Trustworthy computing: non-SDL view. Part 2: non-corporate.

Trustworthy

Do you think my latest post was about corporate products because only corporate products are subject to not being designed to be secure in deployment? No, consumer ones are built the same way. Say, the famous story about Windows Live Mail and Live Mail’s SSL. Till the recent changes you weren’t able to use both of them. Either you expose your communication without using SSL or you couldn’t use convenient client. I was very glad to receive the ability to use them both.

To sum up: we have excellent products, which aren’t exploitable in the most of the cases through their functions. Still those products don’t have all the necessary abilities to be incorporated into the strict environment. Some things are being changed, some not, but still there is many possibilities to do it before I or any other user discovers the problems in our own network.

I’m glad that Microsoft is on steady way to improve those things, but I want them to do some things prior the RTM. Do you remember any cases, similar to what I described in these two blogs?

About these ads
This entry was posted in Microsoft, Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s