Desmond File

Blog archive

Microsoft Talks Trust

Microsoft is, of course, a leader in the arena of IT and software development. And yet, I often feel that Microsoft runs the business the way I drive in rush-hour traffic -- an abrupt, panic-filled drama punctuated by angry shouting and the occasional triple-lane change. Still, the company almost always seems to get where it's going.

In the mid-'90s, Microsoft reworked its entire MSN strategy and launched Internet Explorer in response to the rise of the World Wide Web and Netscape. Just six weeks ago, Redmond suddenly announced a strategic interoperability pledge in response to competitive and regulatory pressure. And now today, at the RSA Conference keynote in San Francisco, Microsoft Chief Research and Strategy Officer Craig Mundie talked about what the company calls its "End to End Trust vision."

We've heard this word "trust" before. It emerged in January 2002 in the now-famous Bill Gates e-mail that, for the first time, placed security ahead of functionality in the Redmond product development stack. As Gates wrote at the time:

"Trustworthy Computing is the highest priority for all the work we are doing. We must lead the industry to a whole new level of Trustworthiness in computing."

That e-mail helped launch the Security Development Lifecycle (SDL) at Microsoft, and was critical in cleaning up the mess in such strategic products as Microsoft Office, SQL Server and IIS.

Now, Microsoft is broadening the challenge, seeking to drive a strategic discussion of privacy and security to the larger Internet. In the months ahead, you'll hear a lot of talk about the "trusted stack" and what it will take to achieve what Microsoft calls a "more secure and trustworthy Internet ecosystem."

This is a big topic Microsoft is taking on, and one that we should all make a point to pay very close attention to. The idea of a trusted stack certainly brings with it a host of integration, leverage and lock-in opportunities for Microsoft. But it also invites a true "lift all boats" scenario, where Microsoft may stand to profit most by working closely with, rather than competing against, its fiercest rivals.

If there's one truism in all of these developments, it's this: The work is never done. On the same day Microsoft announced its End to End Trust vision, the company sent out a Patch Tuesday security bulletin detailing five critical security vulnerabilities.

What do you think of Microsoft's End to End Trust vision and its push for a trusted stack? Speak up at [email protected].

Posted by Michael Desmond on 04/08/2008

comments powered by Disqus


  • AI for GitHub Collaboration? Maybe Not So Much

    No doubt GitHub Copilot has been a boon for developers, but AI might not be the best tool for collaboration, according to developers weighing in on a recent social media post from the GitHub team.

  • Visual Studio 2022 Getting VS Code 'Command Palette' Equivalent

    As any Visual Studio Code user knows, the editor's command palette is a powerful tool for getting things done quickly, without having to navigate through menus and dialogs. Now, we learn how an equivalent is coming for Microsoft's flagship Visual Studio IDE, invoked by the same familiar Ctrl+Shift+P keyboard shortcut.

  • .NET 9 Preview 3: 'I've Been Waiting 9 Years for This API!'

    Microsoft's third preview of .NET 9 sees a lot of minor tweaks and fixes with no earth-shaking new functionality, but little things can be important to individual developers.

  • Data Anomaly Detection Using a Neural Autoencoder with C#

    Dr. James McCaffrey of Microsoft Research tackles the process of examining a set of source data to find data items that are different in some way from the majority of the source items.

  • What's New for Python, Java in Visual Studio Code

    Microsoft announced March 2024 updates to its Python and Java extensions for Visual Studio Code, the open source-based, cross-platform code editor that has repeatedly been named the No. 1 tool in major development surveys.

Subscribe on YouTube