MS Security Program No Threat to Linux, Advocate Says
Feb 2, 2005 11:38 AM PT
Microsoft has announced that it will share information on security-related issues in its software with government agencies using its products.
Through the Security Cooperation Program, Microsoft will provide early warnings of security threats to participating agencies and alert them about security updates in advance. The company also said it wants to help prevent attacks in the first place, respond better and limit damage.
So far Canada, Chile, Norway and Delaware are part of the program.
This latest initiative builds on the Government Security Program launched by Microsoft two years ago, which gives countries controlled access to elements of Microsoft source code so that they can check for potential security problems.
Although portrayed by some as an attempt by Microsoft to counter the popularity of Linux in government, one open-source advocate said the software giant's recent move is a positive step.
"I think that they should do this program," Bruce Perens, co-founder of the Open Source Initiative and leader of the Debian GNU/Linux distribution told LinuxInsider.
"Historically they've been very weak as far as security is concerned. I don't see this as a threat to us, but more as Microsoft showing a response to competition from Linux and improving its quality. We don't have a problem with competition. It's trying to patent ideas that we don't like."
Perens does not buy into the idea that Linux would be just as vulnerable as Windows if it were targeted as often, although he did not deny that Microsoft makes for an enticing target.
"What can you do about a system that gets hit with 60,000 viruses a year?" he asked. "People are motivated to hit Microsoft."
He said he believes Linux is simply more secure and can respond to potential threats at any time since it has an international developer base.
"I run Linux on a bunch of computers with no firewall. They are entirely facing the Internet. They get hit all day by people trying to exploit vulnerabilities," Perens said. "If anybody's gotten in, they haven't made it show yet."
Stacey Quandt, senior business analyst, open source practice leader for the Robert Frances Group, agreed that the no-fee program is a positive step for Microsoft as well as for its government clients.
"While it is easy to look at this as a defensive play against Linux,in reality Microsoft security continues to be an issue for customers, and efforts like SCP are important," she said.