CyberInsecurity - The Cost of Monopoly

There has been an interesting paper published this week and released at the Computer & Communications Industry Association (CCIA) warning that reliance on the Microsoft-based software is a danger to both enterprises and national security.

The paper was written by 7 respected security experts in the field, and really breaks down the insight of WHY Microsoft software is a danger, without bias for or against the software company.... but with information security as a focus.

What I liked about the report is that it broke everything down to three things Microsoft could do to engender substantial, lasting improvements in the field:

1. Publish interface specifications to major functional components of its code, both Windows and Office.
   
2. Foster development of alternative sources of functionality through an approach
   comparable to the highly successful ʹplug and play ʹ technology for hardware
   components.
   
3. Work with consortia of hardware and software vendors to define specifications
   and interfaces for future developments, in a way similar to the Internet Society ʹs
   RFC process to define new protocols for the Internet.
   

Without being forced, it is doubtful that these remedies will ever be taken, but it was interesting to see people like Dan Geer, Bruce Schneier, Peter Gutmann and Becky Bace get together to point it out.