Microsoft defends its security

Microsoft has defended the security of its products after a leading IT figure claimed its near monopoly could result in a...

Microsoft has defended the security of its products after a leading IT figure claimed its near monopoly could result in a 'universal systems crash'.

Paul Strassmann, former director of defence information, US Department of Defense, claims the dominance of Microsoft systems, together with the planned introduction of products such as its 'Active Directory', could lead to a network meltdown.

"All that will be required is inducement of a widespread information infrastructure collapse through a deliberately executed and pre-planned act of information warfare," said Strassmann. "The risk from a software monoculture has increased due to the shift from custom-made software to packaged applications residing on an integrated family of Microsoft operating systems."

Active Directory can be used to control all aspects of a distributed system, from the user information, all the way down to the network protocols and, claims Strassmann, "it will function on a network where it's the master and all other directory servers and services are slaves'.

But, Microsoft says, for Strassmann's theory to work, software from its competitors would also have to be targeted, and claims it will always respond to any security threats.

"After the 'I Love You' virus incident, Microsoft developed and released to its Web site the Outlook e-mail Security Update that fundamentally changes the ability of viruses to propagate using Microsoft software," said Microsoft's security spokesmen, Steven Lipner and Howard Schmidt.

"The decision to release the update was not taken lightly because limiting virus propagation requires, for fundamental reasons of computer science, limiting the flexibility available to users. But the need became clear, and the development was undertaken. And because computers are not organic systems, millions of users were free to install the update and protect themselves the day after it was posted to Microsoft's Web site."

Strassmann thinks the most effective way of reducing any risks is to select an e-mail program other than Microsoft's dominant Outlook software, claiming it's responsible for the highest incidence of security problems by any one application.

Read more on Business applications