From GCN:
When Richard Kemmerer first joined the board of Microsoft’s Trustworthy Computing Academic Advisory initiative as one of its inaugural members, he had a caveat for the software giant.
“One of the things I told (Microsoft) was that if you’re looking for a yes man, you’re barking up the wrong tree, looking in the wrong place, you got the wrong guy. I’m going to call it like I see it.”
Looking back over five years as a member of the panel, which is charged with (among other things) shoring up security, Kemmerer — currently a professor of computer science at University of California at Santa Barbara (UCSB) — still feels the same way in making what he calls a fair assessment of software and security personnel in Redmond. While he’s swift to laud the accomplishments made with the project and with the evolution of Microsoft products and services, he says, “Where security is concerned, there is still a long way to go.”
Indeed, as Microsoft celebrates half a decade of the program’s existence calling upon expertise from Kemmerer and other scholars and experts from as far away from Redmond as Tokyo and London, there remains a basic inconsistency between convenience of use and computer security that many believe can never be fully rectified. In the same way that a car alarm may lock a person out of a car for security reasons, Microsoft applications such as Internet Explorer have been known to inflict similar headaches on users recently. Additionally, some IT practitioners have suggested that Microsoft needs to help educate end users in a manner far more comprehensive than its monthly security bulletins.
To that end, Microsoft believes it’s the IT community’s job to stay on top of things and that the aim of the Trustworthy Computing movement is to gather the best objective research to achieve that goal.
Read on
[tags]Trustworthy Computing, Trusted Computing, TCAA[/tags]