Group: Security hurt by Microsoft monopoly

"CyberInsecurity: The Cost of Monopoly"

Microsoft Corp.'s dominance of the operating system market presents the government with a serious security risk, according to a white paper published late last month by the Computer and Communications Industry Association (CCIA).

The report, titled "CyberInsecurity: The Cost of Monopoly" and written by seven experts in technology security, argues that the complexity of Microsoft's products and the company's unwillingness to provide interoperability locks the government into a system that, once hacked or penetrated, is vulnerable.

"Most of the world's computers run Microsoft's operating systems; thus, most of the world's computers are vulnerable to the same viruses and worms at the same time," the report reads. "The only way to stop this is to avoid monoculture in computer operating systems, and for reasons just as reasonable and obvious as avoiding monoculture in farming."

Ed Black, president and chief executive officer of CCIA, said three points make Microsoft's dominance of the government market dangerous: ubiquity, complexity and lack of interoperability.

"The problems are much, much worse given the complexity of Microsoft's products and the flaws in them," Black said. "Because the government is locked in to using Microsoft products, it's hard for others to be introduced [into] an environment that doesn't offer much in the way of interoperability."

Dan Geer, chief technology officer at @stake Inc. and prime author of the paper, said the authors were courageous in swimming against the current to offer their opinions.

"This was an act of professional responsibility on the part of six brave people," Geer said. "We aren't the only people who feel this way, but we felt we needed to say something about it and attach our names to it."

Microsoft officials brushed aside the report, saying the company's products, although never entirely secure, offer the federal government the most complete and valuable software solutions available.

"Microsoft considers security for all of its customers — from government entities to individuals," said Sean Sundwald, a Microsoft spokesman.

Jim Prendergast, executive director of Americans for Technology Leadership, a Washington, D.C., consortium dedicated to limiting government regulation of technology, said CCIA's position has always been against Microsoft and the white paper is another swipe at the company.

"Microsoft has problems, as do other applications," Prendergast said. "But everybody knows who Microsoft is. This is an issue that shouldn't be politicized. CCIA is just obsessed with Microsoft."

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.