Skip to main content

The New Software Morality

When, two years ago, Microsoft purchased Romanian anti-virus vendor, GeCAD, as part of its Trustworthy Computing initiative, I warned the result might lead to a queue of anti-trust lawyers gathering around the Capitol building in Washington, as the thriving and lucrative anti-virus industry protested at the very notion of Microsoft including better security in its products.

Time has passed and the mutters of discontent seemed to have subsided following diplomatic expressions of co-existence with the Redmond giant from the largest Anti-virus companies. However, this month, Europe decided that the prospect of Microsoft marketing consumer security was an oxymoron that demanded further investigation and the Brussels anti-trust regulators have reportedly invited Symantec to volunteer its opinions on Microsoft OneCare a plan for comprehensive, subscription-based consumer PC health check service that will offer automatically updated anti-virus, anti-spyware and firewall protection.

There is however a moral slant on this story that makes me uncomfortable. In a rational world, a company, such a Microsoft, which many would regard as directly or indirectly responsible for the mess we now find ourselves in, might reasonably be expected to offer inclusive measures that would make the Windows platform more robust from a security perspective. Two years ago after a number of conversations with people at Microsoft, I was fairly satisfied that a number of people in the Trustworthy Computing group, would have been quite happy to bundle better and better security into Windows entirely free of charge. “The trouble is”, one person told me, “is that the anti-virus industry would scream anti-trust if we did. We would have to charge”, he said, referring to GEcAD, “because the rules won’t let us give it away free.”

Whether Microsoft has changed its position and would now prefer to milk the consumer instead I don’t know but I doubt it. In my own experience, Microsoft wants to be able to deliver the best possible security to the weakest link in its business, the millions upon millions of consumers who are unwittingly breeding tens of thousands of botnets and other nasties that threaten the economic fabric of the internet on a daily basis. But if I’m right, Microsoft can’t because the law won’t allow it for free software when you are as big as they are.

In some way, this is rather like saying that if you buy a new house; the builder is not permitted to make it burglar-proof. Of course you can have basic locks but double-glazing is certainly not permitted, neither is an inclusive burglar or fire-alarm. You have to go to the aftermarket for these and perhaps pay through the nose on a subscription basis if you want any peace of mind.

Without a doubt, Microsoft, through previous anti-trust actions which very nearly saw it broken-up, has created a moral dilemma which the courts cannot easily resolve. Instead, through vigorously protecting society against the risks of a software monopoly, the courts have unwittingly created something approaching a cartel of commercial security interests which run contrary to the interests of a billion or so internet users.

In theory, internet security should be free and transparent to the end user in much the same way as one takes for granted one’s television or telephone won’t be hacked. But this is an industry now worth in excess of $20 billion annually and it’s not one that you can expect to be given away to the man in the street or even Microsoft without a fight.

Comments

Popular posts from this blog

Civilisational Data Mining

It’s a new expression I haven’t heard before. ‘Civilisational data mining.’

Let me start by putting it in some context. Every character, you or I have typed into the Google search engine or Facebook over the last decade, means something, to someone or perhaps ‘something,’ if it’s an algorithm.


In May 2014, journalists revealed that the United States National Security Agency, the NSA, was recording and archiving every single cell-phone conversation that took place in the Bahamas. In the process they managed to transform a significant proportion of a society’s day to day interactions into unstructured data; valuable information which can of course be analysed, correlated and transformed for whatever purpose the intelligence agency deems fit.

And today, I read that a GOP-hired data company in the United States has ‘leaked’ personal information, preferences and voting intentions on… wait for it… 198 million US citizens.

Within another decade or so, the cost of sequencing the human genome …

The Nature of Nurture?

Recently, I found myself in a fascinating four-way Twitter exchange, with Professor Adam Rutherford and two other science-minded friends The subject, frequently regarded as a delicate one, genetics and whether there could exist an unknown but contributory genetic factor(s) or influences in determining what we broadly understand or misunderstand as human intelligence.

I won’t discuss this subject in any great detail here, being completely unqualified to do so, but I’ll point you at the document we were discussing, and Rutherford’s excellent new book, ‘A Brief History of Everyone.”

What had sparked my own interest was the story of my own grandfather, Edmond Greville; unless you are an expert on the history of French cinema, you are unlikely to have ever hear of him but he still enjoys an almost cult-like following for his work, half a century after his death.

I've been enjoying the series "Genius" on National Geographic about the life of Albert Einstein. The four of us ha…
The Mandate of Heaven

eGov Monitor Version

“Parliament”, said my distinguished friend “has always leaked like a sieve”.

I’m researching the thorny issue of ‘Confidence in Public Sector Computing’ and we were discussing the dangers presented by the Internet. In his opinion, information security is an oxymoron, which has no place being discussed in a Parliament built upon the uninterrupted flow of information of every kind, from the politically sensitive to the most salacious and mundane.

With the threat of war hanging over us, I asked if MPs should be more aware of the risks that surround this new communications medium? More importantly, shouldn’t the same policies and precautions that any business might use to protect itself and its staff, be available to MPs?

What concerns me is that my well-respected friend mostly considers security in terms of guns, gates and guards. He now uses the Internet almost as much as he uses the telephone and the Fax machine and yet the growing collective t…