Microsoft UK demands more commitment from government in tackling cyber crime
Microsoft has accused the British government of failing to give sufficient attention to online criminality. Tom Watson MP has published extracts from evidence submitted by the US software group to the House of Lords Committee on technology and security in his blog. The evidence states that, following the incorporation of the National Hi-Tech Crime Unit (NHTCU) into the Serious Organised Crime Agency (SOCA) and other organisational changes, it is no longer clear who is responsible for cyber crime. In contrast to the situation in the USA, in Great Britain there is no central contact point for reporting online crime. There are therefore also no proper statistics available.
The House of Lords committee has appointed a sub-committee to look at the situation and improvements to personal internet security. In July 2006 the sub-committee issued a call for evidence from the public, to be submitted by 23rd October, for the production of a detailed report to be released in summer 2007. Watson writes that "someone" has sent him a copy of Microsoft's written submission. In his view, it can be concluded that Microsoft is of the opinion that the Home Office is not interested in cyber crime and has no idea how to tackle it.
In oral submissions to the sub-committee, Jerry Fishenden, manager at Microsoft UK, stated that he had himself recently been the victim of credit card fraud. He made reference to the FBI's Crime Complaints Centre, a central contact point which collects more than 10,000 complaints annually. During the hearing, CardSpace, the successor to the Passport authentication service, was also discussed. According to Fishenden, the system is included in Windows Vista and will be made available to Windows XP users. The developers of Firefox have offered their support, so that the browser will support CardSpace as well as other identity applications.
During the hearing, Lord Mitchell asked, "I suspect I know how you are going to answer this question but I will ask it all the same. Is it fair to say that Microsoft has been more concerned with establishing market dominance by rushing out operating systems than they are with ensuring that their security and fitness for purpose exists?" Fishenden answered, that he did not share this opinion and that the delay in releasing Windows Vista - which has led to a drop in profits at Microsoft - was due to the fact that the developers were subjected to rigorous training on secure code.
At the same hearing, in response to the question of whether Vista was the "most secure operating system ever", open source expert Alan Cox stated that in general he did not think so, as more secure systems were developed for areas like the military, where usability is not a factor. However, he was of the opinion that Microsoft had made good progress, but that the true threat would not become apparent for six to twelve months. Cox argued against the idea of licensing security specialists. From the point of the view of the open source community, most work in the security sector could not be dealt with by security professionals alone, but also required the work of students and volunteers. If this idea were put into practice, a large number of people would be prevented from taking part in "fighting the bad guys". Cox also expressed opposition to laws such as the recently submitted draft of the Computer Misuse Act and against software patents which stand in the way of effective improvements to security.