Bill Gates at the RSA Conference February 15, 2005

The following is a short discussion of a keynote by Bill Gates on the security measures Microsoft will take during the next one or two years to improve security. Security of what? In the same month Gates made a speech at a security conference in Munich where some new cooperation between state, industry and Microsoft was announced. In the newspapers the next day you could read headlines like Microsoft to improve internet security . Did you have problems with the internet lately? Was it bandwidth? routing? Unreliable transports? If yes, then you've had an internet related problem.

But I doubt it. You've probably had security problems like viruses or trojans ON YOUR MACHINE. You may have received spam ON YOUR MACHINE. Neither of them where made by the internet. The internet does not know about security and does not impose restrictions on senders and receivers beyond what is needed to communicate. Whining about this fact is like complaining that trees don't have airbags. A statement like "MS wants to improve internet security" is like DaimlerChrysler saying that they want to improve the public roads. Both should focus on THEIR products first.

But there is a tight connection between the product and its network (just think about putting guidance systems along roads) and we will come to this intersting point later.

So let's take a look at how Microsoft wants to improve the security of your machine. And for the beginning we will naively not make a distinction whether this machine in part of an enterprise network or a simple home computer.