Gates unleashes Security Initatives at RSA

[MikeHunt]

Gates Unleashes Security Initiatives at RSA

February 24, 2004

By Dennis Fisher

SAN FRANCISCO—Bill Gates used his keynote speech at the RSA Conference here Tuesday to unveil a host of new technologies and features that Microsoft Corp. is preparing to drop into Windows in the coming months and years. Many of the revelations will come as bad news for the security vendors assembled here, as the world's largest software company will be giving away a lot of the features and technologies that these vendors are all trying to sell.

Gates spoke to what was likely the largest crowd in this conference's history, and was warmly received by the assembled security experts, cryptographers and CIOs, despite Microsoft's somewhat shaky reputation in the security community.

The new technologies that Gates introduced include a code-scanning feature in the next release of Visual Studio, a new Security Control Center in Windows XP and a set of advances known collectively as Dynamic System Protection. He also discussed several efforts that Microsoft is making to help slash the amount of spam on the Internet, including a kind of caller ID system for e-mail.

Sounding confident in the strides that his company has made in recent years, Gates said that security should not be a hindrance to innovation.

"This is not at the top of the list of what should hold us back from innovating," said Gates, chairman and chief software architect at Microsoft, based in Redmond, Wash. "I'm very optimistic about this, even though there are a lot of years of work ahead of us."

The first of the new security technologies to reach customers will be the Security Control Center and some changes to Internet Explorer and the Windows Firewall that are included in Service Pack 2 for Windows XP. The firewall, formerly known as the Internet Connection Firewall, will give users the option of allowing or preventing applications from accessing the Internet on a case by case basis, much the way that other personal firewalls do.

Administrators also will be able to manage multiple Windows Firewalls from a central location and will have the ability to establish multiple security profiles for each machine, depending upon whether the PC is on the corporate network or in another location.

The Security Control Center is essentially a GUI-based management console that gives users an overview of the security posture of their PCs, including the status of antivirus software, the Windows Firewall and other security-related systems.

For many, the most interesting revelation is the Dynamic System Protection technology that is currently in alpha form. The system is a collection of features that, taken together, will amount to a host-intrusion-prevention solution, all built into Windows.

The key element is a behavior-blocking capability that is tied into the Windows Firewall, as well as ISA Server 2004, Microsoft's corporate firewall product.

The system can detect the security state of a given machine, finding problems such as missing patches. In a demonstration, the system found that a Windows XP machine was without a patch that protects against an attack on IE. So, when the user visited a site that tried to download a potentially dangerous ActiveX control on the PC, the firewall dynamically blocked the control and informed the user of the action and why it happened.

The technology also can detect configuration changes, application modifications and changes in the location of the machine and adjust the PC's security posture accordingly.

On the spam front, Gates said that Microsoft is working with all of the major ISPs on an initiative to positively identify the senders of e-mail. The system will rely on data from the DNS infrastructure to ferret out the true IP address of e-mail senders in an attempt to defeat the address-spoofing that is de rigeur for spammers. Gates said the system may be up and running by this summer.

Gates got a big round of applause from the RSA partisans in the crowd when he announced that Microsoft and RSA Security Inc. have developed a joint two-factor authentication solution using RSA's SecurID tokens. The solution will require users to enter a PIN and a one-time password for authentication, regardless of whether the machine is connected to the corporate network.

Gates nearly was upstaged, however, by his warm-up act, ABC News contributor and political commentator Cokie Roberts, who came out swinging at both the Republicans and Democrats and drew a lot of laughs from the overflow crowd. Comparing the world of computer security to the body politic, Roberts said she couldn't help but laugh when she read over the agenda for the conference.

"Hacks, attacks and flaws. I thought, 'This is my world.' I'm surrounded by hacks, there are always plenty of political attacks, and let's not even talk about the character flaws," Roberts said. "And identity theft? Every one of the Democratic candidates is trying to steal Bill Clinton's identity. Without Monica, of course."

Analyzing the reasons for George W. Bush's victory in the 2000 election, Roberts noted that regular churchgoers overwhelmingly voted for Bush, while voters who rarely attended church were mainly in Al Gore's camp.

"[Gore's Supporters] were probably at home with the Internet. Which he had invented," Roberts deadpanned, drawing a roar of laughter from the audience. "This is a problem for Democrats, because they don't really want to be the party of heathens."