather to "not fix the backdoor, but secure the front door" (whatever that means--If the "front door" is also running Windows we'd have a problem again, wouldn't we?).

What's next? Force everyone to stand heavy weaponry next to their Ethernet cards, you know, just in case? (With "customer education" of course: "if your PC is attacked, shoot the cable immediately!" and so on...)


Categories: technology
Posted by diego on September 19 2003 at 12:54 PM

Copyright © Diego Doval 2002-2011.
Powered by
Movable Type 4.37