Microsoft’s Trustworthy Computing initiative has been dissected and analyzed six ways from Sunday in the last few years, and the company’s decision to stop shipment of Windows Server 2003 for security reasons has been well-publicized. But in at least one case, the company decided that time to market was more important than fix every last security bug in a new product. In his speech at the Authentication and Online Trust Alliance Summit in Boston on Wednesday, Scott Charney, Microsoft’s VP of Trustworthy Computing, said that in the summer of 2003 he made the decision to stop shipment on Windows Mobile 2003 because the application failed its Final Security Review. The FSR is the last comprehensive security analysis of a new product before it goes out the door, and 99 times out of 100, a failing grade means the product doesn’t ship and goes back to the engineers for a fix.
But in this case, the head of the Windows Mobile unit told Charney that if the product didn’t ship on time, mobile carriers would not be able to load the new OS onto their phones in time for the Christmas season. Which would you rather do, the exec asked Charney, have these new phones running Windows Mobile 2002, which never went through an FSR at all, or Mobile 2003, which has one known bug that you can fix with a patch after shipment?
“So I said, ship it,” Charney said. “We have to make intelligent decisions.”