Software flaws will cost users dear

Industry opinion is split on whether Microsoft's Trustworthy Computing initiative will improve software integrity, with analyst Gartner predicting that security flaws will cost users money for years to come.

Trustworthy Computing was subject to debate at the Gartner IT Security Summit held in London this week, with some commentators won over by Microsoft's efforts to make its products free of security flaws, and others sceptical that its aims could ever be achieved.

Gartner analyst John Pescatore believed that the Trustworthy Computing initiative would succeed.

He maintained that by 2005, Microsoft's server operating system software would be more secure than the industry norm.

"Microsoft will succeed," said Pescatore. "When Microsoft decides to do something it usually gets it right."

But the analyst warned that it would be five years before Microsoft's desktop operating systems were trustworthy.

Meanwhile, users would still have to spend an average of $100 per desktop on specialist security software to protect their computing environments.

The advice is to combine different kinds of antivirus and firewall applications, rather than risk using products from just one vendor.

Steven Adler, senior security strategist at Microsoft Europe, outlined the software giant's plans to make its software as secure and reliable as using a telephone.

The company's software update services were "a bit of a mess", he admitted, but Microsoft is working on simplifying the process.

But there was doubt at the conference that software would ever be free of security flaws.

Simon Perry, vice president of security strategies at Computer Associates (CA), said that users are fed up with vulnerable software. But he indicated that it is unlikely these fears would be allayed.

"It's never going to be perfect, either inside CA or across the industry," he explained, adding that CA had let product shipment dates slip in order to fix security flaws.