Click here to receive your FREE subscription to Campus Technology
Featured News
Trustworthy Computing: Examining Trust
3/11/2008
Security Development Lifecycle. Progress is already being made in these areas, but there is much work still to be done."Trusted Versus Trustworthy: What's the difference?
It was 2002 when Microsoft first co-opted the term "Trustworthy Computing" as catchphrase in its efforts to shore up public trust of its IT market offerings. But Redmond needed a conduit to the consumer and business procurement customer base, people who were in the trenches. This is what led to the formation of the advisory board a year later.
After that the company focused on gathering information to improve its performance in four core areas: security, privacy, reliability and business integrity.
All agree that the initiative both altered and sharpened Redmond's focus within the confines of its internal development paradigm, but it also raised the eyebrows of some questioning its aims.
"First off let me say that it would be unfair to say that there hasn't been progress with this group," said Michael Cherry, an analyst with Directions on Microsoft, an independent think tank tracking Microsoft's strategic endeavors since 1992. "I think the issue is that there's no metric to truly measure security. Security is not a fixed end point and that's the main challenge with Microsoft and its products going forward."
Add to that the fact that Trustworthy Computing can be an ambiguous distinction, different altogether from Trusted Computing. According to the National Security Agency, arguably the biggest, most thorough anti-hacker operation in the world, a software or operating system can be "trustworthy" but not "trusted." On the other hand, it can be deemed "trusted" but not "trustworthy." The exact denotation found on the NSA's Web Site. It says a "trusted system" is one vulnerable to attacks and not foolproof, a system that while secure in some areas can still be compromised by hackers. Conversely, a "trustworthy" processing environment is considered virtually impenetrable and "will not fail."
This is certainly not the case with Microsoft's Vista OS, as 49 percent of respondents in a recent survey by Virus Bulletin said Vista has not made they're system safer. For the remainder of the responses, 26 percent said the OS did make their system safer and more telling, 25 percent didn't know.
In Microsoft's defense, TCAA board member Richard Kammerer of UC Santa Barbara, who has been involved in IT security since 1976, says it's not so much a technology problem as a "crime problem" facing such a large software company.
"Microsoft is in the same boat as other software vendors," he said. "Is there such a thing as one-hundred percent secure? Of course not."
Kammerer went on to say that in the board's work throughout its duration, Microsoft has been very open -- in fact, more than he thought it would be.
"When we ask to see something they usually show it to us. And if we discover something through another channel and ask them about it, they usually show it to us. You can't put a grade on their products after five years; there are too many products to grade."
Recommended Reading
- Fixed-Mobile Convergence: Dartmouth Beefs Up Cell Coverage, Cuts Costs
Problems with cell phone coverage aren't uncommon on college campuses. There are two main reasons: The beefy structure of historic buildings can block cellular reception within walls, and, on more remote campuses outside cities, signal coverage can be light.
- Thompson Rivers U Deploys Unified Digital Campus for ERP
Thompson Rivers University (TRU) in British Columbia has selected SunGard Higher Education's Banner Unified Digital Campus (UDC) to integrate its ERP systems.
- DV Kitchen Web Video Publishing System Released
DVcreators.net has released DV Kitchen, a new video encoding and publishing application for Mac OS X designed specifically for creating materials to be posted on the Web.
- NEC Debuts 4 Education Projectors
NEC this week debuted four new projectors targeted toward education applications, along with a new MultiSync LCD display. The new NP-series projectors are entry-level models started at $899 but are designed to provide high light output, support for closed captioning, and built-in networking capabilities.
- Security Researchers Uncover Spring Framework Vulnerability
Software frameworks are enjoying enormous popularity these days among a range of developers. It's popularity well earned; frameworks provide powerful tools for building more flexible and less error-prone applications. They generally enhance developer productivity with out-of-the-box functionality. And they can free developers to focus on features instead of common coding tasks.
- 3PAR Server Arrays Integrate Fat-to-Thin Processing
Utility storage provider 3PAR has announced the release of the 3PAR InServ T400 and T800 Storage Servers. The new hardware is built on the company's third-generation InSpire architecture, featuring the 3PAR Gen3 ASIC with integrated fat-to-thin processing.
