IDG News Service
July 11, 2006
Microsoft plans to give a hacker conference in Asia an inside look at new
security features on Windows Vista later this year, the organizer of the
event said today.
The company's commitment to show off Vista to the hacker and security
community is part of a long-term trend aimed at gaining greater feedback
from users prior to product debuts. More and more software and hardware
vendors are trying to weed out vulnerabilities before products go to
market, and they often turn to the underground and above ground security
community for advice.
"Companies know that fixing vulnerabilities in already released products
is always going to be much more expensive than finding and squashing them
during the development stage," said Dhillon Andrew Kannabhiran, organizer
of the 6th annual Hack In The Box deep knowledge security conference
(HITBSecConf2006) set for Kuala Lumpur, Malaysia in September.
"At the end of the day it also doesn't help an organization's image when
critical bugs are found which could have been trivially fixed from the
start," he added.
The Hack In The Box conference will host two speakers from Microsoft.
The first, Dave Tamasi, a lead security program manager at Microsoft, will
give a presentation on security engineering in Vista. The talk will
include a discussion about features suggested by hackers and other
security conscious members of the computing community, in addition to
security improvements made on Vista.
The second speaker, Douglas MacIver, a penetration engineer at Microsoft,
will review Vista's BitLocker Drive Encryption and the company's analysis
of threats and attempts to penetrate the security feature.
BitLocker Drive Encryption is a data protection feature in Windows Vista
aimed at securing data on lost or stolen computing devices. It's available
in Windows Vista Enterprise and Ultimate for client computers and Windows
Server "Longhorn." The software works by preventing an intruder or thief
from running a software hacking tool to break Windows Vista files and
system protections, or viewing files stored on the protected files when
the computer is offline.
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.