Question: Hackers and Security

What is Microsoft doing to promote more spending among its customers and partners on security and identity-management technologies? Second, what is your personal position on hackers who, to a certain extent, represent some degree of innovation?

Ballmer's Answer: Ha! Let me answer the first question first. I would tell Rajneesh to stand by for news. We're going to have to really ratchet up our game in terms of working with our customers and our partners to work with our customers around security. It's not just enough to keep improving the products, and we probably need to change some of the ways we've even been thinking about improving the products. But over the next few weeks, months, there will be an interesting set of things we do to help educate our customers on security and put our partners in a position to help our customers with their security needs. That is job one on a day-to-day basis on my radar, on [group vice president of Microsoft's platforms group] Jim Allchin's radar, on Bill Gates' radar, etc. In terms of the second question, there's no innovation in hackers. Nobody should be confused. It's not like [hackers have] done anything particularly original or creative. Hackers are criminals. Hackers are people who are causing hundreds of millions, billions of dollars in damage. They are not showing that they are all that smart, creative [or] clever. Most of the hackers actually attack after the patch is already available. They use the patch to reverse-engineer the vulnerability, frankly. That's not what this is about. You know, if somebody came and blew up [a] building in the middle of the night when nobody was inside, you would think that was a serious crime. Yet the amount of damage that has been done by hackers in dollar value far exceeds that malicious act. And there's no way to look at these people as anything other than what they are: malicious people who are violating the laws.

Shetty's Response: Steve's response seems to signal a S.I.P. or what Andy Groves in his book Only the Paranoid Survive calls a Strategic Inflection Point for Microsoft. I'm glad he feels the way he does about hackers and must be familiar with IPv6 and tunneling technologies available commercially as well. Please note that if Steve helps reinforce the marketplace's perception of Microsoft products' vulnerability to hackers, it shows there are gaps to be plugged product developmentwise and contradicts Microsoft's current marketing theme to an extent, raising ethical issues like he has rightly pointed out. This would be Microsoft's biggest challenge today, and something they need to look at closely.

Question: GPL Software

If Linus Torvalds applied for a job at Microsoft, would you hire him?
--Daniel Bowers, product marketing, national PC computer maker

Ballmer's Answer: Seems like a smart guy. Sure, why not? I mean, we wouldn't let him bring any software with him. And I don't mean that in a negative sense. We sell software. And it's important that our software be our software, that we protect our intellectual property and that we own our intellectual property. And we're very careful about making sure that no GPL software comes into Microsoft, because if it comes in, the probability [is] that other software we want to sell at a positive price would also become GPL-licensed. It's the way GPL works. So, [Linux creator Torvalds] seems like a bright, smart guy. Why wouldn't we hire a bright, smart guy? We always would. On the other hand, when we buy companies, we are very careful to make sure that they don't have code that has GPL software intermingled with it so that we can continue to protect our intellectual property, which is important if we're going to run a business that's supposed to bring in revenue and profit.