Trustworthy Computing at (Almost) One Year: Microsoft’s Mundie and Bowden Report on Progress



Caspar Bowden, Senior Security & Privacy Officer, Microsoft EMEA Region. Credit: ICD Photography

Paris, Oct. 8, 2002 — In January of this year, Microsoft chairman and chief software architect Bill Gates unveiled the companys initiative on Trustworthy Computing, which was widely described both inside Microsoft and throughout the industry as a major call-to-action for the company. Gates stated that people should expect computing with greater security, availability, and reliability than they currently experience — and that Microsoft and the industry had to provide this greater level of trustworthiness if computing was to truly become ubiquitous and helpful to everyday life.

Today, nearly nine months later, Microsoft chief technical officer Craig Mundie is scheduled to deliver the keynote address here at the annual European RSA Conference, Europes largest gathering of security-industry professionals. Mundie is expected to discuss Microsofts efforts and achievements over the past year, and to provide a roadmap to the future.

To get a preview on the status of Trustworthy Computing, PressPass spoke with Mundie and Caspar Bowden, the companys recently installed senior security and privacy officer for Microsoft EMEA, Microsofts organization for Europe, the Middle East and Africa.

PressPass: Could you recap Microsofts take on Trustworthy Computing?

Mundie: Trustworthy Computings goal is to make computing as intrinsic to the productivity and enjoyment of life as water, electricity, or any other utility that we can take for granted. Thats an ambitious goal and getting to it is a multi-dimensional issue in multiple ways.

First, we recognize that we cant do this alone, and that making computing more trustworthy is an industry-wide problem that must be addressed by us, our partners and industry participants overall. But its also one with tremendous implications for Microsoft, and we have completely refocused the company in a profound way to make Trustworthy Computing our number one priority. Second, “security” and “Trustworthy Computing”
are not identical. Security is a key component of what we call Trustworthy Computing, but its only a component — along with privacy, availability, reliability, and the integrity of the company supplying the technology.

Third, while many Trustworthy Computing issues are global in scope, its also true that regions like Europe have some concerns that are distinct from those of the U.S. and that even within Europe, there are multiple takes on some issues. We are sensitive to that. Finally, while were engaged in a major effort that has already begun to bear fruit, making computers trustworthy is a complex, long-term problem that may take a decade or more for the industry to satisfactorily address — and even then it will require continual efforts to maintain that level of trustworthiness.

PressPass: About those regional differences what are they and how are you addressing them?

Bowden: For example, Europe really took the worldwide lead in the issue of data privacy protection. Our participation in the European Unions Safe Harbour Agreement is an example of our listening and responding to European concerns. And because of our belief in the protections it affords, weve made it the bedrock of our policies and voluntarily subjected all of our data, worldwide, to the Safe Harbour guidelines. At the same time, there are issues on which European views vary from country to country, such as how to safeguard data that may be used for purposes other than those for which it was legitimately collected.



Craig Mundie, Senior Vice President, Chief Technical Officer, Microsoft

Mundie: In fact, Caspars appointment as senior security and privacy officer for Microsoft EMEA — he comes to us from the Foundation for Information Policy Research, a leading think tank in the United Kingdom for privacy and security issues — is an example of how were addressing Trustworthy Computing concerns outside the United States. So is the existence of our broader Trustworthy Computing team, created specifically for EMEA, on which Caspar serves.

Bowden: People I talk with here in Europe have noticed that Microsoft is addressing Trustworthy Computing, but I think theres a healthy degree of skepticism about the seriousness and extensiveness of our efforts. People want to see proof points about the work were actually doing in this area, and I think thats reasonable, given the overwhelmingly important nature of the issue.

PressPass: OK, then lets address that. What are examples of the progress youve made on Trustworthy Computing over the past year?

Mundie: The most visible proof of Microsofts commitment to Trustworthy Computing is what weve done in the area of security. Weve invested more than US$100 million to completely refocus our development process and support operations to build products that are secure by design, secure by default, and secure in deployment. In virtually every major product group throughout the company — from Windows and Microsoft Office to Visual Studio tools, Microsoft .NET Enterprise Servers, and more, covering more than 10,000 developers — we put development work on hold, conducted intensive security training, threat modeling, and source code review, addressed the issues we found, and only then continued development.

We turned off or reduced more than 30 settings in Windows .NET Server to make it more secure by default. Weve taken similar actions with Windows XP and Microsoft Office XP Service Pack1. To ensure that our products are more secure in deployment, weve spent an unprecedented amount to create security-focused courseware available worldwide, and to offer tools and technologies such as the free Microsoft Security Toolkit, Software Update Service, Microsoft Baseline Security Analyzer, and much more.

PressPass: What about the other pillars you mentioned?

Mundie: We have clear progress on these, as well. Windows 2000 Server can provide
“five-nines”
reliability [99.999 percent uptime] and Windows XP is the most reliable consumer product weve offered.

Bowden: On the privacy side, our worldwide policy on data protection and privacy is a model for the industry and were using internal audit tools to ensure compliance with it. In addition to our EU Safe Harbor compliance, we build standards-based privacy technology into our products, such as P3P compliance in Internet Explorer 6.0. And our Windows Media 9 Series technology goes beyond any competing product in the market in putting privacy controls into the hands of consumers.

Mundie: On the business-integrity pillar, we designed the online registration for Windows XP so that users dont have to provide personally identifiable information and then we hired outside auditors to confirm this through a review of our code.

PressPass: But can you demonstrate that this effort is translating into higher levels of Trustworthy Computing for users?

Mundie: Absolutely. For example, weve become far more vigilant about reviewing code and making security updates available; thats enabled customers to respond to these issues proactively, reducing the problems they actually experience. As another example, weve seen a real decrease in the number of mail-borne virus epidemics by making changes to Outlook 2002 in Office XP so that its virtually impossible for users to be victimized by such attacks when they maintain the default settings.

PressPass: So are you ready to declare victory in Trustworthy Computing yet?

Mundie: Not by a long shot. Well never be able to stop focusing on Trustworthy Computing, because there will always be new issues, new threats. But we will achieve systems with the degree of trustworthiness that customers want and need for the ways theyd like to use computers and the Internet. To get there, Microsoft is focused on short-term efforts including the code reviews I mentioned. New Windows code were developing to be more secure from the ground-up is one of our mid-horizon projects. And the basic research were conducting with academics worldwide will help guide our long-term thinking over the next five to 10 years. Its a real mix of simultaneous projects on varying timelines.

These horizons stretch off into the future. But the reality today is that we are already writing and delivering software in entirely new ways that mean greater security, greater reliability and greater privacy for our customers. This is the beginning of a long-term, permanent change for us.