Feeds

Microsoft secures Passport while lobbying interest groups

Consumer Association unconvinced

  • alert
  • submit to reddit

The Power of One eBook: Top reasons to choose HP BladeSystem

ComputerWire: IT Industry Intelligence

Microsoft will take first its steps towards delivering a federated version of Passport this year, releasing tools enabling developers to build Kerberos protocols into the online security system ahead of a full product release in 2003,

Gavin Clarke writes

.

The company told Computerwire it planned a series of Software Development Kits (SDKs) to implement the network authentication protocol into Passport later this year. A full version of Passport, built on Kerberos, is expected next year.

"The road to Kerberos in Passport is being fleshed out. It will be next year before we see a fully Kerberos-capable model," said Microsoft's recently appointed .NET policy and regulatory affairs manager, John Noakes. He was unable to say when the SDKs will become available.

The executive spoke as he embarked on a campaign to lobby powerful consumer and business groups over Microsoft's track record on software security and data protection. Noakes has met the Confederation of British Industry (CBI) and will soon meet the Consumers Association, the UK's best-known consumer lobby group. Microsoft revealed its lobbying strategy in January.

The company is anxious to redress its poor reputation over security and data protection. Microsoft wants to ensure Windows, Internet Explorer and Passport overcome this, and are considered in major government initiatives and business projects.

Noakes said early discussions had indicated lack of knowledge about software like Passport, and some criticisms were poorly informed. "I have to start at the beginning to explain what Passport is and what it does. When people are in full possession of the full facts there isn't as much negative sentiment," he said.

The CBI is vital in helping Microsoft. The organization relies on members to formulate responses to European Union and UK government regulations. Microsoft, a CBI member, hopes it can clean its track record and then position itself as a participant in CBI activities relevant to software and security.

A CBI spokesperson indicated Microsoft's approach could prove successful. "It was a two-way, beneficial meeting on how the CBI can get Microsoft involved as a member on various security issues coming up," she said. The spokesperson was unable to say what security issues would be tackled in future.

Noakes will receive a rough reception at the Consumers' Association, though, where concerns center on potential for mis-use of personal data in Passport.

Alan Stevens, the Consumer Association's head of digital services, said Microsoft may have to agree to financially compensate consumers whose personal information is abused or hacked.

"I'd like to know what they use the data for and what the security systems are wrapped around it. There's no absolute security. There's always the fear and concern that someone with the appropriate skills can hack it," Stevens said.

The Consumers' Association is also hostile to what it believes are abuses by Microsoft of its desktop monopoly. Stevens said Microsoft must work closely with consumers on product development and delivery cycles, reducing bugs in its software. He claimed Microsoft has exploited its market strength to force upgrades on consumers. "The main problem is the way Microsoft rushes products to the market to get more money in the till," he said.

© ComputerWire.com. All rights reserved.

Reducing security risks from open source software

More from The Register

next story
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.