A
Anonymous
Guest
Gates reveals Windows code to China By Ken Gao
CNETAsia
February 28, 2003, 7:30 AM PT
Microsoft on Friday signed a pact with the Chinese government to reveal the Windows source code, making China among the first to benefit from its program to allay the security fears of governments.
In addition, Microsoft Chairman Bill Gates hinted that China will be privy to all, not just part, of the source code the government wishes to inspect.
The Chinese government and military have previously stated their preference for the rival Linux operating system because its source code is publicly available.
Without knowing the inner workings of an operating system--a fact revealed by its source code--governments like China fear that backdoors may be installed to leak sensitive information.
The China Information Technology Security Certification Center signed an agreement to participate in Microsoft's Government Security Program (GSP).
Wu Shizhong, director of the center, reaffirmed that IT security is a key issue for the government.
"Microsoft's GSP provides us with the controlled access to source code and technical information in an appropriate way. It also establishes cooperation between China and Microsoft. Microsoft has taken a step forward to let us understand its product security," he said.
Gates, who was on a two-day visit to Beijing, said his company was pleased with the pact. "We are committed to providing the Chinese government with information that will help them deploy and maintain secure computing infrastructures. We see this agreement as a significant step forward in Microsoft's relations with the Chinese government," Gates said.
In January, Microsoft announced its GSP, under which it will share the source code underlying its Windows operating system with several international governments, a move designed to address concerns about the security of the OS.
Last month, it announced GSP agreements with Russia, NATO and the United Kingdom. Microsoft is in discussions with more than 30 countries, territories and organizations regarding the program.
During Gates' visit, he also met with Chinese President Jiang Zemin. Jiang said China welcomes Microsoft and other global companies to invest in China and create growth.
Gates briefed Jiang about Microsoft's investment in China and gave an update on how it was sharing the source code of computer software. No details were given on what specific software would be part of the information-sharing deal.
In order to develop its software industry and maintain security, China has produced its own version of Linux, Red Flag Linux, as well as its own office productivity suite, RedOffice, which go head-to-head with Microsoft's Windows and Office packages.
http://zdnet.com.com/2100-1104-990526.html
Just last year Microsoft said:
Allchin: Disclosure May Endanger U.S.
By_Caron Carlson
A senior Microsoft Corp. executive told a federal court last week that sharing information with competitors could damage national security and even threaten the U.S. war effort in Afghanistan. He later acknowledged that some Microsoft code was so flawed it could not be safely disclosed.
The bold statements and candid admissions were part of Jim Allchin's testimony during two days in court here before Judge Colleen Kollar-Kotelly, who is hearing the case of nine states and the District of Columbia seeking stricter penalties for Microsoft's antitrust behavior.
Allchin, group vice president for platforms at Microsoft, was the final executive lined up to defend the Redmond, Wash., software developer. Like company Chairman and Chief Software Architect Bill Gates before him, Allchin highlighted the security problems he foresaw that could result from technical information disclosure requirements sought by the nonsettling states.
"It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks," Allchin testified. "Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere."
Unlike the states' proposed remedy, the federal settlement proposal that Microsoft and the Department of Justice agreed to in November contains a carve-out that permits Microsoft to withhold API and protocol disclosures if such disclosures would compromise security. The provision is designed to address hackers, viruses and piracy, according to Allchin.
In his testimony, Allchin also addressed .Net and countered charges made by rivals?particularly Jonathan Schwartz, senior vice president of corporate strategy and planning at Sun Microsystems Inc.?about its interoperability. Charging that Schwartz's testimony oversimplified the interoperability of .Net and Java technology, Allchin claimed the two systems are not perfect equivalents.
"Microsoft has invested substantial time and resources in providing great interoperability between .Net and older technologies," Allchin said. "Sun's strategy of promoting '100 percent pure' Java applications discourages interoperability."
During his second day on the stand, Allchin conceded that Microsoft has already identified at least one protocol and two APIs that it plans to withhold from public disclosure under the security carve-out.
The protocol, which is part of Message Queuing, contains a coding mistake that would threaten the security of enterprise systems using it if it were disclosed, Allchin said.
When Kevin Hodges, attorney for the dissenting states, asked him how many APIs would be exempt, Allchin said he did not know the exact number, but it would include APIs that deal with anti-piracy and digital rights management. Microsoft has already identified APIs involved with Windows File Protection that would be withheld, he said.
When pressed for further details, Allchin said he did not want to offer specifics because Microsoft is trying to work on its reputation regarding security. "The fact that I even mentioned the Message Queuing thing bothers me," he said.
http://www.eweek.com/article2/0,3959,5264,00.asp
Oookkaayyy , Cyberwarfare just got interesting. :blah:
_
_ _
CNETAsia
February 28, 2003, 7:30 AM PT
Microsoft on Friday signed a pact with the Chinese government to reveal the Windows source code, making China among the first to benefit from its program to allay the security fears of governments.
In addition, Microsoft Chairman Bill Gates hinted that China will be privy to all, not just part, of the source code the government wishes to inspect.
The Chinese government and military have previously stated their preference for the rival Linux operating system because its source code is publicly available.
Without knowing the inner workings of an operating system--a fact revealed by its source code--governments like China fear that backdoors may be installed to leak sensitive information.
The China Information Technology Security Certification Center signed an agreement to participate in Microsoft's Government Security Program (GSP).
Wu Shizhong, director of the center, reaffirmed that IT security is a key issue for the government.
"Microsoft's GSP provides us with the controlled access to source code and technical information in an appropriate way. It also establishes cooperation between China and Microsoft. Microsoft has taken a step forward to let us understand its product security," he said.
Gates, who was on a two-day visit to Beijing, said his company was pleased with the pact. "We are committed to providing the Chinese government with information that will help them deploy and maintain secure computing infrastructures. We see this agreement as a significant step forward in Microsoft's relations with the Chinese government," Gates said.
In January, Microsoft announced its GSP, under which it will share the source code underlying its Windows operating system with several international governments, a move designed to address concerns about the security of the OS.
Last month, it announced GSP agreements with Russia, NATO and the United Kingdom. Microsoft is in discussions with more than 30 countries, territories and organizations regarding the program.
During Gates' visit, he also met with Chinese President Jiang Zemin. Jiang said China welcomes Microsoft and other global companies to invest in China and create growth.
Gates briefed Jiang about Microsoft's investment in China and gave an update on how it was sharing the source code of computer software. No details were given on what specific software would be part of the information-sharing deal.
In order to develop its software industry and maintain security, China has produced its own version of Linux, Red Flag Linux, as well as its own office productivity suite, RedOffice, which go head-to-head with Microsoft's Windows and Office packages.
http://zdnet.com.com/2100-1104-990526.html
Just last year Microsoft said:
Allchin: Disclosure May Endanger U.S.
By_Caron Carlson
A senior Microsoft Corp. executive told a federal court last week that sharing information with competitors could damage national security and even threaten the U.S. war effort in Afghanistan. He later acknowledged that some Microsoft code was so flawed it could not be safely disclosed.
The bold statements and candid admissions were part of Jim Allchin's testimony during two days in court here before Judge Colleen Kollar-Kotelly, who is hearing the case of nine states and the District of Columbia seeking stricter penalties for Microsoft's antitrust behavior.
Allchin, group vice president for platforms at Microsoft, was the final executive lined up to defend the Redmond, Wash., software developer. Like company Chairman and Chief Software Architect Bill Gates before him, Allchin highlighted the security problems he foresaw that could result from technical information disclosure requirements sought by the nonsettling states.
"It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks," Allchin testified. "Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere."
Unlike the states' proposed remedy, the federal settlement proposal that Microsoft and the Department of Justice agreed to in November contains a carve-out that permits Microsoft to withhold API and protocol disclosures if such disclosures would compromise security. The provision is designed to address hackers, viruses and piracy, according to Allchin.
In his testimony, Allchin also addressed .Net and countered charges made by rivals?particularly Jonathan Schwartz, senior vice president of corporate strategy and planning at Sun Microsystems Inc.?about its interoperability. Charging that Schwartz's testimony oversimplified the interoperability of .Net and Java technology, Allchin claimed the two systems are not perfect equivalents.
"Microsoft has invested substantial time and resources in providing great interoperability between .Net and older technologies," Allchin said. "Sun's strategy of promoting '100 percent pure' Java applications discourages interoperability."
During his second day on the stand, Allchin conceded that Microsoft has already identified at least one protocol and two APIs that it plans to withhold from public disclosure under the security carve-out.
The protocol, which is part of Message Queuing, contains a coding mistake that would threaten the security of enterprise systems using it if it were disclosed, Allchin said.
When Kevin Hodges, attorney for the dissenting states, asked him how many APIs would be exempt, Allchin said he did not know the exact number, but it would include APIs that deal with anti-piracy and digital rights management. Microsoft has already identified APIs involved with Windows File Protection that would be withheld, he said.
When pressed for further details, Allchin said he did not want to offer specifics because Microsoft is trying to work on its reputation regarding security. "The fact that I even mentioned the Message Queuing thing bothers me," he said.
http://www.eweek.com/article2/0,3959,5264,00.asp
Oookkaayyy , Cyberwarfare just got interesting. :blah:
_
_ _