Anti-Microsoft Security Report Mired in Politics
@stake fires CTO for co-authoring document; impartiality of researchers, backers challenged
Computerworld - WASHINGTON -- A report that might have been a valuable contribution to the study of the security ramifications of monolithic IT infrastructures has instead become a pawn in the unending political battle between pro- and anti-Microsoft factions. And it has cost one of the co-authors his job.
The controversy stems from a report released Sept. 24 by seven self-proclaimed independent researchers from the IT security industry that harshly criticized Microsoft Corp.'s monopoly hold on the software industry. That hold is a fundamental cause of security problems that now confront the global Internet community, the report contends.
The day after the report's release, co-author Dan Geer was fired from his job as chief technology officer at Cambridge, Mass.-based @stake Inc., a security company that derives a hefty percentage of its income from Microsoft. Moreover, the firing was made retroactive to Sept. 23 so that @stake could further distance itself from Geer and the report, sources close to the situation said.
An @stake official, who spoke on condition of anonymity, confirmed that Geer was fired and said that as a corporate officer he should have known that Microsoft was a client of the company. "It's not a matter of the content of the report; it's a matter of ethics and respect for clients," the official said.
Geer couldn't be reached for comment on Friday.
Chris Wysopal, @stake's director of research, said the company had no argument with the report's basic premise that technological diversity poses less of a security risk than monolithic architectures. "But the way the report is positioned and a lot of its conclusions are things we don't agree with. The report is a bit one-sided," he said.
In any case, the firing didn't go down well with other authors of the report.
"Its very sad that @stake fired him for this," said Bruce Schneier, a co-author and founder of Cupertino, Calif., security consultancy Counterpane Internet Security Inc. "We as security researchers regularly speak, write and do reports that express our professional opinions. We assume that companies hire us for our integrity and honesty."
The authors of the report "CyberInsecurity: The Cost of Monopoly. How the Dominance of Microsoft's Products Poses a Risk to Security" may have actually undermined their independence by teaming with the Computer & Communications Industry Association.
The CCIA is a Washington-based industry group whose members include direct Microsoft competitors such as Sun Microsystems Inc. and Oracle Corp., and it has supported the U.S. and European investigations into what the group has called "Microsoft's competitive abuses." The CCIA not only published and publicized the report on
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts