I think most observers, including myself, were pretty taken aback by Microsoft's lead announcement at RSA, of their End-To-End Trust industry call to action. I'm not sure it was so much shock as it was confusion -- no one expected it, especially from Microsoft.
Everyone takes shots at Microsoft when it comes to security, due to a legacy of products ladened with security vulnerabilities, but you have to give Microsoft its due respect in a couple of aspects. First, their Trustworthy Computing efforts have resulted in more secure/less vulnerable Microsoft products. Vista bashing aside, we don't see the plethora of vulnerability announcements we did in previous Windows OS generations. And though we don't commonly think of Microsoft as a security product company, they do have very widely used technologies in identity management, access control, firewalls, and policy management that put them squarely in the security business, whether we want to see it that way or not.
In this case Microsoft is taking the next step in their "extreme security corporate makeover", applying the principle, declare your weakness a strength. While it's easy to see End-To-End Trust as non-credible because Microsoft is blowing the horn, you have to give them credit for having the courage to try and lead the charge, knowing they'll take tons of heat from their detractors.
The big question is; What's next? What will Microsoft do to take this call forward? Will they get involved in current industry organizations already working on such measures, or will they form new ones, expecting others to follow? End-To-End Trust is such a broad and all encompassing idea it would really require Microsoft to see beyond its own corporate interests, which again presents credibility challenges since so many see Microsoft's dominance as the problem, not the solution.
But Gates is leaving, and his cache has been moving into philanthropic interests. Is End-To-End something he'll take up upon leaving Microsoft? Hmm... doubtful. It just doesn't seem to fit. Where Microsoft goes next with this whole end-to-end idea is very much an open question.
Like this? Here are some of Mitchell's recent posts.
Yahoogle! Yahoo Goes Gah Gah For Google
"Sterling" Beta Brings Forefront Front and Center
The funny little things I picked up on at RSA 2008
Google One Ups Microsoft Again-Google App Engine
Blogging From RSA 2008Mitchell's Hottest Blog Posts:
Google Scoops Microsoft-Delivers Mesh First
Hyper-V Leaves Linux Out In The Cold,
Apple Fixes Open Source Vulnerabilities,
What Microsoft Mesh Means To You,
Apple iPhone Doomed To Failure.Check out Mitchell's Converging On Microsoft Podcast. Current Podcast Episode: Security Mike Gets Serious About Security
Also visit Mitchell's personal blog The Converging Network and SSAATY Security Podcast.
Visit Microsoft Subnet for more news, blogs, opinion from around the Web.
Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)
Mitchell Ashley is CEO and Chief Strategist of Converging Network, LLC, providing product and technology strategies to emerging technology companies. A serial entrepreneur, Mitchell has created many successful products and services in the networking, security, convergence, Internet and IT industries. In addition to blogging for NetworkWorld, Mitchell regularly blogs at TheConvergingNetwork and co-hosts the widely popular Still Crazy After All These Years podcast.
|
|
Right, end-to-end is more than technology
Microsoft has tried this a while, their problem seems to be that they still see it as a technology problem, not a business problem. No wonder, they are a software company!
They have bright people, some interesting technology and ideas but anything which has word "trust" can not be started from technical side - the first look must be where and why it is needed, how it will fit to business, how the trust management will be managed in business, etc. Then comes the implementation.
Once they figure that out, I think, they could be one of companies delivering the technology. And assuming they don't make the system closed, they might even be successful. They have the resources but the "old" thinking must change first.