Bill Gates' keynote speech this week received a mixed reaction from delegates at the RSA Conference. Some believe that the software giant's recent interest in all things "secure" is an initiative led by the marketing department, while others said that the company has taken stock of the situation and is genuinely trying to deal with its security woes.
Indeed, Arthur Coviello, president and CEO of RSA Security, said that he was surprised to get the call from the Microsoft CEO to keynote the conference, But, he said, he appreciated Gates candor about "the company's security (woes)."
Others quipped that Microsoft was present simply to crank up the market machine.
"Microsoft is here to sell its security product line," said Ben Laurie, director of the Bunker, a secure data center based out of a nuclear shelter in the United Kingdom. "It's coming to the end of its product life cycle, so it's looking around for new revenue streams."
At the Microsoft stand, which held one of the most prominent positions at the trade expo, the company was demonstrating three new security products: XP Service Pack 2; the Microsoft Baseline Security Analyzer 1.2 vulnerability assessment tool; and the ISA Firewall 2004 (beta).
"We are providing tools that help our customers get ahead in securing their systems,' said a spokesman for the company.
Laurie said that he saw little evidence that Microsoft has made its products more secure. There have been a number of serious Microsoft security vulnerabilities exposed in the last twelve months.
Mauricio Nanne, a manger with Sistemas Aplicativos, an IT reseller in Guatemala City, agreed with Laurie's assessment.
"Gates' speech was like an infomercial for Microsoft," said Nanne. "It was very intelligent for him to do this conference, but I believe that he is doing little to fix the underlying security technology -- it's just a marketing strategy."
One security professional who works for one of the major credit card companies and asked to remain anonymous said that he saw Microsoft's presence as a positive move.
"The company stopped development for six weeks so that it could retool the company to deal with the security issues," he said referring to when the company stopped development to retrain engineers on how to write more secure software. "I think that what Microsoft is doing is good for the industry and good for the end user."
"Microsoft is clearly doing a lot of good work with security," said Peter N. Glaskowsky, principal analyst with In-Stat MDR, and editor of Microprocessor Report. "They are coming up on 20 years of insecure software."
Glaskowsky said that his company had given the software giant an award for creating the most secure computing platform with Next-Generation Secure Computing Base (NGSCB). "Certainly you could say that the company should have addressed the security issue earlier, but it made a decision with Window 2000 and Windows NT to make ease of use the top priority."