[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) Silicon.com: Microsoft's 'gagging' policy hits security sector hard




------- Forwarded message follows -------
From:           	Owen Blacker <owen.blacker@wheel.co.uk>
To:             	UK Crypto list <ukcrypto@chiark.greenend.org.uk>
Subject:        	Silicon.com: Microsoft's 'gagging' policy hits security sector ha
	rd
Date sent:      	Fri, 7 Dec 2001 10:28:02 -0000 
Send reply to:  	ukcrypto@chiark.greenend.org.uk

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

| HEADLINE: Microsoft's 'gagging' policy hits security sector hard
| PUBLISHED: 3:48pm on Thursday 6th December 2001
| CHANNEL: Ebusiness security
| AUTHOR: Pia Heikkila
| SERVICE: http://www.silicon.com
|
| TEXT OF STORY FOLLOWS:
|
| Companies outside 'elite' circle fear the worst ...
|
| Microsoft's attempt to stop security experts disclosing the details
| of hack attacks has raised concerns that prices for security
| products and services will soar.
|
| The Redmond behemoth made a deal with a group of security vendors
| last month to stop the open exchange of the code needed to patch up
| breached systems (see http://www.silicon.com/a49019 ).
|
| Vendors excluded from this elite group now face the prospect of
| having to charge their customers more because researching
| vulnerabilities will become more costly for them now they have been
| left out in the cold.
|
| Ofer Maor, senior consultant at security testing company Tescom,
| said: "Microsoft is unlikely to divulge the vulnerability
| information to the security community without a huge premium, which
| means most security vendors will have to do the expensive research
| themselves. The cost will be ultimately taken out of companies' IT
| budgets with price increases as the security vendors need to recoup
| the money spent on research somehow."
|
| Dr Neil Barrett, CTO of security consultancy International Risk
| Management, said Microsoft is trying to corner the security market.
|
| "Microsoft will attempt to control access to vital information,
| which means they can sell it at any price they want to. To me that's
| a monopolistic situation," he said.
|
| Microsoft claims this move is an effort to stop hackers exploiting
| security information, but the experts say the company is not helping
| the IT community in any way.
|
| Maor said: "Microsoft does not understand that hackers don't get
| their [information] from security sites - they swap information
| amongst themselves. Microsoft is trying to disguise its own bad
| software, not help the security community."
|
| For related news, see:
| Microsoft refuses to play security game
| http://www.silicon.com/a48333
| Microsoft retracts sys admin slur
| http://www.silicon.com/a48253
| Microsoft blames laidback sys admins for IIS breaches
| http://www.silicon.com/a48169
|
| To buy related reports or event tickets, click:
| Report: B2B Ecommerce - From EDI to E-marketplaces
| http://www.silicon.com/goto-ecc-sysb2b
| Report: Delivering on the E-promise - Strategies for successful
| fulfillment http://www.silicon.com/goto-ecc-sysdeli
| Report: Enterprise Information Portals - Who are the market leaders?
| http://www.silicon.com/goto-ecc-reent
|
| Want to use silicon.com articles on your site? Go to:
| http://www.silicon.com/feedform/index.htm
|
|
| STORY ENDS
|
| For more information on silicon.com go to http://www.silicon.com.
|
| silicon.com - the who, what, when, where and why of ebusiness

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
Comment: Due to RIP, pls check for revocation before using this key!

iQA/AwUBPBCYvUIjmaa0joBeEQIYTgCfWtCrR6LLdY0tGnwGXsQpCG5ZcugAnjjZ
hpD4gvRJJkzryxuGN/E1kZzy
=JT+N
-----END PGP SIGNATURE-----

_____________________________________________________________________
This message has been checked for all known viruses by UUNET delivered 
through the MessageLabs Virus Control Centre. For further information visit
http://www.uk.uu.net/products/security/virus/



------- End of forwarded message -------

-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de