Simply amazing.
Jim Allchin, the GVP for Platforms at M$, testified that forcing M$ to share informations with competitors could seriously compromise national security, including the war effort in Afghanistan.
Why?
When you finish sifting through it, it’s because Microsoft’s coding is riddled with bugs and revealing APIs and protocols would make it even easier for hackers to break it.
In his written testimony, Allchin suggested several, far-reaching dangers that could develop if Microsoft is not permitted to withhold API and protocol disclosures when it has security-related concerns. “It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks,” Allchin, group vice president for platforms, wrote in his testimony. “Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the Armed Forces of the United States in Afghanistan and elsewhere.”
Of course, since under the DoJ agreement (which the nine states are protesting) M$ would be able to exempt any API or protocol under security grounds, M$ is using its own incompetence as a shield to keep it from revealing anything it doesn’t want to reveal … and, not coincidentally, trying to wrap itself in the flag while doing so.
But, then, security through obscurity (don’t admit, don’t tell, take your sweet time in fixing) has long been a hallmark of M$ overall security strategy.
When pressed for further details, Allchin said he did not want to offer specifics because Microsoft is trying to work on its reputation for security.
In other words, Trust us, because we’re very security minded, so security-minded that we don’t even want to let you know where our security sucks.
Yeesh.