Bad Managers - The Rumour Mill

30 September 2001, 12:43 GMT

MS promises that this time they "totally get Internet security".

After a recent Gartner Group report that slammed Microsoft's IIS webserver, calling it "Full of more holes than a piece of Swiss cheese that's had even more holes sort of poked into it", and recommending enterprises to "dump this sack of shit and go with something that's worth more to your company than a pensioner's bus pass that's already expired", Microsoft have been quick to react.

"We think IIS is quite secure actually," an MS spokeswoman announced prissily, yesterday.

She grimaced for a moment, then added: "Well, having said that, we are still going to dump it and start over with a brand new codebase. Although brand new, this new codebase will still be based on large fragments of existing IIS code, but I'm sure the result won't be a hacked-about piece of tossed spaghetti that's fragile, prone to crashing and even more vulnerable to insidious attacks than its predecessor."

"Lawks, this is a mighty pickle and no mistake"

Worried that this situation might cause shareholders to have problems keeping their power-breakfasts down, MS CEO Steve Ballmer announced that the revamp would not just involve IIS, but would in fact be "a major drive towards future security for all of us, and for our children, bless them, who must be protected from all the nasty IIS crackers out there."

Mr Ballmer, growing more excited by the second, added effusively: "In fact this rewrite will be the first step in a major revamp of all our security policies, and may involve a significant rewrite of the Internet."

He went on to explain that most websites, FTP sites and newsgroups would need to be "completely rewritten from the ground up, including all their content. Above all else, we need to make sure the content is secure."

"Wherein I say unto thee, that there shall be no flaws, no holes, nothing that shalt be exploited, or may the Wrathful Baby Jesus strike me dead this instant!"

"Of course," he added, "this does mean that we will need everyone who has ever written a newsgroup posting ever, to repost a paraphrased version of all their messages. To ease this process, we shall endeavour to personally moderate every single message that gets posted, and assign each one a unique digital signature to prove that it has been approved by us as being secure content. In particular, the content must not disparage Microsoft in any way. If it does, then it's not secure, and cannot be verified."

He paused, coughed uncomfortably, and added: "Hopefully this won't take too long, but we see this as being vital for the future security of the Internet. And we hope that in taking the initiative with this drastic move, we can prove to the tech community that Microsoft genuinely understands security and all the issues that surround it."

As Mr Ballmer gave this announcement, the press-conference room was blanketed by an uncomfortable silence and hesitant shuffling of feet.

Elsewhere - Related Sites and Stories:

The Register: Ditch MS IIS Now, Says Gartner

Slashdot: MS Frontpage Restricts Free Speech