Thompson vs. MSFT. Dog Not Hunting.
Thomas Ptacek | June 28th, 2006 | Filed Under: Industry Punditry, Uncategorized
John Thompson, CEO of Symantec, on why he’s “not worried at all” about competing with Microsoft. (from NetworkWorld)
Microsoft is synonymous with a lot of things in the software and technology industry. Security is not one of them. And they’ve got a long way to go to demonstrate not only capability, but to deliver and build a reputation of being able to support a vast array of users in that regard.
You could write a long stream of blog posts about this topic. And you know what, since it’s a lay-up, we probably will. But I’m busy right now and I’m just going to say:
The cool kids don’t think this about Microsoft anymore. Microsoft claims to have spent billions on securing its software (and it may have, if you factor in the cost of slipping releases to eradicate things like integer overflows). But that doesn’t matter. Microsoft could buy a year of the entire vulnerability research community for less than $80MM, even at premium rates. That’s less than the cost of a mediocre security startup.
On the other hand, none of the cool kids hold Veritas, or for that matter Symantec, in much esteem. And I’m not sure what fleeing from the all-in-one gateway appliance market, tail between their legs, retrenching into categories that are inevitably going to be Control Panels in upcoming releases of Windows Server, says about their ability to spend their way out of that problem.
But what do I know.
Byron Sonne
June 29th, 2006 5:29 pm‘cool kids’… Cool?
Since when was that any kind of legit basis for judging something technical?
Thomas Ptacek
June 29th, 2006 7:05 pmIf you don’t know who the cool kids are, or what makes them cool, then you aren’t cool enough to know what makes them relevent technically.
But that’s OK, Byron, you can sit at our lunchroom table anytime.
ivan
June 30th, 2006 9:38 pmhey, I’m a cool kid (or maybe not, but Gartner says so) and I do not hold neither microsoft, veritas, symantec, oracle nor any other vendor in much steem, maybe not even ourselves
But guess which vendors are the most arrogant and adamant about how really really really secure they are now? (…openbsd does not count, they’ve done eveything 5 years before).
Spending billions may mean alot in absolute terms but I don’t know how it compares to spending a lot less but having a much higher yield on your security investement. There, one for the metric-lovers to work on.
Oracle Patch Tuesday?… « Observations of a digitally enlightened mind
October 12th, 2006 7:49 pm[…] Oracle has been facing the same pressures that Microsoft faced in the early part of the decade, pressure which resulted in Microsoft integrating strong security best practices as part of their SDLC and implementing vulnerability and patch disclosure process which is world class. They still have issues, but they are making admirable progress, even the cool kids think so. Enough about Redmond though, this is about Redwood City… […]
Leave a reply