Friday, October 20, 2006

Ba-Da-????

Soon: Thursday October the 26th we announce our quarterly financials.

  • Apple: ba-da-bing!
  • Google: ba-da-boom!
  • Microsoft? ba... da... ????.

I can only hope that both Windows Vista and Office 2007 are in such an obvious state of RTM doneness come Thursday that we officially announce the release dates as part of showing some level of confidence, versus letting the releases slip out the door once we've convinced ourselves that no further fixes should be made (it's okay... fiddle-dee-dee, I'll think about that issue come another service-pack).

Now: I dropped by a colleague's office while he was reading through the new internal InsideMS blog put up by our HR-leadership. Off-hand comments I remember us making:

  • Whoa, this looks like a readers-digest version of Mini-Microsoft.
  • It's amazingly surprising how many people are posting anonymously.
  • That's a lot of comments for the first couple of days, even excluding the duplicate comments.
  • What? Who thinks stack ranking is gone? Eeeenk!
  • Looks like a hit.

And rather sheepishly at the end, looking at the clock on the screen:

  • Uh, how much time did we just waste reading all of these comments?

Mr. Barr over at Proudly Serving provides his point of view of this blog and its conversation vs. the internal blog and the conversation that will happen there. A recent comment on the InsideMS internal blog:

Only one topic post up there, but a huge amount of comments. And I am STUNNED at the candor in the comments. Nobody is pulling any punches. I don't see double posts from here, but I do see similar themes. It's sort of like Mini is shaking a champagne bottle and aiming at the internal blog before popping the cork. Funny stuff.

Re-org Me: a recent comment regarding what's going on in SteveSi's and JonDe's org:

You get what you wished for. A flat and leaner organization in many places. GMs, PUMs and [Directors] all got reassigned (read "demoted") to take on "real world" roles. They were kicked but not fired. Most of the managers stepped down to be a lead or IC. Dev leads turn into tech leads or ICs. [...] You never expect that St***Si will be so determined and insensitive, right?

(Leaving out the bit about me.) Go Steven! You folks in those orgs are undergoing a good bit of change all at once. And dealing with the rumor of a grand RIF coming post Vista (I don't believe it). You know, most PUMs found a position aligned with an appropriate triad. I believe it will all be worked out and everyone will find that they have greater responsibility and impact than before. And a chance to shine. Or not. And I've determined that my favorite phrase-nugget for the month of October is: "get the executives out of the engine room." Yes.

And, to follow-up on Mary Jo Foley's observation: heck, no, I don't want a hierarchy free Microsoft. That would be chaos, followed by Lord of the Flies-esque passive-aggressive tribal warfare. But I and others do want an efficient structure that prevents fiefdoms and allows aligned autonomy with obvious accountability.

And as for Googley envy: I don't think hi-tech toilets will be on myMicrosoft's radar anytime soon. Just look how long it's taking to get friggin' coffee makers put in.

Anonymity: other anonymous goings on:

  • MSFTExtremeMakeover ponders news leading up to the Microsoft quarterly financial report.
  • Collision Domain provides some post-Company Meeting thoughts.
  • Apple gets their own Masked Blogger and the world takes quick notice. Well, the blogitty-blog-blog echo-chamber world takes quick notice. Everyone has their own agenda for blogging, doubly so for anonymous bloggers. Unlike some bloggers out there, I think there's value in anonymity because the message becomes what's important, not the messenger. It's an equalizer. My only advice is to do your damndest to keep the messenger out of the picture, because things here stumble the most when it's about me as Mini vs. the conversation.
  • Both the Unofficial Intel Blog and Intel Perspective blog clarify their position on comments.
  • Doh Symantec has a few posts up looking into Symantec, including the latest on performance reviews. Hmm, Symantec managers, in order to qualify for a great review, need to take a certain amount of training every year. Hmm.

Oh, and mentioning Symantec above makes me think of McAfee and this whole public tantrum breakdown over Vista.

McAfee: listen, you're turning into that wonderfully cool person I dated that went all creepy on me after I got my act together. It's like you liked me more when I had issues and you defined yourself by supporting me when I was troubled and untrustworthy. Now you're all clingy and suffocating me and spreading nasty things around about me. I've reformed myself and moved on. You need to, too.

Or I'm getting a restraining order. As defined by an ever narrowing-API documentation pipe. And that's going to be lose-lose for everyone. Adapt and evolve.

Man, next thing I know you'll probably be loading worms on iPods or something just to get back at me...


39 comments:

Anonymous said...

Mini,
I know this is completely off-topic, but I am thinking about blogging anonymously, too (no, not about work...). How do you ensure anonymity? I was planning to do the following:
Use TOR to browse to an open e-mail provider (gmx or such). Get an e-mail address just for the blog.
I would never access this address via my mail program, no sir. HTML GUI only, and always running TOR when doing so.
Then create a blogger identity using this e-mail address.
I would always use TOR to post, no blogging clients, no traces on the computer.
And, last but not least, I'd use another browser from everyday browsing and reset it afterwards: no cookies, no browser history, nothing in the cache... just before I close it down.

Am I too paranoid? What are you doing (if you can disclose it)?

Anonymous said...

Internal Microsoft Blog is to "Brief Period of Relative Calm and Feeling of Corporate Well Being" as Alcoholic is to:

1.) Promising to only drink on weekends.
2.) Attending an AA meeting with a buddy who still drinks like a fish.
3.) Switching to beer.
4.) All of the above.

The internal blog IMO is in place to discourage free...and I mean "really" free...speech that comes from posters who don't fear losing their jobs and interested outsiders who provide a world view of the camp, its leaders, its Kool-Aid, its followers.

Long live Mini!

Anonymous said...

Ironically though, Mini blogs on Google turf.

Anonymous said...

Mini is already doing this great service. So all Lisa had to do is to start supporting Mini. In the company meeting she should have promoted Mini and promised to read every comment.

Question: What's the best way to keep things anonymous and still weeding out the outsiders from such a blog.

Answer: If you post something anonymously on Mini, you have to solve a CAPTCHA or a HIP. Instead one may ask to solve a MET (microsoft employee test). For an example, just ask a random question from the address book. For an example, what is the last five digits of LisaB's phone number?

Well an inside blog is also a good idea. And as people realize that it can be trusted people would feel free to post on it their most offending concerns. Lisa, note that trust can be built but if broken once can't be rebuilt. So please do not break anybody's anonymity there.

Anonymous said...

Uh yeah - heh. I too spent waaay too long reading through the comments on the new internal blog. I kept thinking I might see a sprinkling of responses by Lisa but when I last checked there were 80+ messages and nothing posted by her. A few posts from her minion about deleting duplicates and how to prevent them (immediately refreshing the page after posting creates duplicate entries? Now that's buggy).

So far it sounds a whoooole lot like Mini, including the periodic "Thank you for doing this, you are fantastic!" Which I guess is good. Lisa can't say that only trolls and external troublemakers post all the comments on Mini. Ummm...not by a long shot, m'am. So let's see some responses so we know you're listening. AND let's hear some action plans to address at least some of the many, many concerns raised.

Anonymous said...

"Ironically though, Mini blogs on Google turf."

Two comments: first, Mini is blogging since 2004; I am not sure blogger was already part of the Google empire then. Second, I think we can trust Google not to help MS at all in the search for Mini, e.g. by determining his IP address...

Anonymous said...

http://www.microsoftmonitor.com/archives/2006/10/when_partner_me_1.html

"With security vendors raising holy hell over Windows Vista PatchGuard and Adobe circling the wagons around PDF, there wouldn't seem to be any other big partners left for Microsoft to compete with. If John Markoff's New York Times story, "Microsoft Looks Within to Design and Test Chips," is to be believed, Intel is next. And, yes, I do believe it."

Anonymous said...

"Mini is already doing this great service. So all Lisa had to do is to start supporting Mini. In the company meeting she should have promoted Mini and promised to read every comment."

She DID say she reads Mini, just doesn't respond, which I think is sincere of her.

Let's not forget, she was most likely embarrassed by the dirty laundry of the review scores and was catching hell from above.

Let's also not forget that "covering up" is done when we are probably, on some level, not proud of our actions. Were Microsoft to behave appropriately in all business situations, they'd make more money and the world would be a better place. Opportunity would abound precluding any grandiose attempt to save the world by throwing money at pet projects.

It's FEAR that drives this company; a constant inward movement towards protection rather than an expansive, open behavior that is "attractive" and embraced by all except the facade managing politico types and their lemming sycophants.

Anonymous said...

Regarding the McAfee thing, it isn't just them. Microsoft wasn't listening and McAfee is a big enough player to be able to pull with some political clout.

There are companies out there that have a business need to hook the kernel and they aren't all spyware, rootkit, or virus producers.

There is an attitude inside Microsoft that you get to pick your market space and force everyone else to play in the sandbox that you leave for them.

I don't work for an anti-virus company. I do work with developers that reverse engineer lots of of your undocumented internal-only APIs. Just one of our features requires us to hook winlogon and suck out the credentials so we can use them for an extra authentication check. Our business depends on it.

McAfee might have used the wrong techniques. We don't have their money or clout so we have already reverse engineered your API changed and hacked our way around most of your new protections.

Anonymous said...

I, for one, am willing to give a big "hip hip hooray" to the powers that be at Microsoft for introducing a reportedly anonymous internal blog for employees to vent, confess, report, testify, and promote. And, hats off to LisaB who no doubtedly talked them into it. This is an asynchronous conversation between management and the employees likely read by HR Recruiters who are likely waiting for their candidate interview loops to finish. There is no guarantee of anonymity nor is there any commitment to investigate or change based on what is learned from the blog. So, this member of the Department of Redundancy Department says, what's the benefit over Mini's blog that does have street cred for effecting change? I typed it in every MS Poll and I will type it here, Microsoft needs an Ombudsman department...a real person with real resources to look into real situations of incompetence and abuse.

I am incredulous at the changes of late and applaud them. Had some of them happened earlier, my career there would have been radically different and I'd be using my graduate education that Microsoft paid for at Microsoft instead of elsewhere. The blog is a nice touch. Fingers crossed for more real change.

Anonymous said...

CSG to FTE quality bar check:

Most of my friends agree that the hiring bar has been significantly lowered, among the wave a huge number of csg to fte conversions. The so called loops for these conversions are for show only.

How about ms adopt a policy that for a csg to be hired as an employee, he/she will need to go through a hiring loop with nobody from the same team/division the csg contracts with? So that the hiring decision is independent of the hiring manager/team.

That way we can maintain the hiring bar and hire for "Microsoft".

Anonymous said...

Most of my friends agree that the hiring bar has been significantly lowered

Tell me about it. Lowered and dismantled to the point where the head of our org - get this - has his doofus relative working in our group. And yes it was 'cleared' by our 'HR' (the hr rep has changed like every year and hasn't done anything useful ever imo)

People talk about it in hush tones around the cooler but are otherwise scared to bring this up.

Anonymous said...

Re: Quality issues with CSG to FTE conversions...

I think this is misplaced blame. Overall, the quality bar has been lowered. This has nothing to do with CSGs. In general, its just hard to find high caliber people in the numbers need to fill all the open heads.

CSGs were converted left & right back in the glorious, booming 90's and no one complained about the "lowered bar". Conversion has always been one of the main routes to blue badge status at MS. Lots of the blue badges you hold in esteem started as CSGs.

Ihar Filipau said...

"""How about ms adopt a policy that for a csg to be hired as an employee, he/she will need to go through a hiring loop with nobody from the same team/division the csg contracts with? So that the hiring decision is independent of the hiring manager/team."""

That's really bad idea. Often managers pick out of newcomers stream a person they want to improve their team. Not "best guy" but "best fit for job guy".

Also, how can you rely on others for picking people for you? (Non MSFT stuff follows). Can e.g. system development department depend on e.g. application development dept for the job? How can application developers know all tidbits of system development?

I personally turned down not one offer just because I wasn't impressed (or even disappointed) with people who interviewed me. If I as system developer come to company and being interviewed by application or test developers/managers - I might take it (i) insult or (ii) fact that I have misunderstood what job I'm applying to or (iii) people have misunderstood what job I've applied to.

Anonymous said...

"So, this member of the Department of Redundancy Department says, what's the benefit over Mini's blog that does have street cred for effecting change? I typed it in every MS Poll and I will type it here, Microsoft needs an Ombudsman department...a real person with real resources to look into real situations of incompetence and abuse."

"Here, here" on the Ombudsman theme! Touted it myself, a while back, without hearing it from you. Gee, if two people say it...it must be right! I wish.

Let's see, what would it mean? Essentially, arbitration when things got sticky. Employees could petition the Ombudsman for fair handling of departmental issues.

But wait, what about that mean old manager; you know, the one who has the power to stop you in your tracks should you interview internally. Isn't this the same case? Ombudsman or internal interview; what's the diff?

Not much, IMO. So, the problem lies with the manager and all managers in Microsoft who are given that same power.

So, once again, dear hearts, it all point back to where the buck stops: BillG, SteveB, or one of those "world traveling good will junket takers".

And so, it gets down to this: "Physician, heal thyself." What are the chances of that happening? Ohhhh, gloomy Monday, go away!

Anonymous said...

"Tell me about it. Lowered and dismantled to the point where the head of our org - get this - has his doofus relative working in our group. And yes it was 'cleared' by our 'HR'"

I wonder if that means the PM and Relative split the $1000 referral reward.

Anonymous said...

Anybody notice Ballmer's comments in Europe on our R&D expense going to 7+ Billion. Wonder what bomb they are going to drop later this week? We are still recovering from their last bobo on the 2 bil. spending increase. I hope we learned our lesson from that.

Anonymous said...

"Most of my friends agree that the hiring bar has been significantly lowered"

Did you change groups recently? Hiring bars vary widely across divisions and even among groups within the same division. So do job levels, role definitions and expectations. In this situation, HR tries very hard to maintain the illusion of a single job market...everyone needs job security.

Anonymous said...

Adam Bar: "She explained that the goal was to take the discussion that currently takes place on Mini-Microsoft, and move it inside Microsoft so outsiders can't see it (she didn't explain it in quite those words, but that was the subtext of what she actually said)."

Private? But anything really interesting that gets said there is sure to be copied and pasted to someplace public, like Mini.

Anonymous said...

Re-org Me: a recent comment regarding what's going on in SteveSi's and JonDe's org: "...You know, most PUMs found a position aligned with an appropriate triad. I believe it will all be worked out and everyone will find that they have greater responsibility and impact than before..."

Mini, are you smoking? We all become our own mini-me. PUM is mini-PUM, GM is mini-GM, i.e. LPM or GPM. But I don't think you can firmly say "most" of the PUM that has aligned with an appropriate triad. Only very few of them. In Windows Live or WEX, many GMs and PUMs left the organization completely because they don't want to willingly accept the Lead PM role. Is that what you honestly meant by working? People take on the group manager (GPM, DN, TM) positions are "dutifully appointed." Will they be able to lead the team with their current performance? That is uncertain. Sorry, they haven't established their credibility yet.

Office re-org is also underway. I guess we have created the greatest opportunity for internal transfer after we ship Vista and Office 2007. Any taker?

Anonymous said...

That's really bad idea. Often managers pick out of newcomers stream a person they want to improve their team. Not "best guy" but "best fit for job guy".

This is mispractice. Hire for Microsoft, not just for your team.

Anonymous said...

I guess we have created the greatest opportunity for internal transfer after we ship Vista and Office 2007. Any taker?

Are you kidding?? There are hardly any jobs posted up on the career website and from what I hear, there is a company wide freeze going on.

Anonymous said...

is there really a hiring freeze going on?

Anonymous said...

There are companies out there that have a business need to hook the kernel and they aren't all spyware, rootkit, or virus producers.

So, we compromise our security because other people make money trying to improve our security?

Like hell.

If your business model is parasitical you better live with the fact that it might go away.

Anonymous said...

>>is there really a hiring freeze going on?

I received this in an email last week (I'm not a softie):

xxxxx:

I need your help! I am a Recruiter @ Microsoft and I would like to tap into your network.

What's in it for you? How about $1,000.00 for any referral that we hire into either of these 2 open positions? The positions are a Mixed Signal Engineer and an Electrical Engineer) which are located at our Silicon Valley campus and would be working with the Xbox 360 team, a significant part of Microsoft's Entertainment & Devices business.

xxxxx, it is our mission is to inform you about careers in Hardware at Microsoft's Entertainment & Devices Division, while at the same time thanking you with cash for helping us with referrals. We have identified you as an active member of this community either by professional association membership, through industry publications and/ or related public information sources.

If you can help us out, we have a special "thank you" for successful referrals. We are teaming with a company, www.H3.com to offer a referral reward bonus for a successful hire. The total reward for this position is $1,000.00 to be split among the referral chain (Please note that instead of receiving cash, the referral reward bonus can be donated in your name to your favorite charity).

Here's what you do get started:

Doesn't look like a freeze to me. BTW. my only association with Microsoft if you can call it that is that I post here often, but anonymously.

Anonymous said...

"So, we compromise our security because other people make money trying to improve our security?

Like hell.

If your business model is parasitical you better live with the fact that it might go away."

Above is one of the more amazing posts I have noted on Mini. What does it say about Microsoft? Lets see, to paraphrase, it says:

"We're so arrogant, we are sure we can take care of all the security problems with Microsoft software ourselves, even though others had to do it (to our benefit) for more than 25 years."

"Stupid partners."

"Anybody who ports a product that makes money that works on a Microsoft operating system is a parasite, and sooner or later they will be put out of business by us."

Somewhere along the way, you guys kind of lost your way and seem to have forgotten that which brung ya, i.e., your customers and your partners. Good luck, you will certainly need it.

Anonymous said...

About McAfee:
It's like you liked me more when I had issues and you defined yourself by supporting me when I was troubled and untrustworthy. Now you're all clingy and suffocating me and spreading nasty things around about me. I've reformed myself and moved on. You need to, too.
LOL.
Of course they are clinging. Plugging the security holes in Windows is their main (only?) source of income.
So even the appearance of Microsoft shaping up is a threat to them. And if Windows actually gets secure enough to make do without third party security software, they are doomed.
Not that I'd miss them, their software causes its own share of problems...

Anonymous said...

"If your business model is parasitical you better live with the fact that it might go away."

Like making sure that almost no one can buy a PC from a well-known brand without having to buy Windows as well?

Anonymous said...

I'm of two minds on the "access to the kernel" thing.

First, if Microsoft takes security seriously, that's good. If it takes security seriously enough that it will step on some toes rather than break security, that's good. Security should be taken that seriously.

On the other hand, Microsoft is destroying the safety net. Now if there's a security issue, there's going to be only one place to point the finger - Microsoft. They won't be able to say, "You should have kept your anti-virus software up to date." That's going to be a pretty heavy responsibility. Is Microsoft really ready for it?

Let's be clear here. In the current climate, Microsoft is potentially looking at lawsuits for security breaches. It's that serious. Symantec and McAfee have, in my opinion, made that less likely so far, because "everybody knows" you need to run such a package to keep your PC safe. But now Microsoft is going to have full liability.

The "destroying an ecosystem" thing is, to me, less of an issue. I mean, TCP used to be an add-on package to Windows. Is there anyone who seriously thinks that it still should be? No. The OS progresses, and add-on tools become no longer needed. (But new, different add-ons are then needed.)

But the "destroy your partners" theme gets a lot of play because of Microsoft behavior that is much less "improving the OS" and much more clearly "trying to own every dollar spent on software by everyone on the planet". This (the anti-virus stuff) isn't an instance of that behavior, but the behavior is both real and malignant.

MSS

Anonymous said...

>So what you're saying, is that you're against the whole "create an ecosystem" thing that Microsoft implemented since its inception.

No, he's saying that if you take off the cover with the bright stickers that says "NO USER SERVICEABLE PARTS INSIDE!" and "Product warranty is voided if seal is broken!", you shouldn't be expecting much help or sympathy from the manufacturer if you go mucking about inside.

Mucking directly with the unexposed internals of a program isn't supported by anybody. I would have thought that this would be blatantly obvious.

Anonymous said...

"If your business model is parasitical you better live with the fact that it might go away."

Speaking on behalf of a highly successful parasite, I sincerely hope that your attitude is no longer in any way representative of that of responsible Microsoft management.

In any event, fuck you too.

Anonymous said...

Since the Symantec/McAfee/ABM astroturf is getting a little weedy, let me chime in with a non-Microsoft, regular customer view.

Those companies ARE parasites from my point of view. Their products are resource hogs, interact with the desktop in an insecure way, and frequently don't work (q.v. new exploits that make it past their "shields"). I have always thought it was Microsoft's responsibility to handle security, not a third party's, so I applaud their attempt to nail down Vista (whether it works or not). This is so far from "arrogant" that I tend to assume bad faith on the people here making that claim. What it is is overdue.

The whining is pathetic from a customer point of view. Symantec/McAfee can't exist in an OS "ecosystem" that isn't heavily targeted by successful viruses and worms (see also OS X). And they know it. So now they're fudding the new network stack and the kernel security. I suspect their customers can see right through their meritless arguments.

Another view:

Many people in the IT industry and computer users in general are sick and tired of Antivirus companies and you can tell that by the abundant negative feedback we get whenever the subject of Symantec and McAfee come up.

http://blogs.zdnet.com/Ou/?p=343'

Hear, hear!

Anonymous said...

>> Why would any company in their right mind
>> willingly partner with a company that could
>> be its competitor tomorrow?

Happens all the time, and not only with Microsoft. The most recent examples are disk burning (Roxio), plays for sure (everyone but Apple) and this whole antivirus thing.

The writing was on the wall for a LONG time, pretty much since Microsoft bought its own anti malware and antivirus companies. In this case, though, having this stuff in Windows is completely justified.

However:
a. Microsoft should not charge for it. It's like Toyota charged you extra for wheels not falling off the car while you're driving.
b. It should provide open APIs to replace it. If we don't - expect a bunch of lawsuits.

Anonymous said...

>>"And if Windows actually gets secure enough to make do without third party security software, they are doomed."

Let me take a stab at a flawed strategy that seems apparent from the outside: Alchin hires Mark Russinovich of Sysinternals as a top tier partner, fellow at Microsoft. Big whup de whup there. Mark's draw? Low level kernal manipulations and coder: the key holder to OS DNA is a requirement for Microsoft to be able to master security. Period.

Prior to that Mark's great program for semi-intelligent security freaks (Root Kit Revealer) catches Symantec, like Sony with its pants down in a root kit subterfuge. Symantec, bad bad boy. Microsoft gets paranoid thinking perhaps it gave away too much milk to its security partners. What to do. Cut the buggers off, what any normal sane schitzo-paranoid would do.

So what to do? First, Symantec started with Norton and Norton was not originally an anti virus company since viuses were not even know when he first developed some of his OS tools.

I use ESET, not Symantec or McAffee or Microsoft. I intend to continue that and will not load Defender on my system. Bottom line is if Microsoft tries to block security companies from the puddle, the fact is someone will get through the MS secure systems because to coin a phrase, it "takes a village" to manage security. Nothing Microsoft can or ever will do can protect us from lurking deviants, therefore, the calculation of keeping the `competition' out of the game will backfire on Microsoft security strategists one way or another.

My recommendation is everybody relax, let the dice tumble and watch as Microsoft scrambles to try to patch its Holy-Code, I mean holey-code on a daily basis.

BTW, Mark, you need to sell us a root kit revealer that works a little better: like allowing us to delete suspect rootkit files on the fly as identified accurately (not possibly like it is now).

Anonymous said...

Regarding reduced loops for CSG conversion to FTE - I generally was looped for the original interview for the CSG spot. I didn't cut any corners in my interview just because it was CSG - they got the same level of grill I give everyone (which varies depending on my feel for their talents). Three of the best interview candidates that I saw were for CSG spots. All were later converted and I didn't feel bad about a, "reduced loop." These guys could think and code under great stress in the interview, and did well in day-to-day work as CSG. In contrast, nearly all of the straight FTE candidates sent to us from HR got the No Hire recommendation from me.

Note: as part of truth in anonymous blogging, I no longer work at MS, but I spent 6 years there starting in 1999.

Anonymous said...

Ombudsman, lol - what you need is a union. Personally, I always thought it would be fun to be a teamster. That way we could strike and shutdown shipping software boxes as well.

Anonymous said...

I guess we have created the greatest opportunity for internal transfer after we ship Vista and Office 2007. Any taker?

Are you kidding?? There are hardly any jobs posted up on the career website and from what I hear, there is a company wide freeze going on.

My friend, of course I am joking. 2006 X'mas will be the darkest time for many people. I start to see my mini-me. I rekon I will skip the Vista party and Chrismas party (if there is any).

I don't know which Chrismas party I should go now. New org or the old one... Well, should be the new org.

Anonymous said...

I completely applaud a secure kernel, and I also need to get in there and do things at the kernel level.

Force me to go through full rigor and secure development practices, feel free to put my name up on the bluescreen if I cause a crash, just sell me a license to sign my code such that I can put it into the kernel.

Anti-virus, anti-spyware, and anti-rootkit aren't the only legitimate products that have a need to hook the kernel. If you think about it for a while, there are a lot of security add-ons that by definition need to be in kernel space and need to interact with kernel pieces.

Anyone remember when Dr Watson was added, how many signed drivers there were, how many drivers microsoft previously knew about and how many drivers ended up being reported back through Dr Watson? There was a nice factor of 10 in there.

Windows isn't a Sony Walkman, it is a lego mindstorms and you are trying to keep people from plugging other wires into the microcontroller.

Anonymous said...

Regarding the kernel issue:

I work at another major organization. Our unique requirements to implement and monitor computer activity requires products (that exist today) that have to hook into the kernel to provide the level of control necessary to assure regulatory and internal policy compliance.

These products are used by many other Fortune 500 companies.

No Kernel access for these key vendors, no Microsoft. It's not just about fixing any MS security problems, or McAfee and Symantec--but rather about enabling value-added third parties to, well, add value.