Economist claims Microsoft sanction would punish consumers
Posted by UKer on 09 May 2002 - 10:19 · 11 comments & 42 views
About the Author
Full name: Unknown
Forum name: UKer
Contact: via forum PM
Submissions: Normal · Headline
Full name: Unknown
Forum name: UKer
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google
This is obviously the impression Microsoft wants to give, but can it be proven or is this an example of a witness primed to show the judge that Microsoft would suffer, as the last economist who testified is suspected of being? The professor stated in a written testimony to the judge presiding over the case, Colleen Kollar-Kotelly, that the sanctions already imposed on Microsoft were sufficient and there is no need for further sanctions which would constitute a “regulatory regime”.
The states are pushing this case as they feel the previous settlement was unsatisfactory and full of “loopholes”. As mentioned in a previous Neowin article the states wish to demonstrate and attempt to impose the creation of a modular Windows amongst other things but Elzinga states the sanctions “will cause prices to rise, output to fall, innovation to slow, (and) quality to erode”.
This is the second economist to testify after the previous one, Kevin Murphy, admitted links to Microsoft as it was shown that they helped fund his research. In the judges eyes this must seem a second attempt, which isn’t always the best impression to give in a court. The hearing could be coming to a conclusion next week, and consumers now must feel this case is involving them more as the impact of the sanctions is beginning to come to light. This has truly been a long eight weeks for Microsoft and now those following the case will be waiting with anticipation for an outcome.
The Redmond, Wash.-based software maker issued a critical security bulletin to users advising them to upgrade by visiting an MSN Chat site and downloading an upgraded new chat control, or by upgrading on the site to the latest version of MSN Messenger or Exchange Instant Messenger.
The chat control feature is not automatically included in Windows Messenger, which is installed with the XP version of Windows, Microsoft's flagship operating system.
The company was aware of no user who had been hacked via the flaw, Microsoft Security Program Manager Christopher Budd said, though he cautioned users not to be complacent about downloading the upgrades.
MSN Messenger has some 46 million users, but the chat control is automatically included only in the two latest versions, 4.5 and 4.6, Budd said.
He said the company had been informed of the flaw by a security firm about a month ago but did not disclose it until late Wednesday because it was developing the fixes or "patches" for customers to download.
Version 4.5 was released in October 2001 and version 4.6 was released two months later.
"Software always will have flaws," Budd said. "We always do our best to ensure we do not have flaws or vulnerabilities, but while we strive for perfection, we know we're not always going to achieve perfection."
Last month, the company released a new plan, called "Trustworthy Computing," whose goal is to fix security flaws in its Web server software, the most serious of which could let a hacker take over someone else's server. The plan followed a series of embarrassing security flaws and growing criticism that the software giant had been ignoring the flaws for too long.
Microsoft said the newest vulnerability was caused by what is known as a "buffer overflow problem." Hackers could use the problem to run their own malicious commands in a user's computer.
Buffer overflows occur when software is programmed to accept information but not given the ability to validate or limit it. That allows hackers to send commands that an operating system is not expecting but that end up in a computer's memory and are executed.
In February, Microsoft warned of an unrelated flaw in MSN Messenger that could allow a hacker to gain access to screen names and e-mail addresses.