Group: Security hurt by Microsoft monopoly

"CyberInsecurity: The Cost of Monopoly"

Microsoft Corp.'s dominance of the operating system market presents the government with a serious security risk, according to a white paper published late last month by the Computer and Communications Industry Association (CCIA).

The report, titled "CyberInsecurity: The Cost of Monopoly" and written by seven experts in technology security, argues that the complexity of Microsoft's products and the company's unwillingness to provide interoperability locks the government into a system that, once hacked or penetrated, is vulnerable.

"Most of the world's computers run Microsoft's operating systems; thus, most of the world's computers are vulnerable to the same viruses and worms at the same time," the report reads. "The only way to stop this is to avoid monoculture in computer operating systems, and for reasons just as reasonable and obvious as avoiding monoculture in farming."

Ed Black, president and chief executive officer of CCIA, said three points make Microsoft's dominance of the government market dangerous: ubiquity, complexity and lack of interoperability.

"The problems are much, much worse given the complexity of Microsoft's products and the flaws in them," Black said. "Because the government is locked in to using Microsoft products, it's hard for others to be introduced [into] an environment that doesn't offer much in the way of interoperability."

Dan Geer, chief technology officer at @stake Inc. and prime author of the paper, said the authors were courageous in swimming against the current to offer their opinions.

"This was an act of professional responsibility on the part of six brave people," Geer said. "We aren't the only people who feel this way, but we felt we needed to say something about it and attach our names to it."

Microsoft officials brushed aside the report, saying the company's products, although never entirely secure, offer the federal government the most complete and valuable software solutions available.

"Microsoft considers security for all of its customers — from government entities to individuals," said Sean Sundwald, a Microsoft spokesman.

Jim Prendergast, executive director of Americans for Technology Leadership, a Washington, D.C., consortium dedicated to limiting government regulation of technology, said CCIA's position has always been against Microsoft and the white paper is another swipe at the company.

"Microsoft has problems, as do other applications," Prendergast said. "But everybody knows who Microsoft is. This is an issue that shouldn't be politicized. CCIA is just obsessed with Microsoft."

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.