[14296] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Dan Geer Fired (was re: Technology Firm With Ties to Microsoft

daemon@ATHENA.MIT.EDU (R. A. Hettinga)
Fri Sep 26 16:39:20 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 26 Sep 2003 12:53:10 -0400
To: Clippable <rahettinga@earthlink.net>
From: "R. A. Hettinga" <rah@shipwright.com>
Cc: cryptography@metzdowd.com, cypherpunks@lne.com, e$@vmeng.com,
	mac_crypto@vmeng.com, net_thinkers@vmeng.com

<http://info.mgnetwork.com/printthispage.cgi?url=http%3A//ap.tbo.com/ap/breaking/MGASNQR81LD.html&oaspagename=www.tbo.com/ap/story.htm&image=tbologo80x60.jpg>

Sep 25, 2003

Technology Firm With Ties to Microsoft Fires Executive Over Criticism
By Ted Bridis
The Associated Press

WASHINGTON (AP) - The chief technology officer for a technology firm that
works closely with Microsoft Corp. lost his job after he helped write a
study critical of the insecurity of Microsoft software.

Daniel E. Geer Jr., an expert with nearly three decades studying technology
and computer security, learned Thursday he was no longer employed by
AtStake Inc. of Cambridge, Mass.

AtStake declined to say whether Geer resigned or was fired. Spokeswoman
Lona Therrien said Microsoft did not call for Geer's dismissal, which
AtStake said was effective two days ago. Microsoft also said it was not
involved in the decision.

But critics said Geer's firing was reflective of Microsoft's far-reaching
ability in Washington and across the technology industry to silence experts
who complain about weaknesses in its software or its aggressive business
practices. The Justice Department struggled years ago to find technology
executives willing to testify against Microsoft in its antitrust trial.

Geer could not be reached immediately for comment, but one person familiar
with Geer's situation said he was fired in a call Thursday morning from
AtStake executives.

AtStake has worked closely with Microsoft in the past, examining some of
its software blueprints for security problems and providing consulting
services.

AtStake's announcement came one day after Geer and six other experts
published a report complaining that the U.S. government relies too heavily
on software from Microsoft. It argued that the widespread dominance of
Windows has created an unhealthy "monoculture" inadequately resistant to
viruses and attacks by hackers.

Geer was identified Wednesday in a conference call with journalists as
AtStake's technology officer and the lead author of the report, which was
funded by the Washington-based Computer and Communications Industry
Association, a trade group whose members include some of Microsoft's
biggest corporate rivals.

"The values and opinions of the report are not in line with AtStake's
views," the company said in a statement. It said Geer's participation
working on the report was "not sanctioned."

"Security is much more complicated than focusing on this one issue," said
Chris Wysopal, AtStake's director of research and development. "We think
the way the (CCIA) paper is positioned ... is just not the answer."

Wysopal said experts within AtStake debate about security issues internally
but that Geer represented his views as the company's consensus. "We value
diversity of opinions here," Wysopal said.

Bruce Schneier, the chief technology officer for Counterpane Systems Inc.,
worked with Geer on the report. He said security experts contacted to help
work on the report critical of Microsoft indicated their support but
couldn't participate publicly.

"There is a huge chilling effect based on Microsoft's monopoly position,"
Schneier said. "It's unfortunate that AtStake put its private agenda ahead
of intellectual integrity."

The CCIA trade group also ran into trouble Thursday when it sought to send
a paid announcement about its critical Microsoft report to 140,000
subscribers of popular trade magazines for chief security officers and
chief information officers.

The publisher for CIO and CSO magazines, CXO Media Inc., offers such
announcements "to target a specific market segment of our audience by
designing a list of prospects for direct mail and e-mail purposes."

But in this case, the subject was too touchy.

"We find it is too sensitive of material to send out. I'm sorry to be the
bearer of bad news, but I have to deny your request," according to an
e-mail from the publisher obtained by The Associated Press.

"We need to try to provide some balance on these issues, and this seemed a
little one-sided," CXO spokeswoman Karen Fogerty said.

---

On the Net:

AtStake Inc.: www.atstake.com

Microsoft Corp. www.microsoft.com

CXO Media Inc.: www.cio.com

CCIA: www.ccianet.org

AP-ES-09-25-03 1629EDT

This story can be found at: http://ap.tbo.com/ap/breaking/MGASNQR81LD.html


-- 
-----------------
R. A. Hettinga <mailto: rah@ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post