MS & Security are probably an oxymoron but work asked me to attend.

Some observations from the event ......

MS claim that 5000 people have registerd around Australia. It is an all day event split into two streams IT professionals & IT developers. They had flown in iternational MS 'showmen' (Steve Riley was the performer we got) to talk up MS security efforts since Bill said security was a priority.

We were given coffee in the morning & afternoon & a 'free lunch'. The event was held at Sydney's main convention centre not cheap - but is regularly used by MS). Seems to me they are spending a hell of a *lot* of money trying to improve their badly dented (non-existant) security image.

The message that came thru as far as I could see was that MS are *not* really doing anything radically new re security just spending large sums of money trying to convince us they are.

As an example they cited the fact that in 18 months Win2000 had 38 security 'reports' (their definition) but Win2003 in a similar timeframe only had 9. What they didn't explain was how many companies had deployed Win2000 vs Win2003 (as far as I can tell, few companies have put 2003 in here in Australia) thus the figures look like classic MS distortion (give us any statistic & we can make it look great).

Anyway, as said AFAICT they are merely trying to paper over the real problem (lack of an decent architecture) in addressing security.

Doug M