| February 2002 | ||||||
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
| 1 | 2 | |||||
| 3 | 4 | 5 | 6 | 7 | 8 | 9 |
| 10 | 11 | 12 | 13 | 14 | 15 | 16 |
| 17 | 18 | 19 | 20 | 21 | 22 | 23 |
| 24 | 25 | 26 | 27 | 28 | ||
| Jan Mar | ||||||
News and Observations
Friday, February 15, 2002Audio and Video for Wireless Devices
Apple, Ericsson, Sun Work On Standard For Multimedia Delivery. Apple Computer, Ericsson, and Sun Microsystems are developing a standard for delivering multimedia content to mobile devices. [TechWeb]
Web Services Players
The Economist does a nice job outlining the various players - and their allegiances. Bottom line? "All this may sound like business as usual, but at stake is nothing less than how the digital world of tomorrow will be organised. If web services take off, they will form a giant array of electronic offerings that will permeate every aspect of modern life. Which is why these offerings should ideally be based on open standards, rather than on the dictatorship, however benevolent, of a single company." You can probably sort that last bit out for yourself.
Web services [Economist: Business]
Security Bugs: 1 Microsoft: 0
Subsequent news indicates the company has some ways to go in meeting its goals.
Visual Studio .Net first to pass new MS security audit
Trustworthy? When Pigs Fly
Despite the hoopla and earnestness of Microsoft's 'Trustworthy Computing' initiative, evidence suggests real change is slow to percolate through the company. Witness yesterday's disclosure of vulnerabilities in Vidual Studio .NET by Cigital researchers. Understandably embarrassed, Microsoft chose to respond in form, treating the disclosure not as a security or technology problem, but rather a PR problem. First, the flaw was described as 'technically narrow,' then as a feature meant to help programmers identify security bugs. And if that wasn't enough to convince you, Microsoft assures us the researcher is just suffering from sour grapes, since they didn't get a contract from Microsoft.
It would seem that trustworthy computing doesn't look much different from the old un-trustworthy computing.
How to tell if Microsoft is actually making progress? Bruce Schneier offers a detailed list of seven criteria in his most recent Crypto-Gram.
Counterpane: Crypto-Gram: February 15, 2002: "As longtime security experts, we'd like to suggest some concrete ways to evaluate Microsoft's (and anybody else's) progress towards trustworthiness. These are specific and measurable changes that we would like Microsoft to make. This is not intended to be an exhaustive list; building secure software requires much more than what we delineate here. Our goal is to provide a list of measurable recommendations, so that the community can judge Microsoft's sincerity."