Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Microsoft CEO Bill Gates kicked off the annual RSA Conference on information security in San Jose this week with a call for a simpler approach to making computers more secure. His big-picture vision: the entire computing industry working together to fashion a “true ecosystem” of security, as businesses continue facing cyberattacks.

Although the solutions for data security won’t be foolproof, experts agree, they believe that hardware, software, and networks can be made much safer by creating a multilayered solution. At least, that’s the argument Gates and others made to an estimated 14,000 conference attendees – from software developers and cryptographers to hackers and lawyers.

Gates’ most radical solution is replacing password protections, often too easily defeated by phishing and other forms of low-tech hacking, with an InfoCard, a digital identity that can be stored in the microchip of a smart card and used to access password-protected websites.

Of course Microsoft has a keen interest in promoting more secure computing environments, since its operating systems are routinely the target of virus attacks. The InfoCard is one of many new security features supported by Internet Explorer 7 and Vista, the latest incarnation of Microsoft’s ubiquitous operating system (see “A Window into Vista”). Gates noted, however, that the shift away from passwords would likely take as long as four years because it requires the collaboration of numerous vendors.

While the InfoCard technology should be useful for personal data security, large institutions, such as banks, are looking at large-scale defenses to tackle Internet scams. Art Coviello, CEO of RSA Security International, discussed his company’s network-based solution, which he dubbed “community policing.” By using the very networks that hackers exploit, he says, companies can fight fraud and cybercrime at different nodes, instead of in isolation. For instance, if a cybercriminal in a third-world country exploits a stolen credit card number, then tries to hide behind a proxy server in New York, RSA’s system quickly blacklists that New York IP address and immediately notifies banks and other organizations.

In addition to software and network defenses proposed by Microsoft and RSA, Scott McNealy, CEO of Sun Microsystems, addressed the steps his company has taken to ensure that computer hardware in servers and data centers is as secure as possible. Sun has built computer processors that support a form of encryption called “elliptical curve” cryptography (ECC), a standard approved by the National Security Agency. ECC uses a smaller “key” – the collection of bits used to encrypt and decrypt a message – than traditional cryptographic methods, and is therefore ideal for not only computers, but also small devices such as cell phones and even sensors.

3 comments. Share your thoughts »

Tagged: Computing

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me