News

News Analysis: OS Delay a Good Sign for Trustworthy Computing

• By Scott Bekker
• 03/04/2002

Microsoft is pushing the ship date for Windows .NET Server from the first half of this year until the second half. Part of the reason is to ensure a proper security review, mandated by Microsoft's Trustworthy Computing initiative that Bill Gates took up in his January memo.

The Windows .NET Server family, previously known as Whistler and Windows 2002, is the follow-on to the Windows 2000 Server family. By all accounts, including Microsoft's, the Windows .NET Server family is an incremental release. A delay does not cause the industry shockwaves that the frequent Windows 2000 delays sent out.

The main enhancements of the new version are improvements to the Active Directory and the integration of the .NET Framework into the operating system.

The Active Directory enhancements are important improvements to what was essentially a 1.0 product in Windows 2000. However, widespread industry adoption is happening slowly, and the current implementation of Active Directory, shored up by third-party tools, works well.

Windows .NET Server will be the first Microsoft operating system to natively include the Windows .NET Framework that provides the foundation for Microsoft's Web services. A delay is not a huge problem for two reasons. One: Microsoft's Integrated Development Environment for Web Services, Visual Studio .NET, just shipped, so it's going to take awhile for developers to create applications that need the Web services runtime. Two: Users can load the .NET Framework onto Windows 2000 Server today if they need the runtime.

Add to that a prevailing industry opinion that Microsoft was forcing an upgrade on customers too quickly with Windows .NET Server after releasing its game-changing Windows 2000 products just two years ago. Fallout in IT from a Windows .NET Server delay is not great, but the potential benefit is very large.

Microsoft is beginning to understand how important security is to IT. The Gates memo is only the most dramatic and far-reaching of several security initiatives Microsoft launched in the last year.

The teeth of the Trustworthy Computing initiative are in the code review of products in development. Initial reports called for a month of intensive review in February. Later, Microsoft confirmed that the operation would take place on a schedule, with some products getting reviewed later and potentially for longer.

The Windows .NET Server family is a perfect example of a product that needs more than a month of review. The product is based on Windows 2000 with its millions of lines of code. The job is even more daunting when you consider the thousands of interacting components Microsoft defined when simultaneously preparing the embedded version of the Whistler servers.

A quick-and-dirty, month-long review, just to give Microsoft the PR value of being able to say they did it, accomplishes nothing for IT and could blow up in Microsoft's face.

Microsoft may have learned this lesson from Visual Studio .NET. The company released its flagship developers' suite according to its previously announced schedule. Microsoft officials boasted that it was the first product to undergo a Trustworthy Computing code review. Then, around the same time as the launch, an independent security company published a well-documented charge that one of Microsoft's security fixes in Visual Studio .NET actually introduced some security problems.

In light of that, Microsoft's decision to derail the Windows .NET Server shipping schedule for a real security assessment is a positive step toward security improvements.

There are two important proof points to keep an eye on as the process continues. First, watch for Microsoft to remove some of the whiz-bang features of Windows .NET Server. A serious code review should discover problems with some of these features that will require Microsoft to take them out in order to keep close to its new shipping schedule.

Second, watch for a late 2002 or even early 2003 release of the Windows .NET Server family. If the operating system ships much earlier than that, you have to wonder how deeply Microsoft waded back through the code. That's especially true since Web services will require stronger security than in the past. Applications will be talking with each other, interacting and swapping data more than ever before. This introduces a raft of potential vulnerabilities.

Even with these two tests, a serious security review will not provide a cure-all. Microsoft's business model has not been based on secure products; the company's success is built on delivering user-friendly and feature-rich products.

Re-engineering code written primarily for feature-richness and user-friendliness to prioritize security instead cannot uncover or fix all security problems. A bottom-up rewriting of the operating system is probably necessary to deliver the best available security. That kind of a rewrite may never be in Microsoft's business interests.

Nonetheless, Microsoft is definitely taking a good step with the Windows .NET Server delay.