So Bill Gates has been bitten by the security bug and has sent a memo to all his employees. That’ll certainly make us all feel more secure. After all, wasn’t it the famous Gates memo in 1995 that led to the discovery of the Internet? You know, that memo that came out a month after Gates said Microsoft Corp. wasn’t interested in the Internet.
It is good to know that Bill reads my Network World on Windows Networking newsletter, though. The Dec. 31, 2001 issue suggested some New Year’s resolutions for Microsoft, the third of which stated in part: “You need to take security more seriously than user-friendliness.” This was echoed nicely by Gates’ most recent memo: “. . . when we face a choice between adding features and resolving security issues, we need to choose security.”
Gates’ vision has driven Microsoft for all these years. That vision has been to make the user’s experience richer while providing him with all the tools he needs – and then some. Where the vision faltered was in assuming that the user in question was as technically adept as Gates and his buddies.
The emphasis on user experience also caused Microsoft and Windows to lag far behind when it came to networks. It was well into the ’90s before the release of Windows for Workgroups signalled Microsoft’s discovery of the departmental network, while some say it took the release of Windows 2000 to let Microsoft be considered as an enterprise network company.
Reining in the urge to provide more and more ease-of-use functions (many of which provide the basis for the security exploits launched against Windows) will be very hard for the programmers, engineers and designers in Redmond. For a dozen years, the bonuses and rewards have gone to those who create new and “better” ways to automate the mundane tasks a computer performs. Better, in this context, usually meant “hidden from view.”
It is going to be difficult, but, like U.S. President George W. Bush on Sept. 12, Gates will have most of his biggest critics lining up behind him to help send the message that security is now the highest priority. But we’ll be watching, Bill. If it turns out you’re only paying lip service to security, then we’ll be back on you like the U.S. Marines on Tora Bora.
Kearns, a former network administrator, is a freelance writer and consultant in Silicon Valley. He can be reached at wired@vquill.com.