Security Advisor

Microsoft Fighting an Unwinnable War

Is the cloud a viable tool in the fight?

Microsoft has been using the 10th anniversary of its Trustworthy Computing initiative to toot its own security horn the past few months. And it's deserved all the praise its been giving itself.

Patch Tuesday is great. And the dedication to actively seeking out and destroying security flaws every month is the golden standard that all software firms should emulate.

It even goes the next step, offering free antivirus software and security tools in the form of Microsoft Security Essentials.

However, if Microsoft has the notion that it can one day lay down its arms and live the rest of its life peacefully on a farm, it's got another thing coming.

Redmond magazine's Editor in Chief Doug Barney pointed out in the September issue of the magazine that, no matter how sophisticated its security is, hackers will always find a hole to slip into our systems.

Just like this year's cold viruses laugh in the face of last year's flu shots, hackers will continue to evolve with the technology that is set up to stop them.

Doug points out that while Microsoft won't be able to change the minds of those do-harmers, embracing the cloud could stop the flow of issues on our machines. It's a bit hard to infect a system when the OS, software and storage are all located separately from the machine.

But if we all switch to dumb machines, won't the attackers' gaze go from us to where the info is being stored?

Let me know what you think in the comments below.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

comments powered by Disqus

Reader Comments:

Sat, Sep 22, 2012

"all the praise its been giving itself" This needs to be changed to "praise it's been giving itself". "Its" is a possessive term, "it's" breaks into "it has".

Thu, Sep 6, 2012 Rick Netherlands

The cloud will not stop those attackers. When you run a VM in the cloud, how is the OS, the software and the storage located separately? And, like one other reader commented - indeed, will the attackers not move to see if they can attack the data in the cloud. The more dependant we are on a couple of cloud services, wouldn't pretty much everything come to a stand-still if criminals were to DDOS the cloud service providers? And if all data is in one place, wouldn't it be neat to not only have the useraccount and password, but also all data, including private photographs, backups of banking account data and all kinds of stuff you do not wish to loose or others to have access to? Sooner or later someone will open up a firewall port too many to an Azure database or an Amazon S3 bucket, and some people will be in trouble. No, this example is not a virus, but human error, and cloud or no cloud, where humans work, mistakes are made. And holes in the security, coded or configured will always be there.

Thu, Sep 6, 2012

Attackers will always pick the weakest link. It may be a known flaw, a social ploy, backend DB, the cloud or whatever best achieves the result. In the mean time the good guys do the best they can to make a safe and secure computing experience.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.